Refactor backup service parameters and add default SSH host value

Add default values for SSH parameters in backup service functions
Fix JSON formatting and add TYPE field in backup configuration
2025-08-26 12:32:36 +02:00 · 2025-08-26 09:39:33 +02:00 · 2025-08-26 08:05:40 +02:00 · 2025-08-14 17:44:16 +00:00 · 2025-08-13 09:22:38 +02:00 · 2025-08-09 09:54:36 +02:00
1 changed files with 85 additions and 42 deletions
--- a/scripts/scheduler/entrypoint.sh
+++ b/scripts/scheduler/entrypoint.sh
@@ -2,10 +2,24 @@

 cd /scripts
 DEBUG_MODE=${DEBUG_MODE:-false}
-VERSION=1.1.1
+
+VERSION="1.1.4"

 #DOCKER_REGISTRY_URL=${DOCKER_REGISTRY_URL:-registry.format.hu}
 DOCKER_REGISTRY_URL=${DOCKER_REGISTRY_URL:-safebox}
+DOCKER_REGISTRY_USERNAME=$DOCKER_REGISTRY_USERNAME
+DOCKER_REGISTRY_PASSWORD=$DOCKER_REGISTRY_PASSWORD
+
+if [ -n "$DOCKER_REGISTRY_USERNAME" ] && [ -n "$DOCKER_REGISTRY_PASSWORD" ]; then
+    echo "Logging in to Docker registry $DOCKER_REGISTRY_URL"
+    echo "$DOCKER_REGISTRY_PASSWORD" | docker login $DOCKER_REGISTRY_URL --username $DOCKER_REGISTRY_USERNAME --password-stdin
+    DOCKER_REGISTRY_ENVS="--env DOCKER_REGISTRY_USERNAME=$DOCKER_REGISTRY_USERNAME --env DOCKER_REGISTRY_PASSWORD=$DOCKER_REGISTRY_PASSWORD"
+
+else
+    echo "No Docker registry credentials provided, skipping login."
+fi
+
+
 USER_INIT_PATH=$USER_INIT_PATH
 GLOBAL_VERSION=${GLOBAL_VERSION:-latest}
 SERVICE_DIR=${SERVICE_DIR:-/etc/user/config/services}
@@ -20,6 +34,14 @@ FRAMEWORK_SCHEDULER_NETWORK_SUBNET=${FRAMEWORK_SCHEDULER_NETWORK_SUBNET:-"172.19
 FRAMEWORK_SCHEDULER_VERSION=${FRAMEWORK_SCHEDULER_VERSION:-latest}
 RUN_FORCE=${RUN_FORCE:-false}

+if [ "$DEBUG_MODE" == "true" ]; then
+    DOCKER_START="--entrypoint=sh $DOCKER_REGISTRY_URL/$FRAMEWORK_SCHEDULER_IMAGE:$FRAMEWORK_SCHEDULER_VERSION -c 'sleep 86400'"
+    SET_DEBUG_MODE="--env DEBUG_MODE=true"
+else
+    DOCKER_START="$DOCKER_REGISTRY_URL/$FRAMEWORK_SCHEDULER_IMAGE:$FRAMEWORK_SCHEDULER_VERSION"
+    SET_DEBUG_MODE=""
+fi
+
 WEB_SERVER=${WEB_SERVER:-webserver}
 WEB_IMAGE=${WEB_IMAGE:-web-installer}
 WEBSERVER_PORT=${WEBSERVER_PORT:-8080}
@@ -81,6 +103,8 @@ $VOLUME_MOUNTS \
 --env SETUP_VERSION=$SETUP_VERSION \
 --env GLOBAL_VERSION=$GLOBAL_VERSION \
 --env HOST_FILE=$HOST_FILE \
+ $SET_DEBUG_MODE \
+ $DOCKER_REGISTRY_ENVS \
 $DOCKER_REGISTRY_URL$SETUP:$SETUP_VERSION"

 DEBUG=1
@@ -100,7 +124,9 @@ add_json_target(){
            TASK="upgrade-$TASK_NAME"
        fi

