-
Notifications
You must be signed in to change notification settings - Fork 99
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
TZ from env, client log, alpine 3.14, path DB changed. #13
Conversation
ff3c0ca
to
776dcba
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Additionally could you think about merging start and entrypoint.py? As the user should be able to execute the scripts as one package - also the entrypoint should not try to change the uid/gui except he has the permissions for that.
docker/start.py
Outdated
import subprocess | ||
import time | ||
|
||
LTIME = '/etc/localtime' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
And this is used for... ?
docker/start.py
Outdated
'-e': 'EPID' | ||
} | ||
enableSQLITE = os.getenv('SQLITE', 'false').lower() == 'true' | ||
dbPath = os.path.join('/db/pykms_database.db') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Okay, that is wrong - os.path.join()
needs to take the path elements as single arguments to ensure cross-platform behavior.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Additionally please do not put it into root - the docker user should have to perms to do that anyways.
docker/start.py
Outdated
client_cmd.append(os.environ.get('LOGSIZE')) | ||
|
||
if log_level.lower() in ['info', 'debug']: | ||
print("Starting a dummy activation to ensure the database file is created", flush=True) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Remove the flush=True
please. We should instead set the environment variable PYTHONUNBUFFERED
to 1
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I was not sure what was best. I guessed flushed= true had only a local impact. python unbeferred has a more global impact, but is you wish.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@simonmicro I agree with @edgd1er I am not sure that setting PYTHONUNBUFFERED
to 1
is a good idea, but we could probably meet in the middle somewhere by adding a switch to change buffering behaviour of print()
for those who want it.
Is the change to buffering behaviour to stop log output from being garbled?
docker/start.py
Outdated
command.append(arg) | ||
command.append(os.environ.get(env)) | ||
|
||
os.makedirs(os.path.dirname(dbPath), exist_ok=True) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Whoops, that's probably on me: Move that into the if enableSQLite:
please
docker/entrypoint.py
Outdated
os.symlink(os.path.join('/usr/share/zoneinfo/', tz), LTIME) | ||
|
||
|
||
LTIME = '/etc/localtime' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sooo, you define a global variable after using it? And expect implicit binding? Could you at least make it more readable by adding global
to the function or pass it directly?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I guess, that was before I changed all. for the moment, it is still a work in progress. It should be corrected.
docker/entrypoint.py
Outdated
gid = user_grp_db_entries.gr_gid | ||
new_gid = int(os.getenv('GID', str(gid))) | ||
new_uid = int(os.getenv('UID', str(uid))) | ||
os.chown("/home/py-kms", new_uid, new_uid) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this recursive?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
no recursivity here, just get the env value or a default one if none provided.
docker/entrypoint.py
Outdated
os.chown("/home/py-kms", new_uid, new_uid) | ||
os.chown("/db/pykms_database.db", new_uid, new_uid) | ||
if gid != new_gid: | ||
print("Setting gid to " + str(new_gid), flush=True) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've seen you added conditional logging below - do you also intend to do that here? Please be consistent.
Oh, this is still WIP? Sorry for already taking a look into it! I'll mark the PR as such. |
you may have a look to changes if you wish. |
Okay, I'm still not 100% percent conform with the new |
command.append(os.environ.get(env)) | ||
|
||
if enableSQLITE: | ||
loggersrv.info("Storing database file to %s" % dbPath) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please add 4ee742d
docker/start.py
Outdated
def start_kms_client(): | ||
if not os.path.isfile(dbPath): | ||
# Start a dummy activation to ensure the database file is created | ||
client_cmd = [PYTHON3, '-u', 'pykms_Client.py', os.environ.get('IP', "0.0.0.0"), os.environ.get('PORT', 1688), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
And also here 4ee742d
changes are implemented. as a side-note, I'm not sure being able to change listening port for kms and websqlite is very useful. Being in a container, ports are reassigned, except when network is inhost-mode. |
Can you expand on that part about the port reassignment? Docker ports are configurable and static in my experience. |
for me, internal port = port exposed inside the container, external port is the port exposed on the host. when using bridge mode, an "external" port is mapped to the "internal" port: docker run -p 1080:8080 ... => access through host_ip:1080 As far as I know, most usage are in bridge mode to have network isolation, as such, changing internal ports are useless. websqlite is defined only in the container, defining internal port (inside the container) has no use when running in bridge mode. The question: do we need to give the opportunity to define (and maintain) the "internals" ports ( kms, web sqlite) feature, knowing most of the time, the container will be running in bridge mode ? I might be wrong assuming host mode is rarely used. |
I understand what you mean now, I agree with you. |
It is just the same philosophy for the ports as also for your uid/gid reassignment. After all docker allows you to remap our default docker uid of 1000 to any other arbitrary id as you need. But beside that the port specification could be really interesting in case you have to use the host networking mode - e.g. in case you run on a swarm and do not want to utilize load-balancing and be only available on an specific node. |
Okay, let's hope this does not break anything! |
Aaand the Dockerfile is broken. @edgd1er please fix this and test it this time. |
May be too many change for a single PR. this is still a work in progress as I wish to run as user py-kms with specific uid/gid.
Please note that also database path has been changed to allow volume or file mounting: /db/pykms_database.db