-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathrun
157 lines (140 loc) · 5.86 KB
/
run
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
#!/bin/bash
MYDIR=`dirname $0` && [ ! `echo "$0" | grep '^\/'` ] && MYDIR=`pwd`/$MYDIR
DEV=0
# Local HTTP Port for web application
WEB_PORT=8087
# Path to the data
DATADIR=/opt/data/
# Docker images
DB_IMAGE=pgd-mmdt-db
SCAN_IMAGE=pgd-mmdt-scan
WEB_IMAGE=pgd-mmdt-web
# Docker containers
DB_CONTAINER=mmdt-db
SCAN_CONTAINER=mmdt-scan
WEB_CONTAINER=mmdt-web
# Volume name for Mondo DB
MONGO_VOL=mmdt-mongodb
MONGO_PORT=27017
# Docker account for retrieving the images
DOCKERACCOUNT=djacob65
# default user for htpasswd file
USER=admin
# Indicate if SSO module is active
SSO=0
# Network
MYNET=my-net
# Replace default configuration parameters with local ones if exist
[ -f $MYDIR/local.conf ] && . $MYDIR/local.conf
CMD=$1
usage() { echo "usage: sh $0 start|stop|restart|fullstart|ps|build|pull|initdb|scan"; exit 1; }
case "$CMD" in
start)
# Check / Create Network
RET=$(sudo docker network ls | grep $MYNET 1>/dev/null 2>/dev/null; echo $?)
[ $RET -ne 0 ] && sudo docker network create -d bridge $MYNET
echo "Lauching ... "
# Check / Create some directories (cache, tmp) with full privileges
[ ! -d $MYDIR/web/tmp ] && sudo mkdir -p $MYDIR/web/tmp
[ -d $MYDIR/web/tmp ] && sudo chmod 777 $MYDIR/web/tmp
[ ! -d $MYDIR/web/cache ] && sudo mkdir -p $MYDIR/web/cache
[ -d $MYDIR/web/cache ] && sudo chmod 777 $MYDIR/web/cache
# Set full privileges to json configuration files
sudo chmod 777 $MYDIR/web/conf/*.json
# Activate access via htpasswd if necessary
sudo cp $MYDIR/web/.htaccess.tmpl $MYDIR/web/.htaccess
[ $SSO -eq 0 ] && sudo sed -i -e "s/^#>//g" $MYDIR/web/.htaccess
# Launch DB container
VOLDBSRC="-v $MYDIR/docker/db/initialisation:/js"
sudo docker run -d --network=$MYNET -v $MONGO_VOL:/data/db -v $DATADIR:/pgd_data -v $MYDIR/web/conf:/json $VOLDBSRC -p $MONGO_PORT:27017 --name $DB_CONTAINER $DB_IMAGE
# Launch SCAN container
VOLSCANSRC=
[ $DEV -eq 1 ] && VOLSRCSCAN="-v $MYDIR/docker/scan/scripts:/pgd"
sudo docker run -d --network=$MYNET -v $DATADIR:/pgd_data -v $MYDIR/web/conf:/json $VOLSRCSCAN --name $SCAN_CONTAINER $SCAN_IMAGE
# Launch WEB container
sudo docker run -d --network=$MYNET -p $WEB_PORT:80 -v $MYDIR/web:/var/www/html -v $DATADIR:/mnt -v $MYDIR/etc:/etc/pgd-mmdt --name $WEB_CONTAINER $WEB_IMAGE
# Set full privileges on files containing dictionary data
for d in `find $MYDIR/web/cvlist/ -type d -mindepth 1 -maxdepth 1 2>/dev/null`; do f=$(basename $d); sudo chmod 777 "$d/$f.txt"; done
[ $? -eq 0 ] && echo OK
;;
fullstart)
( sh $0 start ; sh $0 initdb ; sh $0 scan )
;;
stop)
