From b5dce3f6aa90cfbcb054aba39f517766d0fcff0a Mon Sep 17 00:00:00 2001 From: root Date: Sun, 19 Jan 2025 22:11:32 +0000 Subject: [PATCH 1/3] Fixing crond issues #945 and #965 --- Dockerfile | 22 ++++------------------ back/cron_script.sh | 5 +++-- dockerfiles/init.sh | 4 ---- dockerfiles/start.sh | 11 +++++++++-- install/crontab | 3 --- install/freebox_certificate.pem | 14 ++++++++++++++ 6 files changed, 30 insertions(+), 29 deletions(-) create mode 100644 install/freebox_certificate.pem diff --git a/Dockerfile b/Dockerfile index 76a9fa13..264b7537 100755 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,7 @@ ARG INSTALL_DIR=/app ENV PYTHONUNBUFFERED=1 # Install build dependencies -RUN apk add --no-cache bash python3 python3-dev gcc musl-dev libffi-dev openssl-dev git\ +RUN apk add --no-cache bash python3 python3-dev gcc musl-dev libffi-dev openssl-dev git \ && python -m venv /opt/venv # Enable venv @@ -20,20 +20,7 @@ RUN pip install openwrt-luci-rpc asusrouter asyncio aiohttp graphene flask netif && bash -c "find ${INSTALL_DIR} -type f \( -name '*.sh' -o -name '*.py' -o -name 'speedtest-cli' \) -exec chmod 750 {} \;" # Append Iliadbox certificate to aiofreepybox -RUN printf "\n-----BEGIN CERTIFICATE-----\n\ -MIICOjCCAcCgAwIBAgIUI0Tu7zsrBJACQIZgLMJobtbdNn4wCgYIKoZIzj0EAwIw\n\ -TDELMAkGA1UEBhMCSVQxDjAMBgNVBAgMBUl0YWx5MQ4wDAYDVQQKDAVJbGlhZDEd\n\ -MBsGA1UEAwwUSWxpYWRib3ggRUNDIFJvb3QgQ0EwHhcNMjAxMTI3MDkzODEzWhcN\n\ -NDAxMTIyMDkzODEzWjBMMQswCQYDVQQGEwJJVDEOMAwGA1UECAwFSXRhbHkxDjAM\n\ -BgNVBAoMBUlsaWFkMR0wGwYDVQQDDBRJbGlhZGJveCBFQ0MgUm9vdCBDQTB2MBAG\n\ -ByqGSM49AgEGBSuBBAAiA2IABMryJyb2loHNAioY8IztN5MI3UgbVHVP/vZwcnre\n\ -ZvJOyDvE4HJgIti5qmfswlnMzpNbwf/MkT+7HAU8jJoTorRm1wtAnQ9cWD3Ebv79\n\ -RPwtjjy3Bza3SgdVxmd6fWPUKaNjMGEwHQYDVR0OBBYEFDUij/4lpoJ+kOXRyrcM\n\ -jf2RPzOqMB8GA1UdIwQYMBaAFDUij/4lpoJ+kOXRyrcMjf2RPzOqMA8GA1UdEwEB\n\ -/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2gAMGUCMQC6eUV1\n\ -pFh4UpJOTc1JToztN4ttnQR6rIzxMZ6mNCe+nhjkohWp24pr7BpUYSbEizYCMAQ6\n\ -LCiBKV2j7QQGy7N1aBmdur17ZepYzR1YV0eI+Kd978aZggsmhjXENQYVTmm/XA==\n\ ------END CERTIFICATE-----\n" >> /opt/venv/lib/python3.12/site-packages/aiofreepybox/freebox_certificates.pem +RUN cat install/freebox_certificate.pem >> /opt/venv/lib/python3.12/site-packages/aiofreepybox/freebox_certificates.pem # second stage FROM alpine:3.20 AS runner @@ -55,10 +42,9 @@ ENV S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0 RUN apk update --no-cache \ && apk add --no-cache bash zip lsblk gettext-envsubst sudo mtr tzdata s6-overlay \ - && apk add --no-cache curl arp-scan iproute2 iproute2-ss nmap nmap-scripts traceroute nbtscan avahi avahi-tools openrc dbus net-tools net-snmp-tools bind-tools awake ca-certificates \ + && apk add --no-cache curl arp-scan iproute2 iproute2-ss nmap nmap-scripts traceroute nbtscan avahi avahi-tools openrc dbus net-tools