From 852da10d2e7efe2a9fbf2dad0eeef437f43fd239 Mon Sep 17 00:00:00 2001 From: Christian Busch Date: Sun, 26 Apr 2026 19:51:09 +0200 Subject: [PATCH] Fixed docker --- docker/Dockerfile | 15 ++-------- docker/docker-compose.yml | 4 ++- docker/entrypoint.sh | 59 ++++++++++++++++++++------------------- 3 files changed, 37 insertions(+), 41 deletions(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 07f3912..79adaba 100755 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:latest +FROM alpine:3.21 ENV TZ="UTC" ENV SCHEDULE="* * * * *" @@ -10,28 +10,19 @@ ENV NSUPDATE_CONFD_DIR="/config" ENV NSUPDATE_LOG_DIR="/log" ## Install requirements -RUN apk update RUN apk add --no-cache git curl libxml2-utils tzdata jq -# Read timezone from server, so in docker-compose you can change TZ -RUN ln -sf "/usr/share/zoneinfo/${TZ}" /etc/localtime && \ - echo "${TZ}" > /etc/timezone && date - # Cache Bust upon new commits ADD https://api.github.com/repos/chrisb86/nsupdate/git/refs/heads/main /.git-hashref -COPY nsupdate.sh /usr/local/bin/nsupdate.sh -RUN chmod +x /usr/local/bin/nsupdate.sh - -COPY docker/entrypoint.sh /usr/local/bin/entrypoint.sh -RUN chmod +x /usr/local/bin/entrypoint.sh +COPY --chmod=755 nsupdate.sh /usr/local/bin/nsupdate.sh +COPY --chmod=755 docker/entrypoint.sh /usr/local/bin/entrypoint.sh # Create volume directories (ownership will be set at runtime) RUN mkdir -p /config /log ## Start crond ENTRYPOINT [ "/usr/local/bin/entrypoint.sh" ] -CMD [ "crond", "-f" ] VOLUME /config VOLUME /log \ No newline at end of file diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index e00b1c2..1dfb43b 100755 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -5,8 +5,10 @@ services: image: git.debilux.org/chris/nsupdate container_name: nsupdate environment: - - SCHEDULE=*\2 * * * * + - SCHEDULE=*/5 * * * * - TZ=Europe/Berlin + - PUID=1000 + - PGID=1000 - NSUPDATE_INWX_USER=YOUR_INWX_USERNAME - NSUPDATE_INWX_PASSWORD=YOUR_INWX_PASSWORD volumes: diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh index 456f448..15c24c2 100644 --- a/docker/entrypoint.sh +++ b/docker/entrypoint.sh @@ -1,42 +1,45 @@ #!/bin/sh +set -e -set -eu +COMMAND="/usr/local/bin/nsupdate.sh" +# Default schedule if not specified SCHEDULE="${SCHEDULE:-* * * * *}" + +# Default cron log level if not specified CRON_LOG_LEVEL="${CRON_LOG_LEVEL:-2}" -PUID="${PUID:-1000}" -PGID="${PGID:-1000}" -CRON_FILE="/etc/crontabs/root" -# Create or update group with specified PGID -if grep -q "^nsupdate:" /etc/group 2>/dev/null; then - delgroup nsupdate 2>/dev/null || true -fi -addgroup -g "${PGID}" nsupdate 2>/dev/null || true +# Default user name not specified +USERNAME="${USERNAME:-nsupdate}" -# Create or update user with specified PUID -if grep -q "^nsupdate:" /etc/passwd 2>/dev/null; then - deluser nsupdate 2>/dev/null || true -fi -adduser -u "${PUID}" -G nsupdate -s /sbin/nologin -D nsupdate 2>/dev/null || true +# Default UID and GID if not specified +PUID=${PUID:-1000} +PGID=${PGID:-1000} -# Set ownership of volumes -chown -R "${PUID}:${PGID}" /config /log +# Default timezone if not specified +TZ=${TZ:-Etc/UTC} -# Ensure crontabs directory exists -mkdir -p "$(dirname "${CRON_FILE}")" +# Set the timezone +ln -snf /usr/share/zoneinfo/$TZ /etc/localtime +echo "$TZ" >/etc/timezone +echo "Timezone set to $TZ" -# Write cron job to run as the specified user (by UID:GID) -printf '%s su -s /bin/sh %s:%s -c /usr/local/bin/nsupdate.sh\n' "${SCHEDULE}" "${PUID}" "${PGID}" > "${CRON_FILE}" -chmod 600 "${CRON_FILE}" +# Create nsupdate group +addgroup -S --gid $PGID "$USERNAME" -if [ "$#" -gt 0 ]; then - if [ "$1" = "crond" ]; then - shift - exec crond -l "${CRON_LOG_LEVEL}" "$@" - fi +# Create nsupdate user +adduser -S -u $PUID -G "$USERNAME" -D -H -s /bin/false "$USERNAME" - exec "$@" -fi +CRON_FILE="/etc/crontabs/$USERNAME" +mkdir -p /etc/crontabs +printf '%s %s %s\n' "$SCHEDULE" "$USERNAME" "$COMMAND" > "$CRON_FILE" +chmod 600 "$CRON_FILE" +# Set correct permissions +chown -R "$USERNAME":"$USERNAME" /config +chown -R "$USERNAME":"$USERNAME" /log +echo "Permissions adjusted" + +# Start nsupdate in the foreground with reduced warnings +echo "Starting cron..." exec crond -l "${CRON_LOG_LEVEL}" -f \ No newline at end of file