mirror of https://github.com/docker/docs.git
switching over to offical mariadb image
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
This commit is contained in:
David Lawrence
parent
78dda3d16d
commit
6442640718
|
|
@ -21,7 +21,10 @@ notarysigner:
|
|||
command: -config=fixtures/signer-config.json
|
||||
notarymysql:
|
||||
volumes:
|
||||
- notarymysql:/var/lib/mysql
|
||||
build: ./notarymysql/
|
||||
- ./notarymysql/docker-entrypoint-initdb.d:/docker-entrypoint-initdb.d
|
||||
- ./notarymysql/data:/var/lib/mysql
|
||||
image: mariadb:10.1.10
|
||||
ports:
|
||||
- "3306:3306"
|
||||
environment:
|
||||
MYSQL_ALLOW_EMPTY_PASSWORD: true
|
||||
|
|
|
|||
|
|
@ -1,17 +0,0 @@
|
|||
FROM ubuntu:14.04
|
||||
MAINTAINER diogo@docker.com
|
||||
|
||||
RUN apt-get update \
|
||||
&& apt-get install -y mysql-server \
|
||||
&& rm -rf /var/lib/mysql/mysql \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
ADD start /start
|
||||
ADD initial-notaryserver.sql /initial-notaryserver.sql
|
||||
ADD initial-notarysigner.sql /initial-notarysigner.sql
|
||||
ADD migrate-notaryserver.sql /migrate-notaryserver.sql
|
||||
RUN chmod 755 /start
|
||||
|
||||
EXPOSE 3306
|
||||
|
||||
CMD ["/start"]
|
||||
|
|
@ -1,21 +0,0 @@
|
|||
The MIT License (MIT)
|
||||
|
||||
Copyright (c) 2014 Sameer Naik
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
||||
|
|
@ -0,0 +1,2 @@
|
|||
*
|
||||
!.gitignore
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
CREATE DATABASE IF NOT EXISTS `notaryserver`;
|
||||
|
||||
CREATE USER "server"@"%" IDENTIFIED BY "";
|
||||
|
||||
GRANT
|
||||
ALL PRIVILEGES ON `notaryserver`.*
|
||||
TO "server"@"%";
|
||||
|
|
@ -0,0 +1,7 @@
|
|||
CREATE DATABASE IF NOT EXISTS `notarysigner`;
|
||||
|
||||
CREATE USER "signer"@"%" IDENTIFIED BY "";
|
||||
|
||||
GRANT
|
||||
ALL PRIVILEGES ON `notarysigner`.*
|
||||
TO "signer"@"%";
|
||||
|
|
@ -1,20 +0,0 @@
|
|||
DROP TABLE IF EXISTS `tuf_files`;
|
||||
CREATE TABLE `tuf_files` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`gun` varchar(255) NOT NULL,
|
||||
`role` varchar(255) NOT NULL,
|
||||
`version` int(11) NOT NULL,
|
||||
`sha256` char(64) DEFAULT NULL,
|
||||
`data` longblob NOT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
UNIQUE KEY `gun` (`gun`,`role`,`version`),
|
||||
INDEX `sha256` (`sha256`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
|
||||
DROP TABLE IF EXISTS `timestamp_keys`;
|
||||
CREATE TABLE `timestamp_keys` (
|
||||
`gun` varchar(255) NOT NULL,
|
||||
`cipher` varchar(50) NOT NULL,
|
||||
`public` blob NOT NULL,
|
||||
PRIMARY KEY (`gun`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
|
|
@ -1,17 +0,0 @@
|
|||
DROP TABLE IF EXISTS `private_keys`;
|
||||
CREATE TABLE `private_keys` (
|
||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||
`created_at` timestamp NULL DEFAULT NULL,
|
||||
`updated_at` timestamp NULL DEFAULT NULL,
|
||||
`deleted_at` timestamp NULL DEFAULT NULL,
|
||||
`key_id` varchar(255) NOT NULL,
|
||||
`encryption_alg` varchar(255) NOT NULL,
|
||||
`keywrap_alg` varchar(255) NOT NULL,
|
||||
`algorithm` varchar(50) NOT NULL,
|
||||
`passphrase_alias` varchar(50) NOT NULL,
|
||||
`public` blob NOT NULL,
|
||||
`private` blob NOT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
UNIQUE (`key_id`),
|
||||
UNIQUE (`key_id`,`algorithm`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
|
|
@ -1,20 +0,0 @@
|
|||
-- This migrates initial-notaryserver.sql to tables that are needed for GORM
|
||||
|
||||
ALTER TABLE `tuf_files`
|
||||
ADD COLUMN `created_at` timestamp NULL DEFAULT NULL AFTER `id`,
|
||||
ADD COLUMN `updated_at` timestamp NULL DEFAULT NULL AFTER `created_at`,
|
||||
ADD COLUMN `deleted_at` timestamp NULL DEFAULT NULL AFTER `updated_at`,
|
||||
MODIFY `id` int(10) unsigned AUTO_INCREMENT;
|
||||
|
||||
ALTER TABLE `timestamp_keys`
|
||||
ADD COLUMN `id` int(10) unsigned AUTO_INCREMENT FIRST,
|
||||
ADD COLUMN `created_at` timestamp NULL DEFAULT NULL AFTER `id`,
|
||||
ADD COLUMN `updated_at` timestamp NULL DEFAULT NULL AFTER `created_at`,
|
||||
ADD COLUMN `deleted_at` timestamp NULL DEFAULT NULL AFTER `updated_at`,
|
||||
DROP PRIMARY KEY,
|
||||
ADD PRIMARY KEY (`id`),
|
||||
ADD UNIQUE (`gun`);
|
||||
|
||||
ALTER TABLE `timestamp_keys` ADD COLUMN `role` VARCHAR(255) NOT NULL, DROP KEY `gun`, ADD UNIQUE KEY `gun_role` (`gun`, `role`);
|
||||
|
||||
UPDATE `timestamp_keys` SET `role`="timestamp";