net-snmp-tools bind-tools awake ca-certificates \ && apk add --no-cache sqlite php83 php83-fpm php83-cgi php83-curl php83-sqlite3 php83-session \ && apk add --no-cache python3 nginx \ - && apk add --no-cache dcron \ && ln -s /usr/bin/awake /usr/bin/wakeonlan \ && bash -c "install -d -m 750 -o nginx -g www-data ${INSTALL_DIR} ${INSTALL_DIR}" \ && rm -f /etc/nginx/http.d/default.conf @@ -66,7 +52,7 @@ RUN apk update --no-cache \ COPY --from=builder --chown=nginx:www-data ${INSTALL_DIR}/ ${INSTALL_DIR}/ # Add crontab file -COPY install/crontab /etc/crontabs/root +COPY --chmod=600 --chown=root:root install/crontab /etc/crontabs/root # Start all required services RUN ${INSTALL_DIR}/dockerfiles/start.sh diff --git a/back/cron_script.sh b/back/cron_script.sh index 21c04536..5c86d909 100755 --- a/back/cron_script.sh +++ b/back/cron_script.sh @@ -5,8 +5,9 @@ LOG_FILE="${INSTALL_DIR}/log/execution_queue.log" # Check if there are any entries with cron_restart_backend if grep -q "cron_restart_backend" "$LOG_FILE"; then - # Kill all python processes (restart handled by s6 overlay) - pkill -f "python " && echo 'done' + # Restart python application using s6 + s6-svc -r /var/run/s6-rc/servicedirs/netalertx + echo 'done' # Remove all lines containing cron_restart_backend from the log file sed -i '/cron_restart_backend/d' "$LOG_FILE" diff --git a/dockerfiles/init.sh b/dockerfiles/init.sh index ae33b08b..4d2996e0 100755 --- a/dockerfiles/init.sh +++ b/dockerfiles/init.sh @@ -125,10 +125,6 @@ if [ ! -f "${INSTALL_DIR}/front/buildtimestamp.txt" ]; then chown nginx:www-data "${INSTALL_DIR}/front/buildtimestamp.txt" fi -# Start crond service in the background -echo "[INSTALL] Starting crond service..." -crond -f -d 8 > /dev/null 2>&1 & - echo -e " [ENV] PATH is ${PATH} [ENV] PORT is ${PORT} diff --git a/dockerfiles/start.sh b/dockerfiles/start.sh index 95bb3779..96e8a039 100755 --- a/dockerfiles/start.sh +++ b/dockerfiles/start.sh @@ -20,7 +20,14 @@ echo "longrun" > /etc/s6-overlay/s6-rc.d/php-fpm/type echo "longrun" > /etc/s6-overlay/s6-rc.d/nginx/type echo "longrun" > /etc/s6-overlay/s6-rc.d/$APP_NAME/type echo -e "${INSTALL_DIR}/dockerfiles/init.sh" > /etc/s6-overlay/s6-rc.d/SetupOneshot/up -echo -e "#!/bin/execlineb -P\n/usr/sbin/crond -f -d 8" > /etc/s6-overlay/s6-rc.d/crond/run +echo -e '#!/bin/execlineb -P + + if { echo + " + [INSTALL] Starting crond service... + + " }' > /etc/s6-overlay/s6-rc.d/crond/run +echo -e "/usr/sbin/crond -f" >> /etc/s6-overlay/s6-rc.d/crond/run echo -e "#!/bin/execlineb -P\n/usr/sbin/php-fpm83 -F" > /etc/s6-overlay/s6-rc.d/php-fpm/run echo -e '#!/bin/execlineb -P\nnginx -g "daemon off;"' > /etc/s6-overlay/s6-rc.d/nginx/run echo -e '#!