From 010b5be79a3c52d70dc41eef10a63842847b81af Mon Sep 17 00:00:00 2001 From: Bibo Hao Date: Wed, 20 Nov 2024 07:55:22 +0000 Subject: [PATCH] debug docker img --- docker_devbox/work/start-caddy.sh | 6 ++++++ docker_devbox/work/start-supervisord.sh | 6 ++++++ docker_searxng/demo/docker-compose.searxng-standalone.yml | 6 +++--- docker_searxng/searxng.Dockerfile | 4 ++-- docker_searxng/work/etc/supervisord.conf | 3 ++- 5 files changed, 19 insertions(+), 6 deletions(-) create mode 100644 docker_devbox/work/start-caddy.sh create mode 100644 docker_devbox/work/start-supervisord.sh diff --git a/docker_devbox/work/start-caddy.sh b/docker_devbox/work/start-caddy.sh new file mode 100644 index 0000000..cceac77 --- /dev/null +++ b/docker_devbox/work/start-caddy.sh @@ -0,0 +1,6 @@ +#!/bin/bash +[ $BASH ] && [ -f /etc/profile ] && [ -z $ENTER_PROFILE ] && . /etc/profile + +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" + +URL_PREFIX=${JUPYTERHUB_SERVICE_PREFIX:-"/"} exec /usr/local/bin/caddy run --config /etc/caddy/Caddyfile diff --git a/docker_devbox/work/start-supervisord.sh b/docker_devbox/work/start-supervisord.sh new file mode 100644 index 0000000..f81c589 --- /dev/null +++ b/docker_devbox/work/start-supervisord.sh @@ -0,0 +1,6 @@ +#!/bin/bash +[ $BASH ] && [ -f /etc/profile ] && [ -z $ENTER_PROFILE ] && . /etc/profile + +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" + +LOG_FORMAT=json exec supervisord -c /etc/supervisord/supervisord.conf diff --git a/docker_searxng/demo/docker-compose.searxng-standalone.yml b/docker_searxng/demo/docker-compose.searxng-standalone.yml index 07e2821..e658aa9 100644 --- a/docker_searxng/demo/docker-compose.searxng-standalone.yml +++ b/docker_searxng/demo/docker-compose.searxng-standalone.yml @@ -21,11 +21,11 @@ services: - SEARXNG_TLS=${LETSENCRYPT_EMAIL:-internal} - UWSGI_WORKERS=${SEARXNG_UWSGI_WORKERS:-4} - UWSGI_THREADS=${SEARXNG_UWSGI_THREADS:-4} - # user: searxng + # user: root # command: ["/opt/searxng/start-supervisord.sh"] # command: ["tail", "-f", "/dev/null"] - cap_drop: ["ALL"] - cap_add: ["CHOWN", "SETGID", "SETUID", "NET_BIND_SERVICE"] + # cap_drop: ["ALL"] + # cap_add: ["AUDIT_WRITE", "CHOWN", "SETGID", "SETUID", "NET_BIND_SERVICE"] logging: driver: "json-file" options: diff --git a/docker_searxng/searxng.Dockerfile b/docker_searxng/searxng.Dockerfile index 91f1021..3884618 100644 --- a/docker_searxng/searxng.Dockerfile +++ b/docker_searxng/searxng.Dockerfile @@ -11,6 +11,7 @@ RUN set -eux \ && SEARXNG_GID=977 && SEARXNG_UID=977 \ && addgroup -gid ${SEARXNG_GID} searxng \ && adduser -uid ${SEARXNG_UID} --disabled-password --home /opt/searxng -shell /bin/bash --ingroup searxng searxng \ + && usermod -aG root searxng \ && apt-get -qq update -yq --fix-missing && apt-get -qq install -yq --no-install-recommends \ libxslt-dev zlib1g-dev libffi-dev libssl-dev \ && pip install -U pyyaml uwsgi \ @@ -28,7 +29,7 @@ RUN set -eux \ # Clean up and display components version information... && fix_permission searxng /opt/searxng/ \ && chmod +x /opt/searxng/*.sh \ - && chmod -R ugo+rws /var/log \ + && chmod -R ugo+rws /var/log /var/run \ && list_installed_packages && install__clean ENV SEARXNG_HOSTNAME="http://localhost:8000" @@ -52,4 +53,3 @@ SHELL ["/bin/bash", "--login", "-o", "pipefail", "-c"] WORKDIR /opt/searxng CMD ["/opt/searxng/start-supervisord.sh"] EXPOSE 8080 9001 8000 -USER searxng diff --git a/docker_searxng/work/etc/supervisord.conf b/docker_searxng/work/etc/supervisord.conf index 086cb6b..fca4999 100644 --- a/docker_searxng/work/etc/supervisord.conf +++ b/docker_searxng/work/etc/supervisord.conf @@ -8,6 +8,7 @@ chown=root:supervisor [inet_http_server] port=:9001 +# username=root [supervisorctl] serverurl=unix:///var/run/supervisor.sock @@ -39,7 +40,7 @@ redirect_stderr=false [program:searxng] -# directory=/root/ +# user=searxng command=/opt/searxng/start-searxng.sh # command=/opt/searxng/dockerfiles/docker-entrypoint.sh stdout_logfile=/var/log/searxng.stdout.log