safebox/framework-scheduler
7
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 16 Wiki Activity

Compare commits

base: safebox:1.0.9
Branches Tags
safebox:main
safebox:1.1.5 safebox:1.1.4 safebox:1.1.3 safebox:1.1.2 safebox:1.1.1 safebox:1.1.0 safebox:1.0.9 safebox:1.0.8 safebox:1.0.7 safebox:1.0.6 safebox:1.0.5 safebox:1.0.4 safebox:1.0.3 safebox:1.0.2 safebox:1.0.1 safebox:latest
..
compare: safebox:c2a1fbd9d8e1227428c69bfb124cfdc047e534c3
Branches Tags
safebox:main
safebox:1.1.5 safebox:1.1.4 safebox:1.1.3 safebox:1.1.2 safebox:1.1.1 safebox:1.1.0 safebox:1.0.9 safebox:1.0.8 safebox:1.0.7 safebox:1.0.6 safebox:1.0.5 safebox:1.0.4 safebox:1.0.3 safebox:1.0.2 safebox:1.0.1 safebox:latest

5 Commits
1.0.9 ... c2a1fbd9d8

Author SHA1 Message Date
gyurix
c2a1fbd9d8 Set default SSH port and user credentials in backup client function
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-08-06 10:49:02 +02:00
gyurix
d43536b67b Enhance backup server configuration by adding default SSH credentials and updating directory structure for backups
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-08-06 10:18:48 +02:00
gyurix
da5521295d Refactor entrypoint script to set installed version number and add debug mode handling for input directory
All checks were successful
continuous-integration/drone/push Build is passing
Details
2025-07-31 11:45:19 +02:00
gyurix
e39e1033c6 Add versioning output to entrypoint script and simplify JSON handling
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/tag Build is passing
Details
2025-07-29 14:25:48 +02:00
gyurix
ec9d4c6e4f Add backup server configuration and versioning to entrypoint script
All checks were successful
continuous-integration/drone/push Build is passing
Details
continuous-integration/drone/tag Build is passing
Details
2025-07-29 13:51:05 +02:00
1 changed files with 192 additions and 28 deletions
Expand all files Collapse all files

220
scripts/scheduler/entrypoint.sh
View File

@@ -2,6 +2,7 @@
cd /scripts cd /scripts
DEBUG_MODE=${DEBUG_MODE:-false} DEBUG_MODE=${DEBUG_MODE:-false}
VERSION=1.1.0
#DOCKER_REGISTRY_URL=${DOCKER_REGISTRY_URL:-registry.format.hu} #DOCKER_REGISTRY_URL=${DOCKER_REGISTRY_URL:-registry.format.hu}
DOCKER_REGISTRY_URL=${DOCKER_REGISTRY_URL:-safebox} DOCKER_REGISTRY_URL=${DOCKER_REGISTRY_URL:-safebox}
@@ -109,22 +110,166 @@ backup_query_state() {
} }
generate_backup_server_secrets () {
echo '{
"backupserver":{
"SSH_USER":"'$SSH_USER'",
"SSH_PORT":"'$SSH_PORT'",
"SSH_PASSWORD":"'$SSH_PASSWORD'",
"PASSWORD":"'$PASSWORD'",
"PERIOD":"'$PERIOD'",
"COMPRESSION":"'$COMPRESSION'",
"DIRECTORIES":"'$DIRECTORIES'",
"SERVICES":"'$SERVICES'",
"BACKUP_LOCAL_CLIENTS":"'$BACKUP_LOCAL_CLIENTS'",
"BACKUP_VPN_CLIENTS":"'$BACKUP_VPN_CLIENTS'"
}
}' | jq -r . > /etc/user/secret/backup/server/backup.json
}
create_backup_service () {
ADDITIONAL=""
ADDITIONAL='"EXTRA":"--rm","PRE_START":[],"DEPEND": [],"CMD":""'
BACKUP_SERVER='{
"main": {
"SERVICE_NAME": "backup-server"
},
"containers": [
{
"IMAGE": "alpine:latest",
"NAME": "backup-init",
"NETWORK": "host",
