Allow to set custom PUID/PGID
This commit is contained in:
parent
fdb28342f3
commit
171e0c32f1
28
Dockerfile
28
Dockerfile
@ -1,5 +1,5 @@
|
|||||||
# syntax=docker/dockerfile:experimental
|
# syntax=docker/dockerfile:experimental
|
||||||
FROM --platform=${TARGETPLATFORM:-linux/amd64} adoptopenjdk:12-jre-hotspot
|
FROM --platform=${TARGETPLATFORM:-linux/amd64} adoptopenjdk:12-jre-hotspot as suexec
|
||||||
|
|
||||||
ARG BUILD_DATE
|
ARG BUILD_DATE
|
||||||
ARG VCS_REF
|
ARG VCS_REF
|
||||||
@ -9,6 +9,21 @@ ARG TARGETPLATFORM
|
|||||||
ARG BUILDPLATFORM
|
ARG BUILDPLATFORM
|
||||||
RUN printf "I am running on ${BUILDPLATFORM:-linux/amd64}, building for ${TARGETPLATFORM:-linux/amd64}\n$(uname -a)\n"
|
RUN printf "I am running on ${BUILDPLATFORM:-linux/amd64}, building for ${TARGETPLATFORM:-linux/amd64}\n$(uname -a)\n"
|
||||||
|
|
||||||
|
RUN apt-get update \
|
||||||
|
&& apt-get install -y --no-install-recommends \
|
||||||
|
gcc \
|
||||||
|
libc-dev \
|
||||||
|
&& curl -o /usr/local/bin/su-exec.c https://raw.githubusercontent.com/ncopa/su-exec/master/su-exec.c \
|
||||||
|
&& gcc -Wall /usr/local/bin/su-exec.c -o/usr/local/bin/su-exec \
|
||||||
|
&& chown root:root /usr/local/bin/su-exec \
|
||||||
|
&& chmod 0755 /usr/local/bin/su-exec
|
||||||
|
|
||||||
|
FROM --platform=${TARGETPLATFORM:-linux/amd64} adoptopenjdk:12-jre-hotspot
|
||||||
|
|
||||||
|
ARG BUILD_DATE
|
||||||
|
ARG VCS_REF
|
||||||
|
ARG VERSION
|
||||||
|
|
||||||
LABEL maintainer="CrazyMax" \
|
LABEL maintainer="CrazyMax" \
|
||||||
org.label-schema.build-date=$BUILD_DATE \
|
org.label-schema.build-date=$BUILD_DATE \
|
||||||
org.label-schema.name="jetbrains-license-server" \
|
org.label-schema.name="jetbrains-license-server" \
|
||||||
@ -23,7 +38,9 @@ LABEL maintainer="CrazyMax" \
|
|||||||
ENV JLS_PATH="/opt/jetbrains-license-server" \
|
ENV JLS_PATH="/opt/jetbrains-license-server" \
|
||||||
JLS_VERSION="21137" \
|
JLS_VERSION="21137" \
|
||||||
JLS_SHA256="05241f0d41644ecc7679a879c829e57d423e151b997b45c5e986d498d6fe2f21" \
|
JLS_SHA256="05241f0d41644ecc7679a879c829e57d423e151b997b45c5e986d498d6fe2f21" \
|
||||||
TZ="UTC"
|
TZ="UTC" \
|
||||||
|
PUID="1000" \
|
||||||
|
PGID="1000"
|
||||||
|
|
||||||
RUN apt-get update \
|
RUN apt-get update \
|
||||||
&& apt-get install -y \
|
&& apt-get install -y \
|
||||||
@ -38,17 +55,16 @@ RUN apt-get update \
|
|||||||
&& rm -f "/tmp/jls.zip" \
|
&& rm -f "/tmp/jls.zip" \
|
||||||
&& chmod a+x "$JLS_PATH/bin/license-server.sh" \
|
&& chmod a+x "$JLS_PATH/bin/license-server.sh" \
|
||||||
&& ln -sf "$JLS_PATH/bin/license-server.sh" "/usr/local/bin/license-server" \
|
&& ln -sf "$JLS_PATH/bin/license-server.sh" "/usr/local/bin/license-server" \
|
||||||
&& groupadd -f -g 1000 jls \
|
&& groupadd -f -g ${PGID} jls \
|
||||||
&& useradd -o -s /bin/bash -d /data -u 1000 -g 1000 -m jls \
|
&& useradd -o -s /bin/bash -d /data -u ${PUID} -g jls -m jls \
|
||||||
&& chown -R jls. /data "$JLS_PATH" \
|
&& chown -R jls. /data "$JLS_PATH" \
|
||||||
&& apt-get clean \
|
&& apt-get clean \
|
||||||
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
||||||
|
|
||||||
|
COPY --from=suexec /usr/local/bin/su-exec /usr/local/bin/su-exec
|
||||||
COPY entrypoint.sh /entrypoint.sh
|
