Merge pull request #783 from martialblog/refactor-entrypoint

Refactor Docker entrypoint

README.md

@@ -193,17 +193,35 @@ These are the steps to start Mailtrain via docker-compose:
     docker-compose up
     ```
 
-    You can specify Mailtrain's URL bases via the `MAILTRAIN_SETTINGS` environment variable as follows. The `--withProxy` parameter is to be used when Mailtrain is put behind a reverse proxy.
-    ```
-    MAILTRAIN_SETTINGS="--trustedUrlBase https://mailtrain.example.com --sandboxUrlBase https://sbox.mailtrain.example.com --publicUrlBase https://lists.example.com --withProxy" docker-compose up
-    ```
-
 3. Open the trusted endpoint http://localhost:3000
 
 4. Authenticate as `admin`:`test`
 
 The instructions above use an automatically built Docker image on DockerHub (https://hub.docker.com/r/mailtrain/mailtrain). If you want to build the Docker image yourself (e.g. when doing development), use the `docker-compose-local.yml` located in the project's root directory.
 
+### Docker Environment Variables
+
+| Parameter        | Description |
+| ---------        | ----------- |
+| URL_BASE_TRUSTED | sets the trusted url of the instance (default: http://localhost:3000) |
+| URL_BASE_SANDBOX | sets the sandbox url of the instance (default: http://localhost:3003) |
+| URL_BASE_SANDBOX | sets the public url of the instance (default: http://localhost:3004)  |
+| WITH_PROXY       | use if Mailtrain is behind an http reverse proxy                      |
+| MONGO_HOST       | sets mongo host (default: mongo)                                      |
+| REDIS_HOST       | sets redis host (default: redis)                                      |
+| MYSQL_HOST       | sets mysql host (default: mysql)                                      |
+| MYSQL_HOST       | sets mysql database (default: mailtrain)                              |
+| MYSQL_USER       | sets mysql user (default: mailtrain)                                  |
+| MYSQL_PASSWORT   | sets mysql password (default: mailtrain)                              |
+| WITH_LDAP        | use if you want to enable LDAP authentication                         |
+| LDAP_HOST        | LDAP Host for authentication (default: ldap)                          |
+| LDAP_PORT        | LDAP port (default: 389)                                              |
+| LDAP_SECURE      | use if you want to use LDAP with ldaps protocol                       |
+| LDAP_BIND_USER   | User for LDAP connexion                                               |
+| LDAP_BIND_PASS   | Password for LDAP connexion                                           |
+| LDAP_FILTER      | LDAP filter                                                           |
+| LDAP_BASEDN      | LDAP base DN                                                          |
+| LDAP_UIDTAG      | LDAP UID tag (e.g. uid/cn/username)                                   |
 
 ## License
 

docker-compose-local.yml

@@ -23,7 +23,6 @@ services:
 
   mailtrain:
     build: .
-    command: ${MAILTRAIN_SETTINGS}
     ports:
     - "3000:3000"
     - "3003:3003"

docker-compose.yml

@@ -23,7 +23,6 @@ services:
 
   mailtrain:
     image: mailtrain/mailtrain:latest
-    command: ${MAILTRAIN_SETTINGS}
     ports:
     - "3000:3000"
     - "3003:3003"