"UPDATE": "true",
"MEMORY": "64M",
"EXTRA": "--rm",
"VOLUMES":[
{
"SOURCE": "USER_DATA",
"DEST": "/etc/user/data/",
"TYPE": "rw"
}
],
"ENTRYPOINT": "sh -c",
"CMD": "mkdir -p /etc/user/data/backup/server/ssh",
"POST_START": []
},
{
"IMAGE": "safebox/backup-server:latest",
"NAME": "backupserver",
"NETWORK": "'$NETWORK'",
"UPDATE": "true",
"MEMORY": "64M",
"VOLUMES":[
{
"SOURCE": "USER_DATA",
"DEST": "/etc/user/data/",
"TYPE": "ro"
},
{
"SOURCE": "USER_CONFIG",
"DEST": "/etc/user/config/",
"TYPE": "ro"
},
{
"SOURCE": "USER_SECRET",
"DEST": "/etc/user/secret/",
"TYPE": "ro"
},
{
"SOURCE": "/etc/user/data/backup/server/ssh",
"DEST": "/home/'$SSH_USER'/",
"TYPE": "rw"
}
],
"ENV_FILES":["/etc/user/secret/backup/server/backup.json"],
'$ADDITIONAL',
"POST_START": []
}
]
}'
# create backup server secrets from variables
generate_backup_server_secrets
}
backup_set_service() { backup_set_service() {
echo "backup_set_service"
local PASSWORD="$1"
local PERIOD="$2"
local COMPRESSION="$3"
local PLANNED_TIME="$(echo "$4" | base64 -d)"
local DIRECTRIES="$5"
local SERVICES="$6"
local BACKUP_LOCAL_CLIENTS="$7"
local BACKUP_VPN_CLIENTS="$8"
local VPN="$9"
local SSH_PORT="${10:-20022}"
local SSH_USER="${11:-"backup"}"
local SSH_PASSWORD="${12:-"backup"}"
local OPERATION="${13}"
if [ "$OPERATION" == "DELETE" ]; then
sed -i '/service-backup/d' /etc/user/data/cron/crontab.txt
# delete service
rm -f /etc/user/config/services/service-backup-server*
rm -rf /etc/user/data/backup/server
rm -rf /etc/user/secret/backup/server
debug "Service backup server service deleted."
elif [ "$OPERATION" == "MODIFY" ]; then
# modify only secrets for backup server, it will be affected at the next cron job
generate_backup_server_secrets
else
if [ -z "$SSH_PORT" ] ; then
SSH_PORT=20022
fi
if [ "$VPN" == "true" ]; then
NETWORK=$VPN_NETWORK
create_backup_service
else
NETWORK="host"
create_backup_service
fi
fi
if [ -n "$PLANNED_TIME" ]; then
if [ "$VPN" == "true" ]; then
if [ -n "$BACKUP_SERVER" ] ; then
echo "$BACKUP_SERVER" | jq -r . >/etc/user/config/services/service-backup-server-vpn.json
fi
echo "'$PLANNED_TIME' service service-backup-server-vpn" >> /etc/user/data/cron/crontab.txt
else
if [ -n "$BACKUP_SERVER" ] ; then
echo "$BACKUP_SERVER" | jq -r . >/etc/user/config/services/service-backup-server-local.json
fi
echo "'$PLANNED_TIME' service service-backup-server-local" >> /etc/user/data/cron/crontab.txt
fi
fi
} }
backup_set_client() { backup_set_client() {
NAME="$1" local NAME="$1"
SIZE="$2" local SIZE="$2"
VPN="$3" local VPN="$3"
SSH_PORT="$4" local SSH_PORT="${4:-20022}"
SSH_USER="$5" local SSH_USER="${5:-"backup"}"
SSH_PASSWORD="$6" local SSH_PASSWORD="${6:-"backup"}"
OPERATION="$7" local OPERATION="$7"
VPN_KEY="$8" local VPN_KEY="$8"
if [ "$OPERATION" == "DELETE" ]; then if [ "$OPERATION" == "DELETE" ]; then
# delete service # delete service
@@ -152,7 +297,7 @@ backup_set_client() {
fi fi
ADDITIONAL="" ADDITIONAL=""
ADDITIONAL='"EXTRA": "--label logging=promtail_user --label logging_jobname=containers --restart=always", "PRE_START": [], "DEPEND": [], "CMD": ""' ADDITIONAL='"EXTRA":"--restart=always","PRE_START":[],"DEPEND":[],"CMD": ""'