COPY entrypoint.sh /entrypoint.sh
|
||||||
RUN chmod a+x /entrypoint.sh
|
RUN chmod a+x /entrypoint.sh
|
||||||
|
|
||||||
USER jls
|
|
||||||
|
|
||||||
EXPOSE 8000
|
EXPOSE 8000
|
||||||
WORKDIR /data
|
WORKDIR /data
|
||||||
VOLUME [ "/data" ]
|
VOLUME [ "/data" ]
|
||||||
|
38
README.md
38
README.md
@ -44,34 +44,36 @@ Image: crazymax/jetbrains-license-server:latest
|
|||||||
|
|
||||||
### Environment variables
|
### Environment variables
|
||||||
|
|
||||||
* `TZ` : The timezone assigned to the container (default `UTC`)
|
* `TZ`: The timezone assigned to the container (default `UTC`)
|
||||||
* `JLS_VIRTUAL_HOSTS` : [Virtual hosts](https://www.jetbrains.com/help/license_server/setting_host_and_port.html#d1010e63) where license server will be available (comma delimited for several hosts)
|
* `PUID`: Process UID (default `1000`)
|
||||||
* `JLS_CONTEXT` : [Context path](https://www.jetbrains.com/help/license_server/setting_host_and_port.html#d1010e63) used by the license server (default `/`)
|
* `PGID`: Process GID (default `1000`)
|
||||||
* `JLS_ACCESS_CONFIG` : JSON file to configure [user restrictions](https://www.jetbrains.com/help/license_server/configuring_user_restrictions.html) (default `/data/access-config.json`)
|
* `JLS_VIRTUAL_HOSTS`: [Virtual hosts](https://www.jetbrains.com/help/license_server/setting_host_and_port.html#d1010e63) where license server will be available (comma delimited for several hosts)
|
||||||
* `JLS_STATS_RECIPIENTS` : [Reports recipients](https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html#d461e40) email addresses for stats (comma delimited)
|
* `JLS_CONTEXT`: [Context path](https://www.jetbrains.com/help/license_server/setting_host_and_port.html#d1010e63) used by the license server (default `/`)
|
||||||
* `JLS_REPORT_OUT_OF_LICENSE` : [Warn about lack of licenses](https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html#d461e40) every hour following the percentage threshold (default `0`)
|
* `JLS_ACCESS_CONFIG`: JSON file to configure [user restrictions](https://www.jetbrains.com/help/license_server/configuring_user_restrictions.html) (default `/data/access-config.json`)
|
||||||
* `JLS_SMTP_SERVER` : SMTP server host to use for sending [stats](https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html) (stats disabled if empty)
|
* `JLS_STATS_RECIPIENTS`: [Reports recipients](https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html#d461e40) email addresses for stats (comma delimited)
|
||||||
* `JLS_SMTP_PORT` : SMTP server port (default `25`)
|
* `JLS_REPORT_OUT_OF_LICENSE`: [Warn about lack of licenses](https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html#d461e40) every hour following the percentage threshold (default `0`)
|
||||||
* `JLS_SMTP_USERNAME` : SMTP username (auth disabled if empty)
|
* `JLS_SMTP_SERVER`: SMTP server host to use for sending [stats](https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html) (stats disabled if empty)
|
||||||
* `JLS_SMTP_PASSWORD` : SMTP password (auth disabled if empty)
|
* `JLS_SMTP_PORT`: SMTP server port (default `25`)
|
||||||
* `JLS_STATS_FROM` : [From address](https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html#d461e40) for stats emails
|
* `JLS_SMTP_USERNAME`: SMTP username (auth disabled if empty)