|
||||
|
|
@ -1,167 +0,0 @@
|
|||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
# This database is used by both of Notary-Server and Notary-Signer
|
||||
# the early days which we would not use it any longer.
|
||||
DB_NAME_OLD='notary'
|
||||
|
||||
# Message which will be displayed when the database 'notary' exsits.
|
||||
DB_WARNING="
|
||||
=============== WARNING =================
|
||||
# The schema has changed. #
|
||||
# Make sure you migrate the tables in #
|
||||
# 'notary' #
|
||||
# to #
|
||||
# 'notaryserver' and 'notarysigner' #
|
||||
=========================================
|
||||
"
|
||||
|
||||
# Although the Notary-Server and Notary-Signer could use the same
|
||||
# database, it's better to separate that for security.
|
||||
DB_NAME_SERVER='notaryserver'
|
||||
DB_NAME_SIGNER='notarysigner'
|
||||
DB_NAME=($DB_NAME_SERVER,$DB_NAME_SIGNER)
|
||||
|
||||
DB_TABLE_FILES='tuf_files'
|
||||
DB_TABLE_KEYS='timestamp_keys'
|
||||
DB_USER='root'
|
||||
DB_PASS=''
|
||||
|
||||
# Default username and password for Notary-Server
|
||||
DB_USER_SERVER='server'
|
||||
DB_PASS_SERVER=''
|
||||
|
||||
# Default username and password for Notary-Signer
|
||||
DB_USER_SIGNER='signer'
|
||||
DB_PASS_SIGNER=''
|
||||
|
||||
DB_REMOTE_ROOT_NAME=''
|
||||
DB_REMOTE_ROOT_PASS=''
|
||||
DB_REMOTE_ROOT_HOST=''
|
||||
|
||||
# disable error log
|
||||
sed 's/^log_error/# log_error/' -i /etc/mysql/my.cnf
|
||||
|
||||
# Fixing StartUp Porblems with some DNS Situations and Speeds up the stuff
|
||||
# http://www.percona.com/blog/2008/05/31/dns-achilles-heel-mysql-installation/
|
||||
cat > /etc/mysql/conf.d/mysql-skip-name-resolv.cnf <<EOF
|
||||
[mysqld]
|
||||
skip_name_resolve
|
||||
EOF
|
||||
|
||||
# fix permissions and ownership of /var/lib/mysql
|
||||
mkdir -p -m 700 /var/lib/mysql
|
||||
chown -R mysql:mysql /var/lib/mysql
|
||||
|
||||
# fix permissions and ownership of /run/mysqld
|
||||
mkdir -p -m 0755 /run/mysqld
|
||||
chown -R mysql:root /run/mysqld
|
||||
|
||||
#
|
||||
# the default password for the debian-sys-maint user is randomly generated
|
||||
# during the installation of the mysql-server package.
|
||||
#
|
||||
# Due to the nature of docker we blank out the password such that the maintenance
|
||||
# user can login without a password.
|
||||
#
|
||||
sed 's/password = .*/password = /g' -i /etc/mysql/debian.cnf
|
||||
|
||||
# initialize MySQL data directory
|
||||
if [ ! -d /var/lib/mysql/mysql ]; then
|
||||
echo "Installing database..."
|
||||
mysql_install_db --user=mysql >/dev/null 2>&1
|
||||
|
||||
# start mysql server
|
||||
echo "Starting MySQL server..."
|
||||
/usr/bin/mysqld_safe >/dev/null 2>&1 &
|
||||
|
||||
# wait for mysql server to start (max 30 seconds)
|
||||
timeout=30
|
||||
echo -n "Waiting for database server to accept connections"
|
||||
while ! /usr/bin/mysqladmin -u root status >/dev/null 2>&1
|
||||
do
|
||||
timeout=$(($timeout - 1))
|
||||
if [ $timeout -eq 0 ]; then
|
||||
echo -e "\nCould not connect to database server. Aborting..."
|
||||
exit 1
|
||||
fi
|
||||
echo -n "."