docker-entrypoint.sh

@@ -1,223 +1,120 @@
 #!/bin/bash
+# Entrypoint for Docker Container
+
 set -e
 
-function printHelp {
+URL_BASE_TRUSTED=${URL_BASE_TRUSTED:-'http://localhost:3000'}
-    cat <<EOF
+URL_BASE_SANDBOX=${URL_BASE_SANDBOX:-'http://localhost:3003'}
-
+URL_BASE_PUBLIC=${URL_BASE_PUBLIC:-'http://localhost:3004'}
-Optional parameters:
+WWW_PROXY=${WWW_PROXY:-'false'}
-  --trustedUrlBase XXX  - sets the trusted url of the instance (default: http://localhost:3000)
+WITH_LDAP=${WITH_LDAP:-'false'}
-  --sandboxUrlBase XXX  - sets the sandbox url of the instance (default: http://localhost:3003)
+LDAP_HOST=${LDAP_HOST:-'ldap'}
-  --publicUrlBase XXX   - sets the public url of the instance (default: http://localhost:3004)
+LDAP_PORT=${LDAP_PORT:-'389'}
-  --withProxy           - use if Mailtrain is behind an http reverse proxy
+LDAP_SECURE=${LDAP_SECURE:-'false'}
-  --mongoHost XXX       - sets mongo host (default: mongo)
+LDAP_BIND_USER=${LDAP_BIND_USER:-}
-  --redisHost XXX       - sets redis host (default: redis)
+LDAP_BIND_PASS=${LDAP_BIND_PASS:-}
-  --mySqlHost XXX       - sets mysql host (default: mysql)
+LDAP_FILTER=${LDAP_FILTER:-}
-  --mySqlDatabase XXX   - sets mysql database (default: mailtrain)
+LDAP_BASEDN=${LDAP_BASEDN:-}
-  --mySqlUser XXX       - sets mysql user (default: mailtrain)
+LDAP_UIDTAG=${LDAP_UIDTAG:-}
-  --mySqlPassword XXX   - sets mysql password (default: mailtrain)
+MONGO_HOST=${MONG_HOST:-'mongo'}
-  --withLdap            - use if you want to enable LDAP authentication
+REDIS_HOST=${REDIS_HOST:-'redis'}
-  --ldapHost XXX        - LDAP Host for authentication (default: ldap)
+MYSQL_HOST=${MYSQL_HOST:-'mysql'}
-  --ldapPort XXX        - LDAP port (default: 389)
+MYSQL_DATABASE=${MYSQL_DATABASE:-'mailtrain'}
-  --ldapSecure          - use if you want to use LDAP with ldaps protocol
+MYSQL_USER=${MYSQL_USER:-'mailtrain'}
-  --ldapBindUser XXX    - User for LDAP connexion
+MYSQL_PASSWORD=${MYSQL_PASSWORD=:-'mailtrain'}
-  --ldapBindPass XXX    - Password for LDAP connexion
-  --ldapFilter XXX      - LDAP filter
-  --ldapBaseDN XXX      - LDAP base DN
-  --ldapUidTag XXX      - LDAP UID tag (e.g. uid/cn/username)
-EOF
 
+# Warning for users that already rely on the MAILTRAIN_SETTING variable
+# Can probably be removed in the future.
+MAILTRAIN_SETTING=${MAILTRAIN_SETTINGS:-}
+if [ ! -z "$MAILTRAIN_SETTING" ]; then
+    echo 'Error: MAILTRAIN_SETTINGS is no longer supported. See README'
     exit 1
-}
-
-
-urlBaseTrusted=http://localhost:3000
-urlBaseSandbox=http://localhost:3003
-urlBasePublic=http://localhost:3004
-wwwProxy=false
-withLdap=false
-ldapHost=ldap
-ldapPort=389
-ldapSecure=false
-ldapBindUser=""
-ldapBindPass=""
-ldapFilter=""
-ldapBaseDN=""
-ldapUidTag=""
-mongoHost=mongo
-redisHost=redis
-mySqlHost=mysql
-mySqlDatabase=mailtrain
-mySqlUser=mailtrain
-mySqlPassword=mailtrain
-
-while [ $# -gt 0 ]; do
-    case "$1" in
-        --help)
-            printHelp
-            ;;
-        --trustedUrlBase)
-            urlBaseTrusted="$2"
-            shift 2
-            ;;
-        --sandboxUrlBase)
-            urlBaseSandbox="$2"
-            shift 2
-            ;;
-        --publicUrlBase)
-            urlBasePublic="$2"
-            shift 2
-            ;;
-        --withProxy)
-            wwwProxy=true
-            shift 1
-            ;;
-        --mongoHost)
-            mongoHost="$2"
-            shift 2
-            ;;
-        --redisHost)
-            redisHost="$2"
-            shift 2
-            ;;
-        --mySqlHost)
-            mySqlHost="$2"
-            shift 2
-            ;;
-        --mySqlDatabase)
-            mySqlDatabase="$2"
-            shift 2
-            ;;
-        --mySqlUser)
-            mySqlUser="$2"
-            shift 2
-            ;;
-        --mySqlPassword)
-            mySqlPassword="$2"
-            shift 2
-            ;;
-        --withLdap)
-            withLdap=true
-            shift 1
-            ;;
-        --ldapHost)
-            ldapHost="$2"
-            shift 2
-            ;;
-        --ldapPort)
-            ldapPort="$2"
-            shift 2
-            ;;
-        --ldapSecure)
-            ldapSecure=true
-            shift 1
-            ;;
-        --ldapBindUser)
-            ldapBindUser="$2"
-            shift 2
-            ;;
-        --ldapBindPass)
-            ldapBindPass="$2"
-            shift 2
-            ;;
-        --ldapFilter)
-            ldapFilter="$2"
-            shift 2
-            ;;
-        --ldapBaseDN)
-            ldapBaseDN="$2"
-            shift 2
-            ;;
-        --ldapUidTag)
-            ldapUidTag="$2"
-            shift 2
-            ;;
-        *)
-            echo "Error: unrecognized option $1."
-            printHelp
-    esac
-done
-
-if [ "$ldapBindUser" == "" ]; then
-  ldapBindUserLine=""
-else
-  ldapBindUserLine="bindUser: $ldapBindUser"
-fi
-if [ "$ldapBindPass" == "" ]; then
-  ldapBindPassLine=""
-else
-  ldapBindPassLine="bindPassword: $ldapBindPass"
-fi
-if [ "$ldapFilter" == "" ]; then
-  ldapFilterLine=""
-else
-  ldapFilterLine="filter: $ldapFilter"
-fi
-if [ "$ldapBaseDN" == "" ]; then
-  ldapBaseDNLine=""
-else
-  ldapBaseDNLine="baseDN: $ldapBaseDN"
-fi
-if [ "$ldapUidTag" == "" ]; then
-  ldapUidTagLine=""
-else
-  ldapUidTagLine="uidTag: $ldapUidTag"
 fi
 