|
||||||
* `JLS_STATS_TOKEN` : Enables an auth token for the [stats API](https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html#d461e312) at `/reportApi` (HTTP POST)
|
* `JLS_SMTP_PASSWORD`: SMTP password (auth disabled if empty)
|
||||||
|
* `JLS_STATS_FROM`: [From address](https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html#d461e40) for stats emails
|
||||||
|
* `JLS_STATS_TOKEN`: Enables an auth token for the [stats API](https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html#d461e312) at `/reportApi` (HTTP POST)
|
||||||
|
|
||||||
### Volumes
|
### Volumes
|
||||||
|
|
||||||
* `/data` : Contains [registration data](https://www.jetbrains.com/help/license_server/migrate.html) and configuration
|
* `/data`: Contains [registration data](https://www.jetbrains.com/help/license_server/migrate.html) and configuration
|
||||||
|
|
||||||
> :warning: Note that the volume should be owned by uid `1000` and gid `1000`. If you don't give the volume correct permissions, the container may not start.
|
> :warning: Note that the volumes should be owned by the user/group with the specified `PUID` and `PGID`. If you don't give the volume correct permissions, the container may not start.
|
||||||
|
|
||||||
### Ports
|
### Ports
|
||||||
|
|
||||||
* `8000` : Jetbrains License Server HTTP port
|
* `8000`: Jetbrains License Server HTTP port
|
||||||
|
|
||||||
## Use this image
|
## Use this image
|
||||||
|
|
||||||
### Docker Compose
|
### Docker Compose
|
||||||
|
|
||||||
Docker compose is the recommended way to run this image. Copy the content of folder [examples/compose](examples/compose) in `/var/jls/` on your host for example. Edit the compose and env files with your preferences and run the following commands :
|
Docker compose is the recommended way to run this image. Copy the content of folder [examples/compose](examples/compose) in `/var/jls/` on your host for example. Edit the compose and env files with your preferences and run the following commands:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
touch acme.json
|
touch acme.json
|
||||||
@ -82,7 +84,7 @@ docker-compose logs -f
|
|||||||
|
|
||||||
### Command line
|
### Command line
|
||||||
|
|
||||||
You can also use the following minimal command :
|
You can also use the following minimal command:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
$ docker run -d -p 8000:8000 --name jetbrains_license_server \
|
$ docker run -d -p 8000:8000 --name jetbrains_license_server \
|
||||||
@ -94,7 +96,7 @@ $ docker run -d -p 8000:8000 --name jetbrains_license_server \
|
|||||||
|
|
||||||
## Update
|
## Update
|
||||||
|
|
||||||
Recreate the container whenever i push an update :
|
Recreate the container whenever I push an update:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
docker-compose pull
|
docker-compose pull
|
||||||
|
@ -6,13 +6,23 @@ JLS_PORT=8000
|
|||||||
JLS_CONTEXT=${JLS_CONTEXT:-/}
|
JLS_CONTEXT=${JLS_CONTEXT:-/}
|
||||||
JLS_ACCESS_CONFIG=${JLS_ACCESS_CONFIG:-/data/access-config.json}
|
JLS_ACCESS_CONFIG=${JLS_ACCESS_CONFIG:-/data/access-config.json}
|
||||||
|
|
||||||
|
if [ -n "${PGID}" ] && [ "${PGID}" != "$(id -g jls)" ]; then
|
||||||
|
echo "Switching to PGID ${PGID}..."
