kunsi/bundlewrap
1
0
Fork 0
Code Issues 1 Pull requests Releases Activity

bundles/docker-engine: support different user, arbitrary mapped volumes, custom command

Browse source
This commit is contained in:
Franzi 2025-02-16 18:35:54 +01:00
parent e0903ffa50
commit f04149b4a7
Signed by: kunsi
GPG key ID: 12E3D2136B818350
2 changed files with 25 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
bundles/docker-engine/files/docker-wrapper
View file

@ -12,8 +12,8 @@ then
exit 1 exit 1
fi fi
PUID="$(id -u "docker-${name}")" PUID="$(id -u "${user}")"
PGID="$(id -g "docker-${name}")" PGID="$(id -g "${user}")"
if [ "$ACTION" == "start" ] if [ "$ACTION" == "start" ]
then then
@ -32,10 +32,19 @@ then
--publish "127.0.0.1:${host_port}:${container_port}" \ --publish "127.0.0.1:${host_port}:${container_port}" \
% endfor % endfor
% for host_path, container_path in sorted(volumes.items()): % for host_path, container_path in sorted(volumes.items()):
% if host_path.startswith('/'):
--volume "${host_path}:${container_path}" \
% else:
--volume "/var/opt/docker-engine/${name}/${host_path}:${container_path}" \ --volume "/var/opt/docker-engine/${name}/${host_path}:${container_path}" \
% endif
% endfor % endfor
--restart unless-stopped \ --restart unless-stopped \
% if command:
"${image}" \
"${command}"
% else:
"${image}" "${image}"
% endif
elif [ "$ACTION" == "stop" ] elif [ "$ACTION" == "stop" ]
then then

21
bundles/docker-engine/items.py
View file

@ -45,16 +45,19 @@ actions['docker_create_nondefault_network'] = {
for app, config in node.metadata.get('docker-engine/containers', {}).items(): for app, config in node.metadata.get('docker-engine/containers', {}).items():
volumes = config.get('volumes', {}) volumes = config.get('volumes', {})
user = config.get('user', f'docker-{app}')
files[f'/opt/docker-engine/{app}'] = { files[f'/opt/docker-engine/{app}'] = {
'source': 'docker-wrapper', 'source': 'docker-wrapper',
'content_type': 'mako', 'content_type': 'mako',
'context': { 'context': {
'command': config.get('command'),
'environment': config.get('environment', {}), 'environment': config.get('environment', {}),
'image': config['image'], 'image': config['image'],
'name': app, 'name': app,
'ports': config.get('ports', {}), 'ports': config.get('ports', {}),
'timezone': node.metadata.get('timezone'), 'timezone': node.metadata.get('timezone'),
'user': user,
'volumes': volumes, 'volumes': volumes,
}, },
'mode': '0755', 'mode': '0755',
@ -63,8 +66,7 @@ for app, config in node.metadata.get('docker-engine/containers', {}).items():
}, },
} }
users[f'docker-{app}'] = { users[user] = {
'home': f'/var/opt/docker-engine/{app}',
'groups': { 'groups': {
'docker', 'docker',
}, },
@ -73,6 +75,8 @@ for app, config in node.metadata.get('docker-engine/containers', {}).items():
'svc_systemd:docker', 'svc_systemd:docker',
}, },
} }
if user == f'docker-{app}':
users[user]['home'] = f'/var/opt/docker-engine/{app}'
files[f'/usr/local/lib/systemd/system/docker-{app}.service'] = { files[f'/usr/local/lib/systemd/system/docker-{app}.service'] = {
'source': 'docker-wrapper.service', 'source': 'docker-wrapper.service',
@ -95,20 +99,23 @@ for app, config in node.metadata.get('docker-engine/containers', {}).items():
*deps, *deps,
f'file:/opt/docker-engine/{app}', f'file:/opt/docker-engine/{app}',
f'file:/usr/local/lib/systemd/system/docker-{app}.service', f'file:/usr/local/lib/systemd/system/docker-{app}.service',
f'user:docker-{app}', f'user:{user}',
'svc_systemd:docker', 'svc_systemd:docker',
*set(config.get('needs', set())), *set(config.get('needs', set())),
}, },
} }
for volume in volumes: for volume in volumes:
directories[f'/var/opt/docker-engine/{app}/{volume}'] = { if not volume.startswith('/'):
'owner': f'docker-{app}', volume = f'/var/opt/docker-engine/{app}/{volume}'
'group': f'docker-{app}',
directories[volume] = {
'owner': user,
'group': user,
'needed_by': { 'needed_by': {
f'svc_systemd:docker-{app}', f'svc_systemd:docker-{app}',
}, },
# don't do anything if the directory exists, docker images # don't do anything if the directory exists, docker images
# mangle owners # mangle owners
'unless': f'test -d /var/opt/docker-engine/{app}/{volume}', 'unless': f'test -d {volume}',
} }