From 02ed03a455b5771129fcb13b79bf06fd576877e1 Mon Sep 17 00:00:00 2001 From: thespad Date: Sun, 19 Jan 2025 17:03:14 +0000 Subject: [PATCH] Add auto-reload --- Dockerfile | 1 + Dockerfile.aarch64 | 1 + README.md | 4 ++ readme-vars.yml | 2 + .../dependencies.d/init-services | 0 .../s6-rc.d/svc-swag-auto-reload/run | 41 +++++++++++++++++++ .../s6-rc.d/svc-swag-auto-reload/type | 1 + .../user/contents.d/svc-swag-auto-reload | 0 8 files changed, 50 insertions(+) create mode 100644 root/etc/s6-overlay/s6-rc.d/svc-swag-auto-reload/dependencies.d/init-services create mode 100755 root/etc/s6-overlay/s6-rc.d/svc-swag-auto-reload/run create mode 100644 root/etc/s6-overlay/s6-rc.d/svc-swag-auto-reload/type create mode 100644 root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-swag-auto-reload diff --git a/Dockerfile b/Dockerfile index 08c365d2..30168940 100755 --- a/Dockerfile +++ b/Dockerfile @@ -29,6 +29,7 @@ RUN \ apk add --no-cache \ fail2ban \ gnupg \ + inotify-tools \ iptables-legacy \ memcached \ nginx-mod-http-brotli \ diff --git a/Dockerfile.aarch64 b/Dockerfile.aarch64 index 9bc2aed0..516f30e9 100755 --- a/Dockerfile.aarch64 +++ b/Dockerfile.aarch64 @@ -29,6 +29,7 @@ RUN \ apk add --no-cache \ fail2ban \ gnupg \ + inotify-tools \ iptables-legacy \ memcached \ nginx-mod-http-brotli \ diff --git a/README.md b/README.md index 7623cc35..f06b429d 100644 --- a/README.md +++ b/README.md @@ -190,6 +190,7 @@ services: - EXTRA_DOMAINS= #optional - STAGING=false #optional - DISABLE_F2B= #optional + - SWAG_AUTORELOAD= #optional volumes: - /path/to/swag/config:/config ports: @@ -218,6 +219,7 @@ docker run -d \ -e EXTRA_DOMAINS= `#optional` \ -e STAGING=false `#optional` \ -e DISABLE_F2B= `#optional` \ + -e SWAG_AUTORELOAD= `#optional` \ -p 443:443 \ -p 80:80 `#optional` \ -v /path/to/swag/config:/config \ @@ -247,6 +249,7 @@ Containers are configured using parameters passed at runtime (such as those abov | `-e EXTRA_DOMAINS=` | Additional fully qualified domain names (comma separated, no spaces) ie. `example.net,subdomain.example.net,*.example.org` | | `-e STAGING=false` | Set to `true` to retrieve certs in staging mode. Rate limits will be much higher, but the resulting cert will not pass the browser's security test. Only to be used for testing purposes. | | `-e DISABLE_F2B=` | Set to `true` to disable the Fail2ban service in the container, if you're already running it elsewhere or using a different IPS. | +| `-e SWAG_AUTORELOAD=` | Set to `true` to enable automatic reloading of nginx configs on change. Your filesystem must support inotify. This functionality was previous offered [via mod](https://github.com/linuxserver/docker-mods/tree/swag-auto-reload). | | `-v /config` | Persistent config files | | `--read-only=true` | Run container with a read-only filesystem. Please [read the docs](https://docs.linuxserver.io/misc/read-only/). | | `--cap-add=NET_ADMIN` | Required for fail2Ban to be able to modify iptables rules. | @@ -417,6 +420,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64 ## Versions +* **19.01.25:** - Add [Auto Reload](https://github.com/linuxserver/docker-mods/tree/swag-auto-reload) functionality to SWAG. * **17.12.24:** - Rebase to Alpine 3.21. * **21.10.24:** - Fix naming issue with Dynu plugin. If you are using Dynu, please make sure your credentials are set in /config/dns-conf/dynu.ini and your DNSPLUGIN variable is set to dynu (not dynudns). * **30.08.24:** - Fix zerossl cert revocation. diff --git a/readme-vars.yml b/readme-vars.yml index 63b56041..103e507b 100644 --- a/readme-vars.yml +++ b/readme-vars.yml @@ -38,6 +38,7 @@ opt_param_env_vars: - {env_var: "EXTRA_DOMAINS", env_value: "", desc: "Additional fully qualified domain names (comma separated, no spaces) ie. `example.net,subdomain.example.net,*.example.org`"} - {env_var: "STAGING", env_value: "false", desc: "Set to `true` to retrieve certs in staging mode. Rate limits will be much higher, but the resulting cert will not pass the browser's security test. Only to be used for testing purposes."