|
||||||
|
sed -i -e "s/^jls:\([^:]*\):[0-9]*/jls:\1:${PGID}/" /etc/group
|
||||||
|
sed -i -e "s/^jls:\([^:]*\):\([0-9]*\):[0-9]*/jls:\1:\2:${PGID}/" /etc/passwd
|
||||||
|
fi
|
||||||
|
if [ -n "${PUID}" ] && [ "${PUID}" != "$(id -u jls)" ]; then
|
||||||
|
echo "Switching to PUID ${PUID}..."
|
||||||
|
sed -i -e "s/^jls:\([^:]*\):[0-9]*:\([0-9]*\)/jls:\1:${PUID}:\2/" /etc/passwd
|
||||||
|
fi
|
||||||
|
|
||||||
# Init
|
# Init
|
||||||
echo "Initializing files and folders..."
|
echo "Initializing files and folders..."
|
||||||
touch "/data/access-config.json"
|
su-exec jls:jls touch "/data/access-config.json"
|
||||||
|
|
||||||
# https://www.jetbrains.com/help/license_server/setting_host_and_port.html
|
# https://www.jetbrains.com/help/license_server/setting_host_and_port.html
|
||||||
echo "Configuring Jetbrains License Server..."
|
echo "Configuring Jetbrains License Server..."
|
||||||
license-server configure --listen ${JLS_LISTEN_ADDRESS} --port ${JLS_PORT} --context ${JLS_CONTEXT}
|
su-exec jls:jls license-server configure --listen ${JLS_LISTEN_ADDRESS} --port ${JLS_PORT} --context ${JLS_CONTEXT}
|
||||||
|
|
||||||
# https://www.jetbrains.com/help/license_server/setting_host_and_port.html
|
# https://www.jetbrains.com/help/license_server/setting_host_and_port.html
|
||||||
if [ ! -z "$JLS_VIRTUAL_HOSTS" ] ; then
|
if [ ! -z "$JLS_VIRTUAL_HOSTS" ] ; then
|
||||||
@ -20,45 +30,48 @@ if [ ! -z "$JLS_VIRTUAL_HOSTS" ] ; then
|
|||||||
for JLS_VIRTUAL_HOST in $(echo ${JLS_VIRTUAL_HOSTS} | tr "," "\n"); do
|
for JLS_VIRTUAL_HOST in $(echo ${JLS_VIRTUAL_HOSTS} | tr "," "\n"); do
|
||||||
echo "-> ${JLS_VIRTUAL_HOST}"
|
echo "-> ${JLS_VIRTUAL_HOST}"
|
||||||
done
|
done
|
||||||
license-server configure --jetty.virtualHosts.names=${JLS_VIRTUAL_HOSTS}
|
su-exec jls:jls license-server configure --jetty.virtualHosts.names=${JLS_VIRTUAL_HOSTS}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# https://www.jetbrains.com/help/license_server/configuring_user_restrictions.html
|
# https://www.jetbrains.com/help/license_server/configuring_user_restrictions.html
|
||||||
if [ -s "$JLS_ACCESS_CONFIG" ]; then
|
if [ -s "$JLS_ACCESS_CONFIG" ]; then
|
||||||
echo "Enabling user restrictions access from $JLS_ACCESS_CONFIG..."
|
echo "Enabling user restrictions access from $JLS_ACCESS_CONFIG..."
|
||||||
license-server configure --access.config=file:${JLS_ACCESS_CONFIG}
|
su-exec jls:jls license-server configure --access.config=file:${JLS_ACCESS_CONFIG}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html
|
# https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html
|
||||||
if [ ! -z "$JLS_SMTP_SERVER" -a ! -z "$JLS_STATS_RECIPIENTS" ] ; then
|
if [ ! -z "$JLS_SMTP_SERVER" -a ! -z "$JLS_STATS_RECIPIENTS" ] ; then
|
||||||
JLS_SMTP_PORT=${JLS_SMTP_PORT:-25}
|
JLS_SMTP_PORT=${JLS_SMTP_PORT:-25}
|
||||||
echo "Enabling User Reporting via SMTP at $JLS_SMTP_SERVER:$JLS_SMTP_PORT..."
