-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathentrypoint.sh
executable file
·133 lines (112 loc) · 4.27 KB
/
entrypoint.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
#!/bin/bash
# Author: Satish Gaikwad <satish@satishweb.com>
# Note: Privilege escalation is required to change ownership of the HOME dir
set -euo pipefail
: "${DEBUG:=0}"
if [ -f /run/secrets/DEBUG ]; then
DEBUG=$(< "/run/secrets/DEBUG")
export DEBUG
fi
if [ "$DEBUG" = "1" ]; then
set -x
fi
# Check if HOME variable is defined, if not, set default value
if [ -z "${HOME}" ]; then
export HOME="/home/ubuntu"
fi
# Check if USER variable is defined, if not, set default value
if [ -z "${USER}" ]; then
export USER="ubuntu"
fi
print_divider() {
printf "|---------------------------------------------------------------------------------------------\n"
}
print_divider
printf "| Starting Tools Container \n"
## Run fixuid to update home dir contents ownership to given uid and gid
(printf "user: %s\ngroup: %s\npaths:\n - %s\n" "${USER}" "${USER}" "${HOME}" | sudo tee /etc/fixuid/config.yml > /dev/null) || true
eval "$(fixuid -q)"
## Setup home dir
HOME_TEMPLATE=/home/ubuntu
if [[ "$HOME" != "$HOME_TEMPLATE" && $HOME ]]; then
# If the HOME dir is not the default one, change ownership of the new HOME dir to the current user
if [ ! -f "${HOME}/.keep" ]; then
# Note: If HOME dir data is persisted and USER ID or GROUP ID is changed
# then ownership of the HOME dir needs to be changed to the new USER ID and GROUP ID manually
sudo chown -Rf "$(id -u)":"$(id -g)" "${HOME}"
touch "${HOME}/.keep"
fi
items_to_copy=(
"${HOME_TEMPLATE}/.oh-my-zsh"
"${HOME_TEMPLATE}/.cache"
"${HOME_TEMPLATE}/.local"
"${HOME_TEMPLATE}/.config"
"${HOME_TEMPLATE}/.krew"
"${HOME_TEMPLATE}/.aws_cli_functions"
"${HOME_TEMPLATE}/.kubectl_aliases"
"${HOME_TEMPLATE}/.tmux.conf"
"${HOME_TEMPLATE}/.vimrc"
"${HOME_TEMPLATE}/.zshrc"
)
for item in "${items_to_copy[@]}"; do
if [ ! -e "${HOME}/$(basename "$item")" ]; then
# We do copying over linking to allow persistence of the HOME dir data
# when home dir is mounted as a volume
cp -rf "$item" "${HOME}" || true
fi
done
fi
## GPG and pass manager setup [ For CLI OIDC authenticators such as saml2aws via Okta ]
# Generate default gpg key without the password
if [ ! -f "${HOME}/.gnupg/pubring.kbx" ]; then
gpg --batch --passphrase '' --quick-gen-key user default default
fi
# Run gpg command to make sure gpg agent starts in a daemon mode.
gpg --list-secret-keys >/dev/null 2>&1
# Initialize pass manager with default gpg id
if [ ! -f "${HOME}/.password-store/.gpg-id" ]; then
pass init "$(gpg --list-keys user|awk 'NR==2{print $1;exit}')"
fi
# Function to update a key in the JSON file for YAI CLI AI tool
update_key() {
local key="$1"
local value="$2"
sed -i "s/\"$key\": .*/\"$key\": \"$value\",/" "${HOME}/.config/yai.json"
}
# List of environment variables and their corresponding keys in the JSON file
env_keys=(
"OPENAI_API_KEY=openai_key"
"OPENAI_MAX_TOKENS=openai_max_tokens"
"OPENAI_MODEL=openai_model"
"OPENAI_PROXY=openai_proxy"
"OPENAI_TEMPERATURE=openai_temperature"
"USER_DEFAULT_PROMPT_MODE=user_default_prompt_mode"
"USER_PREFERENCES=user_preferences"
)
# Iterate over the environment variables and update the JSON file
for env_key in "${env_keys[@]}"; do
env_var="${env_key%%=*}"
if declare -p "$env_var" &>/dev/null && [ -n "${!env_var}" ]; then
update_key "${env_key#*=}" "${!env_var}"
fi
done
# Start SSH server if SSH_SERVER is enabled
SSH_SERVER_ENABLED="${SSH_SERVER_ENABLED:-0}"
if [ "${SSH_SERVER_ENABLED}" = "1" ]; then
printf "| Starting SSH server ... "
(sudo service ssh start >/dev/null 2>&1 && echo "[ OK ]") || echo "[ FAILED ]"
fi
printf "| Initialization complete! Container ready for use \n"
print_divider
# Check if app-config is present
if [ -f /app-config ]; then
# We expect that app-config handles the launch of container default command
echo "| ENTRYPOINT: Executing app-config..."
# shellcheck source=/dev/null
source /app-config "$@"
else
# Lets run the default CMD if app-config is not mounted
echo "| ENTRYPOINT: app-config was not mounted, running container with given command or default command"
echo "| Container is ready to use"
exec "$@"
fi