ENVS='"ENVS": [{"SSH_USER":"'$SSH_USER'"},{"SSH_PORT":"'$SSH_PORT'"},{"SSH_PASSWORD":"'$SSH_PASSWORD'"},{"VPN_CLIENT_KEY":"'$VPN_KEY'"}],' ENVS='"ENVS": [{"SSH_USER":"'$SSH_USER'"},{"SSH_PORT":"'$SSH_PORT'"},{"SSH_PASSWORD":"'$SSH_PASSWORD'"},{"VPN_CLIENT_KEY":"'$VPN_KEY'"}],'
echo '{ echo '{
@@ -163,6 +308,7 @@ backup_set_client() {
{ {
"IMAGE": "alpine:latest", "IMAGE": "alpine:latest",
"NAME": "'$NAME'-init", "NAME": "'$NAME'-init",
"NETWORK": "host",
"UPDATE": "true", "UPDATE": "true",
"MEMORY": "64M", "MEMORY": "64M",
"EXTRA": "--rm", "EXTRA": "--rm",
@@ -174,7 +320,7 @@ backup_set_client() {
} }
], ],
"ENTRYPOINT": "sh -c", "ENTRYPOINT": "sh -c",
"CMD": "mkdir -p /etc/user/data/backup/clients/'$NAME'/backup && /etc/user/data/backup/clients/'$NAME'/ssh", "CMD": "mkdir -p /etc/user/data/backup/clients/'$NAME'/backup && mkdir -p /etc/user/data/backup/clients/'$NAME'/ssh" && chmod -R '$SSH_USER':'$SSH_USER' /etc/user/data/backup/clients/'$NAME'",
"POST_START": [] "POST_START": []
}, },
{ {
@@ -1093,15 +1239,17 @@ execute_task() {
VPN_STATUS="0" VPN_STATUS="0"
VPN_RESULT="" VPN_RESULT=""
CONTAINERS=$(docker ps -a --format '{{.Names}} {{.Status}}' | grep -w wireguardproxy) if [ -f $SECRET_DIR/vpn-proxy/wg0.conf ]; then
if [ "$CONTAINERS" != "" ]; then CONTAINERS=$(docker ps -a --format '{{.Names}} {{.Status}}' | grep -w wireguardproxy)
UP=$(echo $CONTAINERS | grep -w 'Up') if [ "$CONTAINERS" != "" ]; then
if [ "$UP" != "" ]; then UP=$(echo $CONTAINERS | grep -w 'Up')
VPN_STATUS="2" if [ "$UP" != "" ]; then
else VPN_STATUS="2"
VPN_STATUS="1" else
VPN_STATUS="1"
fi
VPN_RESULT=$(echo "$CONTAINERS" | base64 -w0)
fi fi
VPN_RESULT=$(echo "$CONTAINERS" | base64 -w0)
fi fi
JSON_TARGET=$(echo '{ "DATE": "'$DATE'", "STATUS": "'$VPN_STATUS'", "RESULT": "'$VPN_RESULT'" }' | jq -r . | base64 -w0) JSON_TARGET=$(echo '{ "DATE": "'$DATE'", "STATUS": "'$VPN_STATUS'", "RESULT": "'$VPN_RESULT'" }' | jq -r . | base64 -w0)
@@ -1136,13 +1284,29 @@ execute_task() {
elif [ "$TASK_NAME" == "backup" ]; then elif [ "$TASK_NAME" == "backup" ]; then
TASK_TYPE=$(echo $B64_JSON | base64 -d | jq -r '.TASK_TYPE)') TASK_TYPE=$(echo $B64_JSON | base64 -d | jq -r '.TASK_TYPE')
if [ "$TASK_TYPE" == "backup_query_state" ]; then if [ "$TASK_TYPE" == "backup_query_state" ]; then
echo "task type is backup_query_state" echo "task type is backup_query_state"
elif [ "$TASK_TYPE" == "backup_set_service" ]; then elif [ "$TASK_TYPE" == "backup_set_service" ]; then
PASSWORD="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_SERVER_PASSWORD')"
PERIOD="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_PERIOD')"
COMPRESSION="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_COMPRESSION')"
PLANNED_TIME="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_PLANNED_TIME')"
DIRECTRIES="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_DIRECTORIES')"
SERVICES="$(echo $B64_JSON | base64 -d | jq -r '.SERVICES')"
