diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 147ec09a..357d46af 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -52,6 +52,8 @@ jobs: run: docker ps - name: Check out the repo uses: actions/checkout@v3 + - name: Identify git repo path + run: ls $GITHUB_WORKSPACE && ls -l /home/runner/work/ - name: Wait for mysql run: sleep 15 - name: Set up Docker Buildx @@ -77,5 +79,5 @@ jobs: # password: ${{ secrets.DOCKER_PASSWORD }} # file: ./server/Dockerfile push: true - tags: bluecherrydvr/bluecherry:citesting + tags: bluecherrydvr/bluecherry:unstable labels: github_ci diff --git a/Dockerfile b/Dockerfile index 4d81e86b..1ad663e3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -302,4 +302,6 @@ RUN chmod +x /entrypoint.sh \ && chmod +x /bin/bc-database-create \ && chmod +x /bin/bc-database-upgrade +CMD /etc/init.d/php7.4-fpm restart + CMD "/entrypoint.sh" diff --git a/scripts/install.sh b/scripts/install.sh index 55da4cf1..39ae9de5 100644 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -30,7 +30,7 @@ docker_compose_init() { #uptimekuma -echo "\n\nDownloading latest Bluecherry and related images...this may take a while...\n\n" +echo "Downloading latest Bluecherry and related images...this may take a while..." cd "$workingpath/bluecherry-docker" @@ -42,7 +42,7 @@ docker compose pull docker compose up bc-mysql -d echo "Sleeping 45 seconds to make sure the database is initialized correctly..." -echo "\n\n" + sleep 45 docker compose stop bc-mysql docker compose up -d bc-mysql @@ -76,7 +76,7 @@ Create a password for the mysql bluecherry user " echo "Time Zone (i.e. - America/Chicago): " -read timezone +read timezoneset #read -p "Time Zone (i.e. - America/Chicago):" timezone #timezoneset="${timezone:=American/Chicago}" @@ -257,7 +257,7 @@ case $distribution in "debian" | "ubuntu") install_debian_packages ;; - "centos" | "rhel" | "fedora") + "centos" | "rhel" | "fedora" | "rocky" | "Rocky") install_redhat_packages ;; "sles" | "opensuse" | "suse") @@ -311,6 +311,11 @@ install_suse_packages() { install_arch_packages() { pacman -Syu --noconfirm git install_docker + sed -i 's/^LimitNOFILE=infinity$/LimitNOFILE=1048576/' /usr/lib/systemd/system/docker.service + sed -i 's/^LimitNOFILE=infinity$/LimitNOFILE=1048576/' /usr/lib/systemd/system/containerd.service + systemctl start docker + systemctl enable docker + pacman -Syu --noconfirm docker-compose } # Function to install packages on Fedora @@ -390,7 +395,7 @@ docker_compose_init esac -read -p "Do you want to configure SMTP settings?? [y/n]: " smtp +read -p "Do you want to configure SMTP settings? [y/n]: " smtp case $smtp in y) diff --git a/server/Dockerfile b/server/Dockerfile index 9a49b5bc..9f29e4aa 100644 --- a/server/Dockerfile +++ b/server/Dockerfile @@ -1,16 +1,7 @@ # set a base image with environment to build from FROM ubuntu:20.04 AS baseos -#RUN echo $DB_HOST -#ARG DB_HOST=$BLUECHERRY_DB_HOST -#RUN echo $BLUECHERRY_DB_HOST -ARG BLUECHERRY_GIT_BRANCH_TAG=v3.1.0-latest -#ARG MYSQLHOST -#ENV MYSQL_HOST=MYSQLHOST - -#RUN echo "Testing github network env" -#RUN echo ${{ steps.github-network.outputs.gateway-address }} -RUN echo $MYSQL_HOST +ARG BLUECHERRY_GIT_BRANCH_TAG=master # --------------------------------------------------------------------------- # Build the base OS with some development libs and tools @@ -18,78 +9,56 @@ FROM baseos AS os_dev_environment ENV DEBIAN_FRONTEND=noninteractive WORKDIR /root -CMD ["echo", "Testing mysql connection via nmap..."] - RUN apt-get update -RUN apt-get -y install nmap -#RUN nmap mysql -p 3306 - -CMD ["echo", "Installing other stuff..."] - -#RUN apt-get install --no-install-recommends -y \ -# git sudo openssl ca-certificates wget gnupg gnupg2 gnupg1 \ -# ssl-cert nmap curl sysstat iproute2 \ -# autoconf automake libtool build-essential gcc g++ \ -# debhelper ccache bison flex texinfo yasm cmake - -#RUN apt-get install --no-install-recommends -y \ -# libbsd-dev libopencv-dev libudev-dev libva-dev \ -# linux-image-generic linux-headers-generic \ -# libmysqlclient-dev rsyslog - -CMD ["echo", "Testing mysql connection..."] - -RUN apt install -y mysql-client -#RUN ip a -RUN mysql -uroot -proot -h 172.17.0.1 -e 'SELECT version()' - +RUN apt-get install --no-install-recommends -y \ + git sudo openssl ca-certificates wget gnupg gnupg2 gnupg1 \ + ssl-cert nmap curl sysstat iproute2 \ + autoconf automake libtool build-essential gcc g++ \ + debhelper ccache bison flex texinfo yasm cmake + +RUN apt-get install --no-install-recommends -y \ + libbsd-dev libopencv-dev libudev-dev libva-dev \ + linux-image-generic linux-headers-generic \ + libmysqlclient-dev rsyslog + # --------------------------------------------------------------------------- -#FROM os_dev_environment as bluecherry_base_environment +FROM os_dev_environment as bluecherry_base_environment ENV DEBIAN_FRONTEND=noninteractive WORKDIR /root -#RUN git clone --progress --depth 1 \ -# http://github.com/bluecherrydvr/bluecherry-apps.git \ -# && cd bluecherry-apps \ -# && git checkout $BLUECHERRY_GIT_BRANCH_TAG - -#RUN apt-get --no-install-recommends -y install \ -# libbsd0 libc6 libgcc1 libssl1.1 libstdc++6 libudev1 \ -# zlib1g ucf mkvtoolnix v4l-utils vainfo i965-va-driver - -CMD ["echo", "**************** NMAP output..."] -RUN apt-get update -RUN apt-get -y install nmap -RUN nmap 127.0.0.1 -p 3306 - -CMD ["echo", "Installing other stuff..."] +# RUN git clone --recurse-submodules --progress --depth 1 \ + RUN git clone --recurse-submodules --progress http://github.com/bluecherrydvr/bluecherry-apps.git \ + && cd bluecherry-apps \ + && git checkout $BLUECHERRY_GIT_BRANCH_TAG \ + && sed -i 's/#define PRODUCT_VERSION "3.1.0-rc9"/#define PRODUCT_VERSION "3.1.0-rc9-docker"/' server/v3license_processor.h -RUN apt install -y --no-install-recommends wget sudo gnupg -#RUN wget -q https://repo.mysql.com/RPM-GPG-KEY-mysql-2022 -O- | apt-key add - -RUN apt update + +RUN apt-get --no-install-recommends -y install \ + libbsd0 libc6 libgcc1 libssl1.1 libstdc++6 libudev1 \ + zlib1g ucf mkvtoolnix v4l-utils vainfo i965-va-driver -#RUN apt-get --no-install-recommends -y install \ -# php-mail php-mail-mime php-net-smtp php-gd