diff options
author | Ashod Nakashian <ashod.nakashian@collabora.co.uk> | 2021-10-11 16:44:24 -0400 |
---|---|---|
committer | Andras Timar <andras.timar@collabora.com> | 2021-10-12 09:36:33 +0200 |
commit | e1ff82324eb75e8910de2e676027bbf5f1fe0cd9 (patch) | |
tree | f1deb135c8d31a0918d3225a4af3cc7287736eba /docker | |
parent | add cypress test for sheet-switch view area fix (diff) | |
download | online-e1ff82324eb75e8910de2e676027bbf5f1fe0cd9.tar.gz online-e1ff82324eb75e8910de2e676027bbf5f1fe0cd9.zip |
docker: exec the startup script to intercept SIGTERM
Docker supports two methods of executing commands.
The existing approach was to run bash and give the
shell script to execute, which forks and execs another
shell instance to run the script. This means that the
script itself is not PID 1, rather the parent bash
instance is.
The second approach is to exec the script in the same
bash process, without a parent. This is exactly what
we want, because once our script is done, it execs
loolwsd, thereby making loolwsd PID 1.
All of this means that when the docker container is
stopped, and PID 1 is sent SIGTERM, loolwsd will
intercept it and gracefully shutdown.
Change-Id: I52ac63f7fba58d20d1c6f63c7e07dd18141c1af4
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Diffstat (limited to 'docker')
-rw-r--r-- | docker/from-packages/RHEL8 | 2 | ||||
-rw-r--r-- | docker/from-packages/Ubuntu | 2 | ||||
-rwxr-xr-x[-rw-r--r--] | docker/from-packages/scripts/install-collabora-online-rhel8.sh | 0 | ||||
-rwxr-xr-x[-rw-r--r--] | docker/from-packages/scripts/install-collabora-online-ubuntu.sh | 0 | ||||
-rwxr-xr-x[-rw-r--r--] | docker/from-packages/scripts/start-collabora-online.sh | 9 | ||||
-rw-r--r-- | docker/from-source/Debian | 2 | ||||
-rw-r--r-- | docker/from-source/Ubuntu | 2 | ||||
-rw-r--r-- | docker/from-source/openSUSE | 2 |
8 files changed, 10 insertions, 9 deletions
diff --git a/docker/from-packages/RHEL8 b/docker/from-packages/RHEL8 index 132e7b52aa..d959d54e0a 100644 --- a/docker/from-packages/RHEL8 +++ b/docker/from-packages/RHEL8 @@ -39,4 +39,4 @@ EXPOSE 9980 USER 998 # Entry point -CMD bash start-collabora-online.sh +CMD ["/start-collabora-online.sh"] diff --git a/docker/from-packages/Ubuntu b/docker/from-packages/Ubuntu index 9978874903..fa60aa3c31 100644 --- a/docker/from-packages/Ubuntu +++ b/docker/from-packages/Ubuntu @@ -39,4 +39,4 @@ EXPOSE 9980 USER 104 # Entry point -CMD bash start-collabora-online.sh +CMD ["/start-collabora-online.sh"] diff --git a/docker/from-packages/scripts/install-collabora-online-rhel8.sh b/docker/from-packages/scripts/install-collabora-online-rhel8.sh index c1bf3cf40b..c1bf3cf40b 100644..100755 --- a/docker/from-packages/scripts/install-collabora-online-rhel8.sh +++ b/docker/from-packages/scripts/install-collabora-online-rhel8.sh diff --git a/docker/from-packages/scripts/install-collabora-online-ubuntu.sh b/docker/from-packages/scripts/install-collabora-online-ubuntu.sh index f41e2bd870..f41e2bd870 100644..100755 --- a/docker/from-packages/scripts/install-collabora-online-ubuntu.sh +++ b/docker/from-packages/scripts/install-collabora-online-ubuntu.sh diff --git a/docker/from-packages/scripts/start-collabora-online.sh b/docker/from-packages/scripts/start-collabora-online.sh index 2b0ec9060e..162057419a 100644..100755 --- a/docker/from-packages/scripts/start-collabora-online.sh +++ b/docker/from-packages/scripts/start-collabora-online.sh @@ -6,7 +6,7 @@ # Fix domain name resolution from jails cp /etc/resolv.conf /etc/hosts /opt/lool/systemplate/etc/ -if test "${DONT_GEN_SSL_CERT-set}" == set; then +if test "${DONT_GEN_SSL_CERT-set}" = set; then # Generate new SSL certificate instead of using the default mkdir -p /tmp/ssl/ cd /tmp/ssl/ @@ -14,10 +14,11 @@ mkdir -p certs/ca openssl rand -writerand /opt/lool/.rnd openssl genrsa -out certs/ca/root.key.pem 2048 openssl req -x509 -new -nodes -key certs/ca/root.key.pem -days 9131 -out certs/ca/root.crt.pem -subj "/C=DE/ST=BW/L=Stuttgart/O=Dummy Authority/CN=Dummy Authority" -mkdir -p certs/{servers,tmp} +mkdir -p certs/servers +mkdir -p certs/tmp mkdir -p certs/servers/localhost openssl genrsa -out certs/servers/localhost/privkey.pem 2048 -if test "${cert_domain-set}" == set; then +if test "${cert_domain-set}" = set; then openssl req -key certs/servers/localhost/privkey.pem -new -sha256 -out certs/tmp/localhost.csr.pem -subj "/C=DE/ST=BW/L=Stuttgart/O=Dummy Authority/CN=localhost" else openssl req -key certs/servers/localhost/privkey.pem -new -sha256 -out certs/tmp/localhost.csr.pem -subj "/C=DE/ST=BW/L=Stuttgart/O=Dummy Authority/CN=${cert_domain}" @@ -29,7 +30,7 @@ mv certs/ca/root.crt.pem /etc/loolwsd/ca-chain.cert.pem fi # Disable warning/info messages of LOKit by default -if test "${SAL_LOG-set}" == set; then +if test "${SAL_LOG-set}" = set; then SAL_LOG="-INFO-WARN" fi diff --git a/docker/from-source/Debian b/docker/from-source/Debian index 8c9a05f29a..11086b9e6d 100644 --- a/docker/from-source/Debian +++ b/docker/from-source/Debian @@ -40,4 +40,4 @@ EXPOSE 9980 # switch to lool user (use numeric user id to be compatible with Kubernetes Pod Security Policies) USER 101 -CMD bash /start-collabora-online.sh +CMD ["/start-collabora-online.sh"] diff --git a/docker/from-source/Ubuntu b/docker/from-source/Ubuntu index 4ddd3c1d75..0bbf8306b7 100644 --- a/docker/from-source/Ubuntu +++ b/docker/from-source/Ubuntu @@ -41,4 +41,4 @@ EXPOSE 9980 # switch to lool user (use numeric user id to be compatible with Kubernetes Pod Security Policies) USER 101 -CMD bash /start-collabora-online.sh +CMD ["/start-collabora-online.sh"] diff --git a/docker/from-source/openSUSE b/docker/from-source/openSUSE index 793f940571..17f6844a9f 100644 --- a/docker/from-source/openSUSE +++ b/docker/from-source/openSUSE @@ -36,4 +36,4 @@ EXPOSE 9980 # switch to lool user (use numeric user id to be compatible with Kubernetes Pod Security Policies) USER 481 -CMD bash /start-collabora-online.sh +CMD ["/start-collabora-online.sh"] |