+        if [ ! -f $SHARED/output/$TASK.json ]; then
            install -m 664 -g 65534 /dev/null $SHARED/output/$TASK.json
+        fi
        echo $JSON_TARGET | base64 -d >$SHARED/output/$TASK.json
 }

@@ -116,20 +142,38 @@ generate_backup_server_secrets () {

        echo '{ 
            "backupserver":{
+                "SSH_HOST":"'$SSH_HOST'",
                "SSH_USER":"'$SSH_USER'",
                "SSH_PORT":"'$SSH_PORT'",
                "SSH_PASSWORD":"'$SSH_PASSWORD'",
-                "PASSWORD":"'$PASSWORD'",
+                "BACKUP_PASSWORD":"'$BACKUP_PASSWORD'",
                "PERIOD":"'$PERIOD'",
                "COMPRESSION":"'$COMPRESSION'",
                "DIRECTORIES":"'$DIRECTORIES'",
-                "SERVICES":"'$SERVICES'",
-                "BACKUP_LOCAL_CLIENTS":"'$BACKUP_LOCAL_CLIENTS'",
-                "BACKUP_VPN_CLIENTS":"'$BACKUP_VPN_CLIENTS'"
+                "SERVICES":"'$SERVICES'"
            }
        }' | jq -r . > $SECRET_DIR/backup/server/backup.json
 }

+defaulting_missing_paramaters() {
+
+    if [ "$SSH_HOST" == "" ] || [ "$SSH_HOST" == "null" ]; then
+        SSH_HOST="localhost"
+    fi
+
+    if [ "$SSH_PORT" == "" ] || [ "$SSH_PORT" == "null" ]; then
+        SSH_PORT="20022"
+    fi
+
+    if [ "$SSH_USER" == "" ] || [ "$SSH_USER" == "null" ]; then
+        SSH_USER="backup"
+    fi
+
+    if [ "$SSH_PASSWORD" == "" ] || [ "$SSH_PASSWORD" == "null" ]; then
+        SSH_PASSWORD="backup"
+    fi
+}
+
 create_backup_service () {

    ADDITIONAL=""
@@ -198,22 +242,22 @@ create_backup_service () {

 backup_set_service() {

-
-    local PASSWORD="$1"
+    local BACKUP_PASSWORD="$1"
    local PERIOD="$2"
    local COMPRESSION="$3"

    local PLANNED_TIME="$(echo "$4" | base64 -d)"
    local DIRECTRIES="$5"
    local SERVICES="$6"
-    local BACKUP_LOCAL_CLIENTS="$7"
-    local BACKUP_VPN_CLIENTS="$8"
+    local SSH_HOST="$7"

-    local VPN="$9"
-    local SSH_PORT="${10:-20022}"
-    local SSH_USER="${11:-"backup"}"
-    local SSH_PASSWORD="${12:-"backup"}"
-    local OPERATION="${13}"
+    local VPN="$8"
+    local SSH_PORT="$9"
+    local SSH_USER="${10}"
+    local SSH_PASSWORD="${11}"
+    local OPERATION="${12}"
+
+    defaulting_missing_paramaters

    if [ "$OPERATION" == "DELETE" ]; then

@@ -267,12 +311,14 @@ backup_set_client() {
    local NAME="$1"
    local SIZE="$2"
    local VPN="$3"
-    local SSH_PORT="${4:-20022}"
-    local SSH_USER="${5:-"backup"}"
-    local SSH_PASSWORD="${6:-"backup"}"
+    local SSH_PORT="$4"
+    local SSH_USER="$5"
+    local SSH_PASSWORD="$6"
    local OPERATION="$7"
    local VPN_KEY="$8"