php-curl \ -# php-mysql php-sqlite3 \ -# mysql-client sqlite3 +RUN apt-get --no-install-recommends -y install \ + php-mail php-mail-mime php-net-smtp php-gd php-curl \ + php-mysql php-sqlite3 \ + apache2 libapache2-mod-php mysql-client sqlite3 # --------------------------------------------------------------------------- # Build the bluecherry app and dependencies. This is done in a separate # image because there are many ways it can fail and then we save time # by being able to reuse prior containers leading up to this build. -#FROM bluecherry_base_environment as bluecherry_build -#ENV DEBIAN_FRONTEND=noninteractive -#WORKDIR /root +FROM bluecherry_base_environment as bluecherry_build +ENV DEBIAN_FRONTEND=noninteractive +WORKDIR /root -#COPY depends/onvif_tool bluecherry-apps/utils/onvif_tool +COPY depends/onvif_tool bluecherry-apps/utils/onvif_tool -#RUN cd bluecherry-apps \ -# && ./scripts/build_pkg_native.sh +RUN cd bluecherry-apps \ + && ./scripts/build_pkg_native.sh # --------------------------------------------------------------------------- -#FROM bluecherry_build as bluecherry_build_cleaned +FROM bluecherry_build as bluecherry_build_cleaned ENV DEBIAN_FRONTEND=noninteractive WORKDIR /root @@ -104,26 +73,15 @@ RUN rm -rf .ccache \ # --------------------------------------------------------------------------- # Install the bluecherry app and dependencies -#FROM baseos as bluecherry_install +FROM baseos as bluecherry_install ENV DEBIAN_FRONTEND=noninteractive WORKDIR /root -#COPY --from=bluecherry_build_cleaned \ -# /root/bluecherry-apps/releases/bluecherry_*.deb \ -# /root/bluecherry-apps/releases/ -RUN apt update -#RUN apt install --no-install-recommends -y wget mariadb-client libopencv-core libopencv-imgcodecs libopencv-imgproc libva-drm2 libva2 mkvtoolnix php-mail php-mail-mime \# -# php-net-smtp sqlite3 nginx php-fpm php-mysql php-sqlite3 v4l-utils vainfo i965-va-driver php-gd php-curl mariadb-client python3-pip python3-distutils gnupg2 -RUN apt install --no-install-recommends -y libbsd0 libc6 libgcc-s1 libmariadb3 libopencv-core4.2 libopencv-imgcodecs4.2 libopencv-imgproc4.2 curl \ - libssl1.1 libstdc++6 libudev1 libva-drm2 libva2 zlib1g ssl-cert ucf curl sysstat mkvtoolnix php-mail \ - php-mail-mime php-net-smtp sqlite3 nmap nginx php-fpm php-mysql php-sqlite3 v4l-utils vainfo i965-va-driver mysql-client python3-pip - - +COPY --from=bluecherry_build_cleaned \ + /root/bluecherry-apps/releases/bluecherry_*.deb \ + /root/bluecherry-apps/releases/ -#RUN wget https://unstable.bluecherrydvr.com/pool/focal/bluecherry_3.1.0-rc8_amd64.deb -RUN curl -k -o /tmp/bluecherry_3.1.0-rc8_amd64.deb https://unstable.bluecherrydvr.com/pool/focal/bluecherry_3.1.0-rc8_amd64.deb - -#COPY depends/bluecherry_3.1.0-rc8_amd64.deb /tmp/bluecherry_3.1.0-rc8_amd64.deb +RUN ls -l /root/bluecherry-apps/releases/ # This step is needed if/when building a new bluecherry docker container # that will connect to an existing bluecherry database. In this case, the @@ -139,9 +97,9 @@ ARG MYSQL_ADMIN_PASSWORD=root # Specific database credentials used by