|
||||
sleep 1
|
||||
done
|
||||
echo
|
||||
|
||||
## create a localhost only, debian-sys-maint user
|
||||
## the debian-sys-maint is used while creating users and database
|
||||
## as well as to shut down or starting up the mysql server via mysqladmin
|
||||
echo "Creating debian-sys-maint user..."
|
||||
mysql -uroot -e "GRANT ALL PRIVILEGES on *.* TO 'debian-sys-maint'@'localhost' IDENTIFIED BY '' WITH GRANT OPTION;"
|
||||
|
||||
if [ -n "${DB_REMOTE_ROOT_NAME}" -a -n "${DB_REMOTE_ROOT_HOST}" ]; then
|
||||
echo "Creating remote user \"${DB_REMOTE_ROOT_NAME}\" with root privileges..."
|
||||
mysql -uroot \
|
||||
-e "GRANT ALL PRIVILEGES ON *.* TO '${DB_REMOTE_ROOT_NAME}'@'${DB_REMOTE_ROOT_HOST}' IDENTIFIED BY '${DB_REMOTE_ROOT_PASS}' WITH GRANT OPTION; FLUSH PRIVILEGES;"
|
||||
fi
|
||||
|
||||
/usr/bin/mysqladmin --defaults-file=/etc/mysql/debian.cnf shutdown
|
||||
fi
|
||||
|
||||
# create new user / database
|
||||
if [ -n "${DB_USER}" -o -n "${DB_NAME}" ]; then
|
||||
/usr/bin/mysqld_safe >/dev/null 2>&1 &
|
||||
|
||||
# wait for mysql server to start (max 30 seconds)
|
||||
timeout=30
|
||||
while ! /usr/bin/mysqladmin -u root status >/dev/null 2>&1
|
||||
do
|
||||
timeout=$(($timeout - 1))
|
||||
if [ $timeout -eq 0 ]; then
|
||||
echo "Could not connect to mysql server. Aborting..."
|
||||
exit 1
|
||||
fi
|
||||
sleep 1
|
||||
done
|
||||
|
||||
# Check whether the old database exists and warn users to
|
||||
# manually migrate those tables if so.
|
||||
if [ -n "${DB_NAME_OLD}" ]; then
|
||||
if mysql --defaults-file=/etc/mysql/debian.cnf -e "USE $DB_NAME_OLD;" 2>/dev/null; then
|
||||
echo "$DB_WARNING"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [ -n "${DB_NAME}" ]; then
|
||||
for db in $(awk -F',' '{for (i = 1 ; i <= NF ; i++) print $i}' <<< "${DB_NAME}"); do
|
||||
if mysql --defaults-file=/etc/mysql/debian.cnf -e "USE $db;" 2>/dev/null; then
|
||||
echo "Database \"$db\" exists"
|
||||
else
|
||||
echo "Creating database \"$db\"..."
|
||||
mysql --defaults-file=/etc/mysql/debian.cnf \
|
||||
-e "CREATE DATABASE IF NOT EXISTS \`$db\` DEFAULT CHARACTER SET \`utf8\` COLLATE \`utf8_unicode_ci\`;"
|
||||
if [ -n "${DB_USER_SERVER}" -a $db = $DB_NAME_SERVER ]; then
|
||||
echo "Granting access to database \"$db\" for user \"${DB_USER_SERVER}\"..."
|
||||
mysql --defaults-file=/etc/mysql/debian.cnf \
|
||||
-e "GRANT ALL PRIVILEGES ON \`$db\`.* TO '${DB_USER_SERVER}' IDENTIFIED BY '${DB_PASS_SERVER}';"
|
||||
# Create our Database:
|
||||
mysql -uroot $db < ./initial-notaryserver.sql
|
||||
mysql -uroot $db < ./migrate-notaryserver.sql
|
||||
fi
|
||||
if [ -n "${DB_USER_SIGNER}" -a $db = $DB_NAME_SIGNER ]; then
|
||||
echo "Granting access to database \"$db\" for user \"${DB_USER_SIGNER}\"..."
|
||||
mysql --defaults-file=/etc/mysql/debian.cnf \
|
||||
-e "GRANT ALL PRIVILEGES ON \`$db\`.* TO '${DB_USER_SIGNER}' IDENTIFIED BY '${DB_PASS_SIGNER}';"
|
||||
# Create our Database:
|
||||
mysql -uroot $db < ./initial-notarysigner.sql
|
||||
fi
|
||||
fi
|
||||
done
|
||||
fi
|
||||
/usr/bin/mysqladmin --defaults-file=/etc/mysql/debian.cnf shutdown
|
||||
fi
|
||||
|
||||
# listen on all interfaces
|
||||
cat > /etc/mysql/conf.d/mysql-listen.cnf <<EOF
|
||||
[mysqld]
|
||||
bind = 0.0.0.0
|
||||
EOF
|
||||
|
||||
exec /usr/bin/mysqld_safe
|
||||
Loading…
Reference in New Issue