+    defaulting_missing_paramaters
+
    if [ "$OPERATION" == "DELETE" ]; then
        # delete service
        if [ -f "/etc/user/config/services/service-backup-client-$NAME.json" ]; then
@@ -343,6 +389,7 @@ backup_set_client() {
        {
        "SOURCE": "/etc/user/data/backup/clients/'$NAME'/ssh",                   
        "DEST": "/home/'$SSH_USER'/.ssh",
+        "TYPE": "rw"
        }
            ],
    "POST_START": []
@@ -522,7 +569,8 @@ get_repositories() {
            GIT_HTTP_CONNECT_TIMEOUT=10 GIT_HTTP_TIMEOUT=30 git clone $REPO /tmp/$BASE >/dev/null
        else
            cd /tmp/$BASE
-            GIT_HTTP_CONNECT_TIMEOUT=10 GIT_HTTP_TIMEOUT=30 git pull >/dev/null
+	    date >> /tmp/pull.log
+            GIT_HTTP_CONNECT_TIMEOUT=10 GIT_HTTP_TIMEOUT=30 git pull >> /tmp/pull.log
        fi
        if [ -f "/tmp/$BASE/applications-tree.json" ]; then
            TREES=$TREES" /tmp/$BASE/applications-tree.json"
@@ -538,6 +586,9 @@ check_volumes() {
    if [ ! -d "/var/tmp/shared" ]; then
        /usr/bin/docker volume create SHARED
        RET=0
+    else
+        rm -rf /var/tmp/shared/input/*
+        rm -rf /var/tmp/shared/output/*
    fi

    if [ ! -d "/etc/system/data/" ]; then
@@ -866,14 +917,6 @@ upgrade_scheduler() {
    debug "Upgrading framework scheduler..."
    /usr/bin/docker pull "$DOCKER_REGISTRY_URL/$FRAMEWORK_SCHEDULER_IMAGE:$FRAMEWORK_SCHEDULER_VERSION"

-    if [ "$DEBUG_MODE" == "true" ]; then
-        DOCKER_START="--entrypoint=sh $DOCKER_REGISTRY_URL/$FRAMEWORK_SCHEDULER_IMAGE:$FRAMEWORK_SCHEDULER_VERSION -c 'sleep 86400'"
-        SET_DEBUG_MODE="--env DEBUG_MODE=true"
-    else
-        DOCKER_START="$DOCKER_REGISTRY_URL/$FRAMEWORK_SCHEDULER_IMAGE:$FRAMEWORK_SCHEDULER_VERSION"
-        SET_DEBUG_MODE=""
-    fi
-
    FRAMEWORK_SCHEDULER_NAME="$FRAMEWORK_SCHEDULER_NAME-$(head /dev/urandom | tr -dc '0-9' | head -c 6)"

    DOCKER_RUN="/usr/bin/docker run -d \
@@ -887,12 +930,14 @@ upgrade_scheduler() {
 		-v USER_SECRET:/etc/user/secret \
 		--restart=always \
        --name $FRAMEWORK_SCHEDULER_NAME \
+        $DOCKER_REGISTRY_ENVS \
        $SET_DEBUG_MODE \
 	  	--env WEBSERVER_PORT=$WEBSERVER_PORT \
 	  	--network $FRAMEWORK_SCHEDULER_NETWORK \
 		--env RUN_FORCE=$RUN_FORCE \
 		--env DOCKER_REGISTRY_URL=$DOCKER_REGISTRY_URL \
 	  $DOCKER_START"
+    echo "DOCKER RUN: $DOCKER_RUN"
    eval "$DOCKER_RUN"
 }

@@ -1296,7 +1341,7 @@ execute_task() {

        elif [ "$TASK_TYPE" == "backup_set_service" ]; then

-            PASSWORD="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_SERVER_PASSWORD')"
+            BACKUP_PASSWORD="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_SERVER_PASSWORD')"
            PERIOD="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_PERIOD')"
            COMPRESSION="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_COMPRESSION')"
            PLANNED_TIME="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_PLANNED_TIME')"
@@ -1305,13 +1350,14 @@ execute_task() {
            BACKUP_LOCAL_CLIENTS="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_LOCAL_CLIENTS')"
            BACKUP_VPN_CLIENTS="$(echo $B64_JSON | base64 -d | jq -r '.BACKUP_VPN_CLIENTS')"
            VPN="$(echo $B64_JSON | base64 -d | jq -r '.VPN')"
+            SSH_HOST="$(echo $B64_JSON | base64 -d | jq -r '.SSH_HOST')"
            SSH_PORT="$(echo $B64_JSON | base64 -d | jq -r '.SSH_PORT')"
            SSH_USER="$(echo $B64_JSON | base64 -d | jq -r '.SSH_USER')"
            SSH_PASSWORD="$(echo $B64_JSON | base64 -d | jq -r '.SSH_PASSWORD')"
            OPERATION="$(echo $B64_JSON | base64 -d | jq -r '.OPERATION')"

