'use strict'; exports = module.exports = { start, rebuild, DEFAULT_MEMORY_LIMIT: 256 * 1024 * 1024 }; var apps = require('./apps.js'), assert = require('assert'), async = require('async'), debug = require('debug')('box:sftp'), docker = require('./docker.js'), hat = require('./hat.js'), infra = require('./infra_version.js'), paths = require('./paths.js'), safe = require('safetydance'), shell = require('./shell.js'), system = require('./system.js'), volumes = require('./volumes.js'), _ = require('underscore'); function rebuild(serviceConfig, options, callback) { assert.strictEqual(typeof serviceConfig, 'object'); assert.strictEqual(typeof options, 'object'); assert.strictEqual(typeof callback, 'function'); debug('rebuilding container'); const force = !!options.force; const tag = infra.images.sftp.tag; const memoryLimit = serviceConfig.memoryLimit || exports.DEFAULT_MEMORY_LIMIT; const memory = system.getMemoryAllocation(memoryLimit); const cloudronToken = hat(8 * 128); apps.getAll(function (error, result) { if (error) return callback(error); let dataDirs = []; result.forEach(function (app) { if (!app.manifest.addons['localstorage']) return; const hostDir = apps.getDataDir(app, app.dataDir), mountDir = `/app/data/${app.id}`; if (!safe.fs.existsSync(hostDir)) { // this can fail if external mount does not have permissions for yellowtent user // do not create host path when cloudron is restoring. this will then create dir with root perms making restore logic fail debug(`Ignoring app data dir ${hostDir} for ${app.id} since it does not exist`); return; } dataDirs.push({ hostDir, mountDir }); }); volumes.list(function (error, allVolumes) { if (error) return callback(error); allVolumes.forEach(function (volume) { if (!safe.fs.existsSync(volume.hostPath)) { debug(`Ignoring volume host path ${volume.hostPath} since it does not exist`); return; } dataDirs.push({ hostDir: volume.hostPath, mountDir: `/app/data/${volume.id}` }); }); docker.inspect('sftp', function (error, data) { if (!error && data && data.Mounts) { let currentDataDirs = data.Mounts; if (currentDataDirs) { currentDataDirs = currentDataDirs.filter(function (d) { return d.Destination.indexOf('/app/data/') === 0; }).map(function (d) { return { hostDir: d.Source, mountDir: d.Destination }; }); // sort for comparison currentDataDirs.sort(function (a, b) { return a.hostDir < b.hostDir ? -1 : 1; }); dataDirs.sort(function (a, b) { return a.hostDir < b.hostDir ? -1 : 1; }); if (!force && _.isEqual(currentDataDirs, dataDirs)) { debug('Skipping rebuild, no changes'); return callback(); } } } const mounts = dataDirs.map(function (v) { return `-v "${v.hostDir}:${v.mountDir}"`; }).join(' '); const cmd = `docker run --restart=always -d --name="sftp" \ --hostname sftp \ --net cloudron \ --net-alias sftp \ --log-driver syslog \ --log-opt syslog-address=udp://127.0.0.1:2514 \ --log-opt syslog-format=rfc5424 \ --log-opt tag=sftp \ -m ${memory} \ --memory-swap ${memoryLimit} \ --dns 172.18.0.1 \ --dns-search=. \ -p 222:22 \ ${mounts} \ -e CLOUDRON_SFTP_TOKEN="${cloudronToken}" \ -v "${paths.SFTP_KEYS_DIR}:/etc/ssh:ro" \ --label isCloudronManaged=true \ --read-only -v /tmp -v /run "${tag}"`; // ignore error if container not found (and fail later) so that this code works across restarts async.series([ shell.exec.bind(null, 'stopSftp', 'docker stop sftp || true'), shell.exec.bind(null, 'removeSftp', 'docker rm -f sftp || true'), shell.exec.bind(null, 'startSftp', cmd) ], callback); }); }); }); } function start(existingInfra, serviceConfig, callback) { assert.strictEqual(typeof existingInfra, 'object'); assert.strictEqual(typeof serviceConfig, 'object'); assert.strictEqual(typeof callback, 'function'); rebuild(serviceConfig, { force: true }, callback); // force rebuild when infra changed }