sudo docker network disconnect $MYNET $WEB_CONTAINER
sudo docker network disconnect $MYNET $SCAN_CONTAINER
sudo docker network disconnect $MYNET $DB_CONTAINER
sudo docker rm -f $WEB_CONTAINER $SCAN_CONTAINER $DB_CONTAINER
echo -n "Remove volumes ... "
for v in $(sudo docker volume ls | grep local | grep -v $MONGO_VOL | cut -d' ' -f6); do
sudo docker volume rm $v 1>/dev/null 2>/dev/null
done
sudo docker volume rm $MONGO_VOL 1>/dev/null 2>/dev/null
sudo rm -f $MYDIR/web/tmp/*
[ $? -eq 0 ] && echo OK
;;
restart)
( sh $0 stop ; sh $0 fullstart )
;;
ps)
sudo docker ps | head -1
sudo docker ps | grep "mmdt-"
;;
pull)
sudo docker pull $DOCKERACCOUNT/maggot-db:latest;
sudo docker image tag $DOCKERACCOUNT/maggot-db $DB_IMAGE
sudo docker pull $DOCKERACCOUNT/maggot-scan:latest;
sudo docker image tag $DOCKERACCOUNT/maggot-scan $SCAN_IMAGE
sudo docker pull $DOCKERACCOUNT/maggot-web:latest;
sudo docker image tag $DOCKERACCOUNT/maggot-web $WEB_IMAGE
;;
build)
( cd $MYDIR/docker/db; sudo docker build -t $DB_IMAGE . )
( cd $MYDIR/docker/scan; sudo docker build -t $SCAN_IMAGE . )
( cd $MYDIR/docker/web; sudo docker build -t $WEB_IMAGE . )
;;
initdb)
VER=$(sudo docker exec -t $DB_CONTAINER mongod --version | head -1)
echo "Mongo $VER"
# Mongo command (ver 4.0: mongo ; ver 5.0+: mongosh)
MONGO=mongo
RET=$(sudo docker exec -t $DB_CONTAINER which $MONGO)
[ -z "$RET" ] && MONGO=mongosh
RET=$(sudo docker exec -t $DB_CONTAINER cat /proc/cpuinfo | grep avx 1>/dev/null 2>/dev/null; echo $?)
if [ $MONGO == "mongosh" -a $RET -ne 0 ]; then
echo "ERROR: AVX support is disabled - See https://inrae.github.io/pgd-mmdt/avx_win11_vbox/"
exit 1
fi
echo -n "Init DB ... "
sudo docker exec -t $DB_CONTAINER /bin/bash -c "cd /js; python3 ./generate_setupdb.py"
sudo docker exec -t $DB_CONTAINER $MONGO /js/setupdb.js 1>/dev/null 2>/dev/null
[ $? -eq 0 ] && echo OK
[ $? -ne 0 ] && echo FAILED
;;
scan)
echo -n "Scanning ... "
sudo docker exec -t $SCAN_CONTAINER /bin/bash -c "cd /pgd; python3 ./pgd.py"
sudo docker exec -t $SCAN_CONTAINER /bin/bash -c "cd /pgd; python3 ./db-insert.py"
[ $? -eq 0 ] && echo OK
[ $? -ne 0 ] && echo FAILED
;;
passwd)
[ $# -gt 1 ] && USER=$2
echo "Account for $USER"
sudo docker exec -it $WEB_CONTAINER /usr/bin/htpasswd /etc/pgd-mmdt/.htpasswd $USER
;;
vol)
sudo docker volume ls
;;
reset)
sudo docker volume rm $MONGO_VOL
;;
delimages)
sudo docker rmi -f $(sudo docker images | grep $WEB_IMAGE | sed -e "s/ \+/@/g" | cut -d'@' -f3)
sudo docker rmi -f $(sudo docker images | grep $SCAN_IMAGE | sed -e "s/ \+/@/g" | cut -d'@' -f3)
sudo docker rmi -f $(sudo docker images | grep $DB_IMAGE | sed -e "s/ \+/@/g" | cut -d'@' -f3)
;;
*) usage
exit 2
esac
exit 0