            echo "task type is backup_set_service"
-            backup_set_service "$PASSWORD" "$PERIOD" "$COMPRESSION" "$PLANNED_TIME" "$DIRECTRIES" "$SERVICES" "$BACKUP_LOCAL_CLIENTS" "$BACKUP_VPN_CLIENTS" "$VPN" "$SSH_PORT" "$SSH_USER" "$SSH_PASSWORD" "$OPERATION"
+            backup_set_service "$BACKUP_PASSWORD" "$PERIOD" "$COMPRESSION" "$PLANNED_TIME" "$DIRECTRIES" "$SERVICES" "$SSH_HOST" "$VPN" "$SSH_PORT" "$SSH_USER" "$SSH_PASSWORD" "$OPERATION"

        elif [ "$TASK_TYPE" == "backup_set_client" ]; then
            
@@ -1343,24 +1389,21 @@ execute_task() {
        JSON="$(echo $B64_JSON | base64 -d)"
        NAME=$(echo "$JSON" | jq -r .NAME | awk '{print tolower($0)}')
        if [ "$NAME" == "framework" ]; then
-            JSON_TARGET=$(echo '{"DATE":"'$DATE'","INSTALL_STATUS":0}' | jq -r . | base64 -w0)
+            JSON_TARGET=$(echo '{"DATE":"'$DATE'","STATUS":1}' | jq -r . | base64 -w0)
            add_json_target $NAME
            echo "Upgrading service: webserver"
            upgrade webserver

            echo "Upgrading framework scheduler..."
-            echo "Cleaning temporary files..."
-            
-            rm -rf /var/tmp/shared/input/*
-            rm -rf /var/tmp/shared/output/*
-
            upgrade_scheduler
            echo "Removing old framework scheduler container..."
-            JSON_TARGET=$(echo '{"DATE":"'$DATE'","INSTALL_STATUS":1,"VERSION":'$VERSION'}' | jq -r . | base64 -w0)
+            JSON_TARGET=$(echo '{"DATE":"'$DATE'","STATUS":2,"VERSION":"'$VERSION'"}' | jq -r . | base64 -w0)
            add_json_target $NAME
            sleep 1
            /usr/bin/docker rm -f $HOSTNAME

+            JSON_TARGET="" # do not create upgrade.json
+
            #CONTAINERS=$(docker ps -a --format '{{.Names}} {{.Status}}' | grep -E 'framework-scheduler|webserver')
        else
            echo "Upgrading service: $NAME"
@@ -1371,9 +1414,9 @@ execute_task() {
        sh /scripts/check_pid.sh "$PID" "$SHARED" "$TASK_NAME-$NAME" "$DATE" "$DEBUG" &
    fi

-    if [ "$TASK_NAME" != "check_vpn" ]; then
-        debug "JSON_TARGET: $JSON_TARGET"
-    fi
+#    if [ "$TASK_NAME" != "check_vpn" ]; then
+#        debug "JSON_TARGET: $JSON_TARGET"
+#    fi

    if [ "$JSON_TARGET" != "" ]; then
        add_json_target
@@ -1485,7 +1528,7 @@ fi
 #RS=$(docker ps | grep redis-server)
 WS=$(/usr/bin/docker ps | grep -o webserver)