} - {env_var: "DISABLE_F2B", env_value: "", desc: "Set to `true` to disable the Fail2ban service in the container, if you're already running it elsewhere or using a different IPS."} + - {env_var: "SWAG_AUTORELOAD", env_value: "", desc: "Set to `true` to enable automatic reloading of nginx configs on change. Your filesystem must support inotify. This functionality was previous offered [via mod](https://github.com/linuxserver/docker-mods/tree/swag-auto-reload)."} opt_param_usage_include_ports: true opt_param_ports: - {external_port: "80", internal_port: "80", port_desc: "HTTP port (required for HTTP validation and HTTP -> HTTPS redirect)"} @@ -200,6 +201,7 @@ init_diagram: | "swag:latest" <- Base Images # changelog changelogs: + - {date: "19.01.25:", desc: "Add [Auto Reload](https://github.com/linuxserver/docker-mods/tree/swag-auto-reload) functionality to SWAG."} - {date: "17.12.24:", desc: "Rebase to Alpine 3.21."} - {date: "21.10.24:", desc: "Fix naming issue with Dynu plugin. If you are using Dynu, please make sure your credentials are set in /config/dns-conf/dynu.ini and your DNSPLUGIN variable is set to dynu (not dynudns)."} - {date: "30.08.24:", desc: "Fix zerossl cert revocation."} diff --git a/root/etc/s6-overlay/s6-rc.d/svc-swag-auto-reload/dependencies.d/init-services b/root/etc/s6-overlay/s6-rc.d/svc-swag-auto-reload/dependencies.d/init-services new file mode 100644 index 00000000..e69de29b diff --git a/root/etc/s6-overlay/s6-rc.d/svc-swag-auto-reload/run b/root/etc/s6-overlay/s6-rc.d/svc-swag-auto-reload/run new file mode 100755 index 00000000..92cc7e25 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/svc-swag-auto-reload/run @@ -0,0 +1,41 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +if [[ ${SWAG_AUTORELOAD,,} == "true" ]]; then + if [[ -f "/etc/s6-overlay/s6-rc.d/svc-mod-swag-auto-reload/run" ]]; then + echo "ERROR: Legacy SWAG Auto Reload Mod detected, to use the built-in Auto Reload functionality please remove it from your container config." + sleep infinity + else + echo "Auto-reload: Watching the following files/folders for changes (excluding .sample, .swp, and .md files):" + echo "/config/nginx" + ACTIVE_WATCH=("/config/nginx") + for i in $(echo "${WATCHLIST}" | tr "|" " "); do + if [ -f "${i}" ] || [ -d "${i}" ]; then + echo "${i}" + ACTIVE_WATCH+=("${i}") + fi + done + + function wait_for_changes { + inotifywait -rq \ + --event modify,move,create,delete \ + --excludei '\.(sample|md|swp)' \ + "${ACTIVE_WATCH[@]}" + } + + while wait_for_changes; do + NGINX_CONF=() + if ! grep -q "/config/nginx/nginx.conf" /etc/nginx/nginx.conf; then + NGINX_CONF=("-c" "/config/nginx/nginx.conf") + fi + if /usr/sbin/nginx "${NGINX_CONF[@]}" -t; then + echo "Changes to nginx config detected and the changes are valid, reloading nginx" + /usr/sbin/nginx "${NGINX_CONF[@]}" -s reload + else + echo "Changes to nginx config detected but the changes are not valid, skipping nginx reload. Please fix your config." + fi + done + fi +else + sleep infinity +fi diff --git a/root/etc/s6-overlay/s6-rc.d/svc-swag-auto-reload/type b/root/etc/s6-overlay/s6-rc.d/svc-swag-auto-reload/type new file mode 100644 index 00000000..5883cff0 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/svc-swag-auto-reload/type @@ -0,0 +1 @@ +longrun diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-swag-auto-reload b/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-swag-auto-reload new file mode 100644 index 00000000..e69de29b