bluecherry server ARG BLUECHERRY_DB_USER=bluecherry ARG BLUECHERRY_DB_HOST=172.17.0.1 -ARG BLUECHERRY_DB_PASSWORD=qiNdklOierSZs2 +ARG BLUECHERRY_DB_PASSWORD=bluecherry ARG BLUECHERRY_DB_NAME=bluecherry -ARG BLUECHERRY_DB_ACCESS_HOST='%' +ARG BLUECHERRY_DB_ACCESS_HOST=% # User and Group info used for running bluecherry server processes ARG BLUECHERRY_LINUX_GROUP_NAME=bluecherry @@ -151,25 +109,23 @@ ARG BLUECHERRY_LINUX_USER_ID=1000 RUN apt-get update \ && apt-get install -y \ - wget sudo rsyslog nmap curl sysstat iproute2 \ - openssl ca-certificates ssl-cert gnupg gnupg2 gnupg1 - -#COPY my.cnf /root/.my.cnf - -#RUN { \ -# echo "[client]"; \ -# echo "user=$MYSQL_ADMIN_LOGIN"; \ -# echo "password=$MYSQL_ADMIN_PASSWORD"; \ -# echo "[mysql]"; \ -# echo "user=$MYSQL_ADMIN_LOGIN"; \ -# echo "password=$MYSQL_ADMIN_PASSWORD"; \ -# echo "[mysqldump]"; \ -# echo "user=$MYSQL_ADMIN_LOGIN"; \ -# echo "password=$MYSQL_ADMIN_PASSWORD"; \ -# echo "[mysqldiff]"; \ -# echo "user=$MYSQL_ADMIN_LOGIN"; \ -# echo "password=$MYSQL_ADMIN_PASSWORD"; \ -# } > /root/.my.cnf + rsyslog nmap curl sysstat iproute2 \ + openssl ca-certificates ssl-cert gnupg gnupg2 gnupg1 sudo mysql-client python3-pip wget curl nano cron + +RUN { \ + echo "[client]"; \ + echo "user=$MYSQL_ADMIN_LOGIN"; \ + echo "password=$MYSQL_ADMIN_PASSWORD"; \ + echo "[mysql]"; \ + echo "user=$MYSQL_ADMIN_LOGIN"; \ + echo "password=$MYSQL_ADMIN_PASSWORD"; \ + echo "[mysqldump]"; \ + echo "user=$MYSQL_ADMIN_LOGIN"; \ + echo "password=$MYSQL_ADMIN_PASSWORD"; \ + echo "[mysqldiff]"; \ + echo "user=$MYSQL_ADMIN_LOGIN"; \ + echo "password=$MYSQL_ADMIN_PASSWORD"; \ + } > /root/.my.cnf # NOTE: The line "export host=$BLUECHERRY_DB_HOST" ... This is required # due to a weird global check of this env var by the "check_mysql_admin" @@ -178,22 +134,6 @@ RUN apt-get update \ # --- The Specific problem line is: # if ! echo "show databases" | mysql_wrapper -h"${host}" -u"$MYSQL_ADMIN_LOGIN" &>/dev/null # -#RUN { \ -# echo bluecherry bluecherry/mysql_admin_login string $MYSQL_ADMIN_LOGIN; \ -# echo bluecherry bluecherry/mysql_admin_password password $MYSQL_ADMIN_PASSWORD; \ -# echo bluecherry bluecherry/db_host string $BLUECHERRY_DB_HOST; \ -## echo bluecherry bluecherry/db_host string mysql \ -# echo bluecherry bluecherry/db_userhost string $BLUECHERRY_DB_ACCESS_HOST; \ -# echo bluecherry bluecherry/db_name string $BLUECHERRY_DB_NAME; \ -# echo bluecherry bluecherry/db_user string $BLUECHERRY_DB_USER; \ -# echo bluecherry bluecherry/db_password password $BLUECHERRY_DB_PASSWORD; \ -# } | debconf-set-selections \ -# && export host=mysql \ -# && export host=$BLUECHERRY_DB_HOST \ -# && dpkg -i /tmp/bluecherry_3.1.0-rc8_amd64.deb - -RUN apt install -y php-curl php-gd - RUN { \ echo bluecherry bluecherry/mysql_admin_login string $MYSQL_ADMIN_LOGIN; \ echo bluecherry bluecherry/mysql_admin_password password $MYSQL_ADMIN_PASSWORD; \ @@ -203,11 +143,8 @@ RUN { \ echo bluecherry bluecherry/db_user string $BLUECHERRY_DB_USER; \ echo bluecherry bluecherry/db_password password $BLUECHERRY_DB_PASSWORD; \ } | debconf-set-selections \ -# && export DB_HOST="mysql" \ -# && export HOST=mysql \ -&& dpkg -i /tmp/bluecherry_3.1.0-rc8_amd64.deb - - + && export host=$BLUECHERRY_DB_HOST \ + && apt install -y --no-install-recommends ./bluecherry-apps/releases/bluecherry_*.deb # Cleanup tasks RUN apt-get clean \ @@ -218,8 +155,8 @@ RUN apt-get clean \ # bluecherry installer scripts interact with the database. However, once the # image is created, we expect it to receive all of the settings/credentials # from environment variables passed in by docker or docker-compose. -#RUN rm -f /root/.my.cnf \ -RUN rm -f /etc/bluecherry.conf +RUN rm -f /root/.my.cnf \ + && rm -f /etc/bluecherry.conf # When running rsyslog in a container, we need to disable imklog # since the in-container process won't be allowed access to it. @@ -232,7 +169,7 @@ RUN /usr/sbin/groupadd -rf \ --comment "Bluecherry DVR" \ --home-dir=/var/lib/bluecherry \ --gid=$BLUECHERRY_LINUX_GROUP_NAME \ - --groups=audio,video,render \ + --groups=audio,video \ --uid=$BLUECHERRY_LINUX_USER_ID \ $BLUECHERRY_LINUX_USER_NAME \ || echo "bluecherry user already exists" @@ -242,38 +179,6 @@ RUN mkdir /recordings \ EXPOSE 7001/tcp 7002/tcp -# This is the main script that runs as process ID 1 in the docker container -#COPY server/entrypoint.sh /entrypoint.sh - -# These scripts are wrappers used to manage the bluecherry database. They are -# necessary because the bluecherry installer usually sets up the database, but -# with a pre-built docker image the installer isn't run (so these actions have -# to be done manually as needed from the docker container... example usage -# from the docker host looks like: -# -# --- CREATE: sudo docker-compose run bluecherry bc-database-create -# --- UPGRADE: sudo docker-compose run bluecherry bc-database-upgrade -#COPY server/bc-database-create.sh /bin/bc-database-create -#COPY server/bc-database-upgrade.sh /bin/bc-database-upgrade - -# This copies in a modified rsyslog config, which tells rsyslog to route -# bluecherry logs to both /var/log/bluecherry.log (within the container) and -# also to the STDOUT of container process with PID 1, which then allows the -# logs to be received by the docker engine (and read via `docker logs` , etc.) -#COPY server/bc-rsyslog.conf /etc/rsyslog.d/10-bluecherry.conf - - - - -#ARG BLUECHERRY_GIT_BRANCH_TAG=v3.0.4 - -#FROM os_dev_environment as bluecherry_build_cleaned -ENV DEBIAN_FRONTEND=noninteractive -WORKDIR /root - -RUN rm -rf /usr/src/linux-headers-* - - # This is the main script that runs as process ID 1 in the docker container COPY entrypoint.sh /entrypoint.sh @@ -292,7 +197,6 @@ COPY bc-database-upgrade.sh /bin/bc-database-upgrade # bluecherry logs to both /var/log/bluecherry.log (within the container) and # also to the STDOUT of container process with PID 1, which then allows the # logs to be received by the docker engine (and read via `docker logs` , etc.) -RUN ls -ltrd /etc/rsyslog.d COPY bc-rsyslog.conf /etc/rsyslog.d/10-bluecherry.conf # Make the previously copied scripts executable @@ -300,4 +204,14 @@ RUN chmod +x /entrypoint.sh \ && chmod +x /bin/bc-database-create \ && chmod +x /bin/bc-database-upgrade +# Delete the default nginx config, we don't need it. +RUN rm /etc/nginx/sites-enabled/default + +RUN chown bluecherry.bluecherry -R /var/lib/bluecherry +#CMD rm -f /var/run/rsyslogd.pid +#CMD ["/usr/sbin/rsyslogd", "-n", "-f", "/etc/rsyslog.conf"] +#CMD service rsyslog start +CMD /usr/sbin/php-fpm7.4 -D +CMD ["/usr/sbin/nginx", "-g", "daemon off;"] CMD "/entrypoint.sh" + diff --git a/server/entrypoint.sh b/server/entrypoint.sh index 4464b877..049bb0e8 100644 --- a/server/entrypoint.sh +++ b/server/entrypoint.sh @@ -42,6 +42,7 @@ echo "> Writing /etc/bluecherry.conf" echo "> chown bluecherry:bluecherry /var/lib/bluecherry/recordings" chown bluecherry:bluecherry /var/lib/bluecherry/recordings +chown -R bluecherry:bluecherry /var/lib/bluecherry/.local/share/data/ # The bluecherry container's Dockerfile sets rsyslog to route the bluecherry @@ -50,8 +51,15 @@ chown bluecherry:bluecherry /var/lib/bluecherry/recordings # the location permissions have to be reset on every start of the container: chmod 777 /proc/self/fd/1 +# Hack to fix race condition where rsyslog starts too soon and throws errors +# https://github.com/bluecherrydvr/bluecherry-docker/issues/26 + +# sleep for 5 for good measure +sleep 5 echo "> /usr/sbin/rsyslogd" +# rm rsyslog.pid to prevent respawning +rm -f /run/rsyslogd.pid /usr/sbin/rsyslogd status=$? if [ $status -ne 0 ]; then @@ -59,57 +67,19 @@ if [ $status -ne 0 ]; then exit $status fi -entrypoint_log() { - if [ -z "${NGINX_ENTRYPOINT_QUIET_LOGS:-}" ]; then - echo "$@" - fi -} - -if [ "$1" = "nginx" ] || [ "$1" = "nginx-debug" ]; then - if /usr/bin/find "/docker-entrypoint.d/" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then - entrypoint_log "$0: /docker-entrypoint.d/ is not empty, will attempt to perform configuration" - - entrypoint_log "$0: Looking for shell scripts in /docker-entrypoint.d/" - find "/docker-entrypoint.d/" -follow -type f -print | sort -V | while read -r f; do - case "$f" in - *.envsh) - if [ -x "$f" ]; then - entrypoint_log "$0: Sourcing $f"; - . "$f" - else - # warn on shell scripts without exec bit - entrypoint_log "$0: Ignoring $f, not executable"; - fi - ;; - *.sh) - if [ -x "$f" ]; then - entrypoint_log "$0: Launching $f"; - "$f" - else - # warn on shell scripts without exec bit - entrypoint_log "$0: Ignoring $f, not executable"; - fi - ;; - *) entrypoint_log "$0: Ignoring $f";; - esac - done - - entrypoint_log "$0: Configuration complete; ready for start up" - else - entrypoint_log "$0: No files found in /docker-entrypoint.d/, skipping configuration" - fi -fi - exec "$@" -#echo "> /usr/sbin/nginx" +/etc/init.d/php7.4-fpm start + + +echo "> /usr/sbin/nginx" #source /etc/apache2/envvars -#/usr/sbin/apache2 -#status=$? -#if [ $status -ne 0 ]; then -# echo "Failed to start apache2 web server: $status" -# exit $status -#fi +/usr/sbin/nginx +status=$? +if [ $status -ne 0 ]; then + echo "Failed to start nginx web server: $status" + exit $status +fi echo "> /usr/sbin/bc-server -u bluecherry -g bluecherry"