Refactor deployment logic to stop service before editing in entrypoint script

Dockerfile

@@ -20,4 +20,4 @@ COPY scripts/scheduler/*.sh /scripts/
 RUN find ./scripts -name "*.sh" | xargs dos2unix
 RUN ["chmod", "+x", "-R", "/scripts/"]
 
-ENTRYPOINT ["/scripts/entrypoint.sh"]
+CMD /scripts/entrypoint.sh

scripts/scheduler/entrypoint.sh

@@ -111,8 +111,6 @@ create_htpasswd_file() {
     fi
 }
 
-install -m 664 -g 65534 /dev/null
-
 deploy_additionals() {
 
     local DIR="$1"
@@ -160,14 +158,80 @@ remove_additionals() {
 
     debug "UNINSTALL: $NAME"
 
+    # delete firewall rules
+    FIREWALLS=""
+    FIREWALLS="$(ls $SERVICE_DIR/firewall-*.json | grep $NAME)"
+    for FIREWALL in $(echo $FIREWALLS); do
+        cat $FIREWALL | jq '.containers[] |= (
+        if (.ENVS | map(has("OPERATION")) | any) then
+            # If any entry has OPERATION key, update it
+            .ENVS = [.ENVS[] | if has("OPERATION") then {"OPERATION": "DELETE"} else . end]
+        else
+            # If no entry has OPERATION key, add new entry
+            .ENVS += [{"OPERATION": "DELETE"}]
+        end
+        )' >$FIREWALL.tmp
+        debug "$service_exec $FIREWALL.tmp start info"
+        $service_exec $FIREWALL.tmp start info
+        rm $FIREWALL.tmp
+    done
+
+    # delete domains
+    DOMMAINS=""
+    DOMAINS="$(ls $SERVICE_DIR/domain-*.json | grep $NAME)"
+    for DOMAIN in $(echo $DOMAINS); do
+        cat $DOMAIN | jq '.containers[] |= (
+        if (.ENVS | map(has("OPERATION")) | any) then
+            # If any entry has OPERATION key, update it
+            .ENVS = [.ENVS[] | if has("OPERATION") then {"OPERATION": "DELETE"} else . end]
+        else
+            # If no entry has OPERATION key, add new entry
+            .ENVS += [{"OPERATION": "DELETE"}]
+        end
+        )' >$DOMAIN.tmp
+        debug "$service_exec $DOMAIN.tmp start info"
+        $service_exec $DOMAIN.tmp start info
+        rm $DOMAIN.tmp
+    done
+
+    # remove related directories and files
+    # get volume destinations
+    DESTINATIONS=""
+    VOLUMES=""
+    DESTINATIONS=$(cat $SERVICE_DIR/service-$NAME.json | jq -r '[.containers[] | select(has("VOLUMES")) | .VOLUMES[] | select(.SHARED != "true") | .SOURCE] | unique[]' | grep $NAME)
+    for DESTINATION in $(echo $DESTINATIONS); do
+        if [ -d "$DESTINATION" ] || [ -f "$DESTINATION" ]; then
+            rm -rf $DESTINATION
+            debug "deleted directory or file: $DESTINATION"
+        fi
+    done
+
+    ENV_FILES=$(cat $SERVICE_DIR/service-$NAME.json | jq -r '[.containers[] | select(has("ENV_FILES")) | .ENV_FILES[]] | unique[]')
+    for ENV_FILE in $(echo $ENV_FILES); do
+        if [ -f "$ENV_FILE" ]; then
+            rm -rf $ENV_FILE
+            debug "deleted enviroment file: $ENV_FILE"
+        fi
+    done
+
+    VOLUMES=$(cat $SERVICE_DIR/service-$NAME.json | jq -r '[.containers[] | select(has("VOLUMES")) | .VOLUMES[] | select(.SHARED != "true") | .SOURCE] | unique[]' | grep -vE 'USER|SYSTEM')
+
     # stop service
     # force - remove stopped container, docker rm
     debug "$service_exec service-$NAME.json stop force dns-remove"
     $service_exec service-$NAME.json stop force dns-remove
 
+    for VOLUME in $(echo $VOLUMES | grep -vE 'USER|SYSTEM|SHARED'); do
+        if [ "$(echo $VOLUME | cut -d '/' -f1)" ]; then
+            docker volume rm $VOLUME
+            debug "deleted volume: $VOLUME"
+
+        fi
+    done
+
     # remove service files
     rm $SERVICE_DIR/*"-"$NAME.json # service, domain, etc.
-    rm $SECRET_DIR/$NAME/$NAME.json
+
 }
 
 get_repositories() {
@@ -182,10 +246,10 @@ get_repositories() {
 
         BASE=$(basename $REPO | cut -d '.' -f1)
         if [ ! -d "/tmp/$BASE" ]; then
-            git clone $REPO /tmp/$BASE >/dev/null
+            GIT_HTTP_CONNECT_TIMEOUT=10 GIT_HTTP_TIMEOUT=30 git clone $REPO /tmp/$BASE >/dev/null
         else
             cd /tmp/$BASE
-            git pull >/dev/null
+            GIT_HTTP_CONNECT_TIMEOUT=10 GIT_HTTP_TIMEOUT=30 git pull >/dev/null
         fi
         if [ -f "/tmp/$BASE/applications-tree.json" ]; then
             TREES=$TREES" /tmp/$BASE/applications-tree.json"
@@ -550,16 +614,19 @@ upgrade() {
 
     if [ "$NAME" == "web-installer" ]; then
 
-        debug "$service_exec service-framework-scheduler.containers.webserver start info"
-        $service_exec service-framework-scheduler.containers.webserver stop force
-        $service_exec service-framework-scheduler.containers.webserver start info &
+        debug "$service_exec service-framework.containers.webserver stop force"
+        $service_exec service-framework.containers.webserver stop force
+        debug "$service_exec service-framework.containers.webserver start info"
+        $service_exec service-framework.containers.webserver start info &
 
     else
 
-        debug "$service_exec $NAME.json start info"
+        debug "$service_exec $NAME.json stop force"
         $service_exec $NAME.json stop force
+        debug "$service_exec $NAME.json start info"
         $service_exec $NAME.json start info &
     fi
+    PID=$!
 }
 
 execute_task() {
@@ -594,7 +661,7 @@ execute_task() {
         #fi;
         JSON_TARGET=$(echo '{ "DATE": "'$DATE'", "INSTALL_STATUS": "'$INSTALL_STATUS'" }' | jq -r . | base64 -w0)
 
