michael/michaelschiemer
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
225c7c43f9ee6c690609f79724131a0d800fadc0
michaelschiemer/docker/entrypoint.sh
Michael Schiemer 01fcd690e2 feat: Shared code volume for nginx and app containers 
- Add app-code volume to both nginx and app containers
- App container clones code once into shared volume
- Nginx container uses shared volume (read-only) and waits for code
- Update entrypoint.sh to handle storage-preserving git clone
- Fix nginx configuration to use app:9000 for PHP-FPM

This eliminates duplicate code cloning and ensures both containers
always use the same code version from the shared volume.
2025-10-31 23:37:29 +01:00

119 lines
4.2 KiB
Bash
Executable File
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
#!/bin/bash
set -e
echo "🔐 Loading secrets from /run/secrets/..."
# Function to load secret from file if *_FILE env var is set
load_secret() {
local var_name="$1"
local file_var="${var_name}_FILE"
if [ -n "${!file_var}" ] && [ -f "${!file_var}" ]; then
export "$var_name"="$(cat "${!file_var}")"
echo "✅ Loaded $var_name from ${!file_var}"
fi
}
# Load database password from secret file
load_secret "DB_PASSWORD"
# Load other secrets
load_secret "APP_KEY"
load_secret "VAULT_ENCRYPTION_KEY"
load_secret "SHOPIFY_WEBHOOK_SECRET"
load_secret "RAPIDMAIL_PASSWORD"
load_secret "GIT_TOKEN"
echo "✅ All secrets loaded"
# Git Clone/Pull functionality
if [ -n "$GIT_REPOSITORY_URL" ]; then
echo ""
echo "📥 Cloning/Pulling code from Git repository..."
GIT_BRANCH="${GIT_BRANCH:-main}"
GIT_TARGET_DIR="/var/www/html"
# Setup Git credentials if provided
if [ -n "$GIT_TOKEN" ]; then
# Use token for HTTPS authentication
GIT_URL_WITH_AUTH=$(echo "$GIT_REPOSITORY_URL" | sed "s|https://|https://${GIT_TOKEN}@|")
elif [ -n "$GIT_USERNAME" ] && [ -n "$GIT_PASSWORD" ]; then
GIT_URL_WITH_AUTH=$(echo "$GIT_REPOSITORY_URL" | sed "s|https://|https://${GIT_USERNAME}:${GIT_PASSWORD}@|")
else
GIT_URL_WITH_AUTH="$GIT_REPOSITORY_URL"
fi
# Clone or pull repository
if [ ! -d "$GIT_TARGET_DIR/.git" ]; then
echo "📥 Cloning repository from $GIT_REPOSITORY_URL (branch: $GIT_BRANCH)..."
# Remove existing files if they exist (from image build)
# But preserve storage directory if it's a volume mount
if [ "$(ls -A $GIT_TARGET_DIR 2>/dev/null)" ]; then
echo "🗑️ Cleaning existing files (preserving storage)..."
find "$GIT_TARGET_DIR" -mindepth 1 -maxdepth 1 ! -name "storage" -exec rm -rf {} \; 2>/dev/null || true
fi
# Clone into temporary directory first, then move contents (preserving storage)
TEMP_CLONE="${GIT_TARGET_DIR}.tmp"
rm -rf "$TEMP_CLONE" 2>/dev/null || true
if git clone --branch "$GIT_BRANCH" --depth 1 "$GIT_URL_WITH_AUTH" "$TEMP_CLONE"; then
# Remove only files/dirs that are not storage (which might be a volume mount)
find "$GIT_TARGET_DIR" -mindepth 1 -maxdepth 1 ! -name "storage" -exec rm -rf {} \; 2>/dev/null || true
# Move contents from temp directory to target (preserving storage)
find "$TEMP_CLONE" -mindepth 1 -maxdepth 1 ! -name "." ! -name ".." -exec mv {} "$GIT_TARGET_DIR/" \; 2>/dev/null || true
rm -rf "$TEMP_CLONE" 2>/dev/null || true
echo "✅ Repository cloned successfully"
else
echo "❌ Git clone failed. Falling back to image contents."
rm -rf "$TEMP_CLONE" 2>/dev/null || true
fi
else
echo "🔄 Pulling latest changes from $GIT_BRANCH..."
cd "$GIT_TARGET_DIR"
# Fetch and reset to latest
git fetch origin "$GIT_BRANCH" || {
echo "⚠️ Git fetch failed. Using existing code."
}
git reset --hard "origin/$GIT_BRANCH" || {
echo "⚠️ Git reset failed. Using existing code."
}
git clean -fd || true
fi
# Install/update dependencies if composer.json exists
if [ -f "$GIT_TARGET_DIR/composer.json" ]; then
echo "📦 Installing/updating Composer dependencies..."
cd "$GIT_TARGET_DIR"
composer install --no-dev --optimize-autoloader --no-interaction --no-scripts || {
echo "⚠️ Composer install failed. Continuing..."
}
# Run composer scripts if needed
composer dump-autoload --optimize --classmap-authoritative || true
fi
echo "✅ Git sync completed"
else
echo ""
echo " GIT_REPOSITORY_URL not set, using code from image"
fi
echo ""
echo "📊 Environment variables:"
env | grep -E "DB_|APP_" | grep -v "PASSWORD|KEY|SECRET" || true
# Start PHP-FPM in background (inherits all environment variables)
echo ""
echo "🚀 Starting PHP-FPM..."
php-fpm &
# Wait for PHP-FPM to be ready
sleep 2
# Start nginx in foreground (inherits all environment variables)
echo "🚀 Starting nginx..."
exec nginx -g 'daemon off;'
Reference in New Issue View Git Blame Copy Permalink