/bin/execlineb -P @@ -39,4 +46,4 @@ touch /etc/s6-overlay/s6-rc.d/nginx/dependencies.d/php-fpm touch /etc/s6-overlay/s6-rc.d/$APP_NAME/dependencies.d/nginx # this removes the current file -# rm -f $0 +rm -f $0 diff --git a/install/crontab b/install/crontab index 8aa95cad..85404ea6 100755 --- a/install/crontab +++ b/install/crontab @@ -1,5 +1,2 @@ - - # Schedule cron jobs * * * * * /app/back/cron_script.sh -#* * * * * echo "$(date +'%Y-%m-%d %H:%M:%S') - Cron job ran" >> /app/log/cron_timestamp.log diff --git a/install/freebox_certificate.pem b/install/freebox_certificate.pem new file mode 100644 index 00000000..12bcc607 --- /dev/null +++ b/install/freebox_certificate.pem @@ -0,0 +1,14 @@ +-----BEGIN CERTIFICATE----- +MIICOjCCAcCgAwIBAgIUI0Tu7zsrBJACQIZgLMJobtbdNn4wCgYIKoZIzj0EAwIw +TDELMAkGA1UEBhMCSVQxDjAMBgNVBAgMBUl0YWx5MQ4wDAYDVQQKDAVJbGlhZDEd +MBsGA1UEAwwUSWxpYWRib3ggRUNDIFJvb3QgQ0EwHhcNMjAxMTI3MDkzODEzWhcN +NDAxMTIyMDkzODEzWjBMMQswCQYDVQQGEwJJVDEOMAwGA1UECAwFSXRhbHkxDjAM +BgNVBAoMBUlsaWFkMR0wGwYDVQQDDBRJbGlhZGJveCBFQ0MgUm9vdCBDQTB2MBAG +ByqGSM49AgEGBSuBBAAiA2IABMryJyb2loHNAioY8IztN5MI3UgbVHVP/vZwcnre +ZvJOyDvE4HJgIti5qmfswlnMzpNbwf/MkT+7HAU8jJoTorRm1wtAnQ9cWD3Ebv79 +RPwtjjy3Bza3SgdVxmd6fWPUKaNjMGEwHQYDVR0OBBYEFDUij/4lpoJ+kOXRyrcM +jf2RPzOqMB8GA1UdIwQYMBaAFDUij/4lpoJ+kOXRyrcMjf2RPzOqMA8GA1UdEwEB +/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMAoGCCqGSM49BAMCA2gAMGUCMQC6eUV1 +pFh4UpJOTc1JToztN4ttnQR6rIzxMZ6mNCe+nhjkohWp24pr7BpUYSbEizYCMAQ6 +LCiBKV2j7QQGy7N1aBmdur17ZepYzR1YV0eI+Kd978aZggsmhjXENQYVTmm/XA== +-----END CERTIFICATE----- From 82708bd5df97685da0811bf29a9b4a16da46fd53 Mon Sep 17 00:00:00 2001 From: root Date: Sun, 19 Jan 2025 22:19:00 +0000 Subject: [PATCH 2/3] Fixing path to cert file --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 264b7537..38a56fc2 100755 --- a/Dockerfile +++ b/Dockerfile @@ -20,7 +20,7 @@ RUN pip install openwrt-luci-rpc asusrouter asyncio aiohttp graphene flask netif && bash -c "find ${INSTALL_DIR} -type f \( -name '*.sh' -o -name '*.py' -o -name 'speedtest-cli' \) -exec chmod 750 {} \;" # Append Iliadbox certificate to aiofreepybox -RUN cat install/freebox_certificate.pem >> /opt/venv/lib/python3.12/site-packages/aiofreepybox/freebox_certificates.pem +RUN cat ${INSTALL_DIR}/install/freebox_certificate.pem >> /opt/venv/lib/python3.12/site-packages/aiofreepybox/freebox_certificates.pem # second stage FROM alpine:3.20 AS runner From abf7be595834985706d3a2a3972188bc20cfac5b Mon Sep 17 00:00:00 2001 From: root Date: Sun, 19 Jan 2025 22:23:52 +0000 Subject: [PATCH 3/3] adding new line for pem file --- install/freebox_certificate.pem | 1 + 1 file changed, 1 insertion(+) diff --git a/install/freebox_certificate.pem b/install/freebox_certificate.pem index 12bcc607..1a329f07 100644 --- a/install/freebox_certificate.pem +++ b/install/freebox_certificate.pem @@ -1,3 +1,4 @@ + -----BEGIN CERTIFICATE----- MIICOjCCAcCgAwIBAgIUI0Tu7zsrBJACQIZgLMJobtbdNn4wCgYIKoZIzj0EAwIw TDELMAkGA1UEBhMCSVQxDjAMBgNVBAgMBUl0YWx5MQ4wDAYDVQQKDAVJbGlhZDEd