BACKUP_LOCAL_CLIENTS="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_LOCAL_CLIENTS')"
BACKUP_VPN_CLIENTS="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_VPN_CLIENTS')"
VPN="$(echo $B64_JSON | base64 -d | jq -r '.VPN')"
SSH_PORT="$(echo $B64_JSON | base64 -d | jq -r '.SSH_PORT')"
SSH_USER="$(echo $B64_JSON | base64 -d | jq -r '.SSH_USER')"
SSH_PASSWORD="$(echo $B64_JSON | base64 -d | jq -r '.SSH_PASSWORD')"
OPERATION="$(echo $B64_JSON | base64 -d | jq -r '.OPERATION')"
echo "task type is backup_set_service" echo "task type is backup_set_service"
backup_set_service "$PASSWORD" "$PERIOD" "$COMPRESSION" "$PLANNED_TIME" "$DIRECTRIES" "$SERVICES" "$BACKUP_LOCAL_CLIENTS" "$BACKUP_VPN_CLIENTS" "$VPN" "$SSH_PORT" "$SSH_USER" "$SSH_PASSWORD" "$OPERATION"
elif [ "$TASK_TYPE" == "backup_set_client" ]; then elif [ "$TASK_TYPE" == "backup_set_client" ]; then
@@ -1153,14 +1317,8 @@ execute_task() {
SSH_USER="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_CLIENT_SSH_USER')" SSH_USER="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_CLIENT_SSH_USER')"
SSH_PASSWORD="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_CLIENT_SSH_PASSWORD')" SSH_PASSWORD="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_CLIENT_SSH_PASSWORD')"
OPERATION="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_CLIENT_OPERATION')" OPERATION="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_CLIENT_OPERATION')"
debug "task type is backup_set_client for $NAME"
debug " size: $SIZE"
debug " vpn: $VPN"
debug " ssh_port: $SSH_PORT"
debug " ssh_user: $SSH_USER"
debug " ssh_password: $SSH_PASSWORD"
debug " operation: $OPERATION"
debug "task type is backup_set_client for $NAME"
backup_set_client "$NAME" "$SIZE" "$VPN" "$SSH_PORT" "$SSH_USER" "$SSH_PASSWORD" "$OPERATION" backup_set_client "$NAME" "$SIZE" "$VPN" "$SSH_PORT" "$SSH_USER" "$SSH_PASSWORD" "$OPERATION"
elif [ "$TASK_TYPE" == "backup_challenge_clients" ]; then elif [ "$TASK_TYPE" == "backup_challenge_clients" ]; then
@@ -1193,7 +1351,7 @@ execute_task() {
upgrade_scheduler upgrade_scheduler
echo "Removing old framework scheduler container..." echo "Removing old framework scheduler container..."
JSON_TARGET=$(echo '{"DATE":"'$DATE'","INSTALL_STATUS":1}' | jq -r . | base64 -w0) JSON_TARGET=$(echo '{"DATE":"'$DATE'","INSTALL_STATUS":1,"VERSION":'$VERSION'}' | jq -r . | base64 -w0)
add_json_target $NAME add_json_target $NAME
sleep 1 sleep 1
/usr/bin/docker rm -f $HOSTNAME /usr/bin/docker rm -f $HOSTNAME
@@ -1337,7 +1495,13 @@ DATE=$(date +%F-%H-%M-%S)
DIR=$SHARED/input DIR=$SHARED/input
# Triggers by certificate or domain config changes # Triggers by certificate or domain config changes
# Set installed version number
echo '{}' | jq --arg VERSION "$VERSION" '.VERSION = $VERSION' > $SHARED/output/version.json
############################
if [ "$DEBUG_MODE" == "true" ]; then
rm $DIR/*
fi
unset IFS unset IFS
inotifywait --exclude "\.(swp|tmp)" -m -e CREATE,CLOSE_WRITE,DELETE,MOVED_TO -r $DIR | inotifywait --exclude "\.(swp|tmp)" -m -e CREATE,CLOSE_WRITE,DELETE,MOVED_TO -r $DIR |