|
echo "Enabling User Reporting via SMTP at $JLS_SMTP_SERVER:$JLS_SMTP_PORT..."
|
||||||
license-server configure --smtp.server ${JLS_SMTP_SERVER} --smtp.server.port ${JLS_SMTP_PORT}
|
su-exec jls:jls license-server configure --smtp.server ${JLS_SMTP_SERVER} --smtp.server.port ${JLS_SMTP_PORT}
|
||||||
|
|
||||||
if [ ! -z "$JLS_SMTP_USERNAME" -a ! -z "$JLS_SMTP_PASSWORD" ] ; then
|
if [ ! -z "$JLS_SMTP_USERNAME" -a ! -z "$JLS_SMTP_PASSWORD" ] ; then
|
||||||
echo "Using SMTP username $JLS_SMTP_USERNAME with password..."
|
echo "Using SMTP username $JLS_SMTP_USERNAME with password..."
|
||||||
license-server configure --smtp.server.username ${JLS_SMTP_USERNAME}
|
su-exec jls:jls license-server configure --smtp.server.username ${JLS_SMTP_USERNAME}
|
||||||
license-server configure --smtp.server.password ${JLS_SMTP_PASSWORD}
|
su-exec jls:jls license-server configure --smtp.server.password ${JLS_SMTP_PASSWORD}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ ! -z "$JLS_STATS_FROM" ] ; then
|
if [ ! -z "$JLS_STATS_FROM" ] ; then
|
||||||
echo "Setting stats sender to $JLS_STATS_FROM..."
|
echo "Setting stats sender to $JLS_STATS_FROM..."
|
||||||
license-server configure --stats.from ${JLS_STATS_FROM}
|
su-exec jls:jls license-server configure --stats.from ${JLS_STATS_FROM}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$JLS_REPORT_OUT_OF_LICENSE" -gt 0 ]; then
|
if [ "$JLS_REPORT_OUT_OF_LICENSE" -gt 0 ]; then
|
||||||
echo "Setting report out of licence to $JLS_REPORT_OUT_OF_LICENSE%..."
|
echo "Setting report out of licence to $JLS_REPORT_OUT_OF_LICENSE%..."
|
||||||
license-server configure --reporting.out.of.license.threshold ${JLS_REPORT_OUT_OF_LICENSE}
|
su-exec jls:jls license-server configure --reporting.out.of.license.threshold ${JLS_REPORT_OUT_OF_LICENSE}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo "Stats recipients: $JLS_STATS_RECIPIENTS..."
|
echo "Stats recipients: $JLS_STATS_RECIPIENTS..."
|
||||||
license-server configure --stats.recipients ${JLS_STATS_RECIPIENTS}
|
su-exec jls:jls license-server configure --stats.recipients ${JLS_STATS_RECIPIENTS}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html
|
# https://www.jetbrains.com/help/license_server/detailed_server_usage_statistics.html
|
||||||
if [ ! -z "$JLS_STATS_TOKEN" ] ; then
|
if [ ! -z "$JLS_STATS_TOKEN" ] ; then
|
||||||
echo "Enabling stats via API at /$JLS_STATS_TOKEN..."
|
echo "Enabling stats via API at /$JLS_STATS_TOKEN..."
|
||||||
license-server configure --reporting.token ${JLS_STATS_TOKEN}
|
su-exec jls:jls license-server configure --reporting.token ${JLS_STATS_TOKEN}
|
||||||
fi
|
fi
|
||||||
|
|
||||||
exec "$@"
|
echo "Fixing perms..."
|
||||||
|
chown -R jls:jls /data "$JLS_PATH"
|
||||||
|
|
||||||
|
exec su-exec jls:jls "$@"
|
||||||
|
Loading…
Reference in New Issue
Block a user