-cat > server/config/production.yaml <<EOT
+if [ -f application/config/config.php ]; then
-www:
+    echo 'Info: application/production.yaml already provisioned'
-  host: 0.0.0.0
+else
-  proxy: $wwwProxy
+    echo 'Info: Generating application/production.yaml'
-  secret: "`pwgen -1`"
-  trustedUrlBase: $urlBaseTrusted
-  sandboxUrlBase: $urlBaseSandbox
-  publicUrlBase: $urlBasePublic
 
-mysql:
+    # Basic configuration
-  host: $mySqlHost
+    cat > server/config/production.yaml <<EOT
-  database: $mySqlDatabase
+    www:
-  user: $mySqlUser
+      host: 0.0.0.0
-  password: $mySqlPassword
+      proxy: $WWW_PROXY
+      secret: "`pwgen -1`"
+      trustedUrlBase: $URL_BASE_TRUSTED
+      sandboxUrlBase: $URL_BASE_SANDBOX
+      publicUrlBase: $URL_BASE_PUBLIC
 
-redis:
+    mysql:
-  enabled: true
+      host: $MYSQL_HOST
-  host: $redisHost
+      database: $MYSQL_DATABASE
+      user: $MYSQL_USER
+      password: $MYSQL_PASSWORD
 
-log:
+    redis:
-  level: info
+      enabled: true
+      host: $REDIS_HOST
 
-builtinZoneMTA:
+    log:
-  log:
+      level: info
-    level: warn
-  mongo: mongodb://${mongoHost}:27017/zone-mta
-  redis: redis://${redisHost}:6379/2
 
-queue:
+    builtinZoneMTA:
-  processes: 5
+      log:
+        level: warn
+      mongo: mongodb://${MONGO_HOST}:27017/zone-mta
+      redis: redis://${REDIS_HOST}:6379/2
 
-ldap:
+    queue:
-  enabled: $withLdap
+      processes: 5
-  host: $ldapHost
-  port: $ldapPort
-  secure: $ldapSecure
-  $ldapBindUserLine
-  $ldapBindPassLine
-  $ldapFilterLine
-  $ldapBaseDNLine
-  $ldapUidTagLine
 EOT
 
-cat > server/services/workers/reports/config/production.yaml <<EOT
+    # Manage LDAP if enabled
-mysql:
+    if [ "$WITH_LDAP" = "true" ]; then
-  host: $mySqlHost
+        echo 'Info: LDAP enabled'
-log:
+    cat >> server/config/production.yaml <<EOT
-  level: warn
+    ldap:
+      enabled: true
+      host: $LDAP_HOST
+      port: $LDAP_PORT
+      secure: $LDAP_SECURE
+      bindUser: $LDAP_BIND_USER
+      bindPasswort: $LDAP_BIND_PASS
+      filter: $LDAP_FILTER
+      baseDN: $LDAP_BASEDN
+      uidTag: $LDAP_UIDTAG
 EOT
+    else
+        echo 'Info: LDAP not enabled'
+    cat >> server/config/production.yaml <<EOT
+    ldap:
+      enabled: false
+EOT
+    fi
+
+fi
+
+if [ -f server/services/workers/reports/config/production.yaml ]; then
+    echo 'Info: server/production.yaml already provisioned'
+else
+    echo 'Info: Generating server/production.yaml'
+    cat > server/services/workers/reports/config/production.yaml <<EOT
+    mysql:
+      host: $MYSQL_HOST
+    log:
+      level: warn
+EOT
+fi
 
 # Wait for the other services to start
-while ! nc -z $mySqlHost 3306; do sleep 1; done
+echo 'Info: Waiting for MySQL Server'
-while ! nc -z $redisHost 6379; do sleep 1; done
+while ! nc -z $MYSQL_HOST 3306; do sleep 1; done
-while ! nc -z $mongoHost 27017; do sleep 1; done
+
+echo 'Info: Waiting for Redis Server'
+while ! nc -z $REDIS_HOST 6379; do sleep 1; done
+
+echo 'Info: Waiting for MongoDB Server'
+while ! nc -z $MONGO_HOST 27017; do sleep 1; done
 
 cd server
 NODE_ENV=production node index.js
-