-if [ "$WS" == "" ]; then
+if [ "$WS" == "" ] && [ ! -f $SHARED/output/upgrade-framework.json ]; then
    # START SERVICES
    echo "Starting webserver"
    $service_exec service-framework.containers.webserver start &
Author	SHA1	Message	Date
gyurix	85dd5aa4ad	Refactor backup service parameters and add default SSH host value All checks were successful continuous-integration/drone/push Build is passing Details continuous-integration/drone/tag Build is passing Details	2025-08-26 12:32:36 +02:00
gyurix	81dd98b952	Add default values for SSH parameters in backup service functions All checks were successful continuous-integration/drone/push Build is passing Details continuous-integration/drone/tag Build is passing Details	2025-08-26 09:39:33 +02:00
gyurix	7125f17b22	Fix JSON formatting and add TYPE field in backup configuration All checks were successful continuous-integration/drone/push Build is passing Details continuous-integration/drone/tag Build is passing Details	2025-08-26 08:05:40 +02:00
hael	bd0753b4db	json b64 debug removed All checks were successful continuous-integration/drone/tag Build is passing Details	2025-08-14 17:44:16 +00:00
gyurix	779f28a5f7	Clean temporary files in shared volume during task execution All checks were successful continuous-integration/drone/push Build is passing Details continuous-integration/drone/tag Build is passing Details	2025-08-13 09:22:38 +02:00
gyurix	9878fa9ce3	Bump version to 1.1.3 in entrypoint script All checks were successful continuous-integration/drone/push Build is passing Details continuous-integration/drone/tag Build is passing Details	2025-08-09 09:54:36 +02:00
gyurix	aeb679a898	Add condition to check for upgrade-framework.json before starting webserver All checks were successful continuous-integration/drone/push Build is passing Details	2025-08-09 09:39:59 +02:00
hael	e40b900750	Update scripts/scheduler/entrypoint.sh All checks were successful continuous-integration/drone/push Build is passing Details continuous-integration/drone/tag Build is passing Details	2025-08-08 09:43:21 +00:00
hael	ae83abef53	upgrade STATUS All checks were successful continuous-integration/drone/push Build is passing Details	2025-08-08 09:35:12 +00:00
hael	0e05eaa531	version fix All checks were successful continuous-integration/drone/push Build is passing Details	2025-08-08 09:01:06 +00:00
gyurix	8c345020f7	Refactor debug mode handling in entrypoint script for improved clarity All checks were successful continuous-integration/drone/push Build is passing Details	2025-08-07 16:48:26 +02:00
gyurix	10a6bc704c	Enhance entrypoint script with debug mode and Docker registry environment variables All checks were successful continuous-integration/drone/push Build is passing Details	2025-08-07 16:45:46 +02:00
gyurix	ba921a53a2	Log the Docker run command in the entrypoint script for debugging purposes All checks were successful continuous-integration/drone/push Build is passing Details	2025-08-07 16:38:25 +02:00
gyurix	7bb96a1863	Add support for Docker registry credentials in entrypoint script All checks were successful continuous-integration/drone/push Build is passing Details	2025-08-07 16:27:39 +02:00
gyurix	d0f65b8841	Add Docker registry login functionality to entrypoint script All checks were successful continuous-integration/drone/push Build is passing Details	2025-08-07 16:22:57 +02:00
gyurix	72e14d7199	Check for the existence of JSON file before creating it in add_json_target function All checks were successful continuous-integration/drone/push Build is passing Details	2025-08-07 16:08:55 +02:00
gyurix	566aed3752	Prevent overwriting existing JSON files in add_json_target function All checks were successful continuous-integration/drone/push Build is passing Details	2025-08-07 16:06:41 +02:00
hael	3ab1b3ff54	do not create upgrade.json All checks were successful continuous-integration/drone/push Build is passing Details	2025-08-07 13:49:40 +00:00
hael	dafd8f345a	git pull log All checks were successful continuous-integration/drone/push Build is passing Details	2025-08-07 13:35:52 +00:00
gyurix	56e2f6f05d	Silence output of git pull in entrypoint script to reduce log clutter All checks were successful continuous-integration/drone/push Build is passing Details	2025-08-07 15:28:26 +02:00
gyurix	e343bc2cb5	Enhance entrypoint script to log completion of git pull operation All checks were successful continuous-integration/drone/push Build is passing Details	2025-08-07 15:07:53 +02:00
gyurix	6d267dfd04	Merge branch 'main' of https://git.format.hu/safebox/framework-scheduler All checks were successful continuous-integration/drone/push Build is passing Details	2025-08-07 13:21:42 +02:00
gyurix	b049833844	Add logging for git pull operation in entrypoint script	2025-08-07 13:21:40 +02:00