-    elif [ "$TASK_NAME" == "letsencrypt" ]; then
+    elif [ "$TASK_NAME" == "request_letsencrypt" ]; then
         DOMAINS=$(echo $B64_JSON | base64 -d | jq -r 'keys[]')
         for DOMAIN in $(echo $DOMAINS); do
             REQUEST=$(echo $B64_JSON | base64 -d | jq -r ".[\"$DOMAIN\"].status")
@@ -604,6 +671,7 @@ execute_task() {
                 touch /etc/system/data/ssl/keys/$DOMAIN/new_certificate
             fi
         done
+        JSON_TARGET=$B64_JSON
 
     elif [ "$TASK_NAME" == "system" ]; then
         #SYSTEM_LIST="core-dns.json cron.json domain-local-backend.json firewall-letsencrypt.json firewall-local-backend.json firewall-localloadbalancer-dns.json firewall-localloadbalancer-to-smarthostbackend.json firewall-smarthost-backend-dns.json firewall-smarthost-loadbalancer-dns.json firewall-smarthost-to-backend.json firewall-smarthostloadbalancer-from-publicbackend.json letsencrypt.json local-backend.json local-proxy.json service-framework.json smarthost-proxy-scheduler.json smarthost-proxy.json"
@@ -735,12 +803,13 @@ execute_task() {
             for APP in $APPS; do
                 APP_NAME=$(echo "$APP" | jq -r '.name')
                 APP_VERSION=$(echo "$APP" | jq -r '.version')
+                APP_ICON=$(echo "$APP" | jq -r '.icon')
                 if [ "$DEPLOYMENTS" != "" ]; then
                     SEP=","
                 else
                     SEP=""
                 fi
-                DEPLOYMENTS=$DEPLOYMENTS$SEP'"'$APP_NAME'": "'$APP_VERSION'"'
+                DEPLOYMENTS=$DEPLOYMENTS$SEP'"'$APP_NAME'": {"version": "'$APP_VERSION'", "icon": "'$APP_ICON'"}'
             done
         done
         if [ "$DEPLOYMENTS" == "" ]; then
@@ -830,6 +899,18 @@ execute_task() {
                         DEPLOY_PAYLOAD=$(echo "$JSON" | jq -r .PAYLOAD) # base64 list of key-value pairs in JSON
                         deploy_additionals "$APP_DIR" "$DEPLOY_NAME" "$DEPLOY_PAYLOAD"
                         sh /scripts/check_pid.sh "$PID" "$SHARED" "deploy-$DEPLOY_NAME" "$DATE" "$DEBUG" &
+
+                    elif [ "$DEPLOY_ACTION" == "edit" ]; then
+
+                        DEPLOY_PAYLOAD=$(echo "$JSON" | jq -r .PAYLOAD) # base64 list of key-value pairs in JSON
+
+                        # stop service before edit
+                        debug "$service_exec service-$DEPLOY_NAME.json stop force"
+                        $service_exec service-$DEPLOY_NAME.json stop force
+
+                        deploy_additionals "$APP_DIR" "$DEPLOY_NAME" "$DEPLOY_PAYLOAD"
+                        sh /scripts/check_pid.sh "$PID" "$SHARED" "deploy-$DEPLOY_NAME" "$DATE" "$DEBUG" &
+
                     elif [ "$DEPLOY_ACTION" == "uninstall" ]; then
                         remove_additionals "$APP_DIR" "$DEPLOY_NAME"
                         # uninstall has finished
@@ -903,15 +984,20 @@ execute_task() {
         CONTAINERS=$(docker ps -a --format '{{.Names}} {{.Status}}' | grep -v framework-scheduler)
         RESULT=$(echo "$CONTAINERS" | base64 -w0)
         JSON_TARGET=$(echo '{ "DATE": "'$DATE'", "RESULT": "'$RESULT'" }' | jq -r . | base64 -w0)
+
     elif [ "$TASK_NAME" == "upgrade" ]; then
         JSON="$(echo $B64_JSON | base64 -d)"
         NAME=$(echo "$JSON" | jq -r .NAME | awk '{print tolower($0)}')
         if [ "$NAME" == "framework" ]; then
-            upgrade_scheduler
             upgrade "web-installer"
+            upgrade_scheduler
+            #CONTAINERS=$(docker ps -a --format '{{.Names}} {{.Status}}' | grep -E 'framework-scheduler|webserver')
         else
             upgrade "$NAME"
+            #CONTAINERS=$(docker ps -a --format '{{.Names}} {{.Status}}' | grep -w "$NAME")
         fi
+        #RESULT=$(echo "$CONTAINERS" | base64 -w0)
+        sh /scripts/check_pid.sh "$PID" "$SHARED" "$TASK_NAME-$NAME" "$DATE" "$DEBUG" &
     fi
 
     if [ "$TASK_NAME" != "check_vpn" ]; then