Ensure scripts exit early on error and set shellcheck (#283)

Co-authored-by: CrazyMax <crazy-max@users.noreply.github.com>
2026-01-23 02:14:48 +00:00 · 2022-07-13 03:02:55 +02:00 · 2022-07-13 03:02:55 +02:00 · b1c2fd7423
commit b1c2fd7423
parent 675c93441d
11 changed files with 68 additions and 51 deletions
--- a/rootfs/etc/cont-init.d/00-fix-logs.sh
+++ b/rootfs/etc/cont-init.d/00-fix-logs.sh
@ -1,4 +1,5 @@
 #!/usr/bin/with-contenv sh
+# shellcheck shell=sh

 # Fix access rights to stdout and stderr
 chown ${PUID}:${PGID} /proc/self/fd/1 /proc/self/fd/2 || true
--- a/rootfs/etc/cont-init.d/01-fix-uidgid.sh
+++ b/rootfs/etc/cont-init.d/01-fix-uidgid.sh
@ -1,4 +1,6 @@
 #!/usr/bin/with-contenv sh
+# shellcheck shell=sh
+set -e

 if [ -n "${PGID}" ] && [ "${PGID}" != "$(id -g librenms)" ]; then
  echo "Switching to PGID ${PGID}..."
--- a/rootfs/etc/cont-init.d/02-fix-perms.sh
+++ b/rootfs/etc/cont-init.d/02-fix-perms.sh
@ -1,4 +1,6 @@
 #!/usr/bin/with-contenv sh
+# shellcheck shell=sh
+set -e

 echo "Fixing perms..."
 mkdir -p /data \
--- a/rootfs/etc/cont-init.d/03-config.sh
+++ b/rootfs/etc/cont-init.d/03-config.sh
@ -1,4 +1,6 @@
 #!/usr/bin/with-contenv bash
+# shellcheck shell=bash
+set -e

 # From https://github.com/docker-library/mariadb/blob/master/docker-entrypoint.sh#L21-L41
 # usage: file_env VAR [DEFAULT]
@ -17,7 +19,7 @@ file_env() {
  if [ "${!var:-}" ]; then
    val="${!var}"
  elif [ "${!fileVar:-}" ]; then
-    val="$(< "${!fileVar}")"
+    val="$(<"${!fileVar}")"
  fi
  export "$var"="$val"
  unset "$fileVar"
@ -47,14 +49,14 @@ LIBRENMS_BASE_URL=${LIBRENMS_BASE_URL:-/}
 # Timezone
 echo "Setting timezone to ${TZ}..."
 ln -snf /usr/share/zoneinfo/${TZ} /etc/localtime
-echo ${TZ} > /etc/timezone
+echo ${TZ} >/etc/timezone

 # PHP
 echo "Setting PHP-FPM configuration..."
 sed -e "s/@MEMORY_LIMIT@/$MEMORY_LIMIT/g" \
  -e "s/@UPLOAD_MAX_SIZE@/$UPLOAD_MAX_SIZE/g" \
  -e "s/@CLEAR_ENV@/$CLEAR_ENV/g" \
-  /tpls/etc/php7/php-fpm.d/www.conf > /etc/php7/php-fpm.d/www.conf
+  /tpls/etc/php7/php-fpm.d/www.conf >/etc/php7/php-fpm.d/www.conf

 echo "Setting PHP INI configuration..."
 sed -i "s|memory_limit.*|memory_limit = ${MEMORY_LIMIT}|g" /etc/php7/php.ini
@ -64,7 +66,7 @@ sed -i "s|;max_input_vars.*|max_input_vars = ${MAX_INPUT_VARS}|g" /etc/php7/php.
 # OpCache
 echo "Setting OpCache configuration..."
 sed -e "s/@OPCACHE_MEM_SIZE@/$OPCACHE_MEM_SIZE/g" \
-  /tpls/etc/php7/conf.d/opcache.ini > /etc/php7/conf.d/opcache.ini
+  /tpls/etc/php7/conf.d/opcache.ini >/etc/php7/conf.d/opcache.ini

 # Nginx
 echo "Setting Nginx configuration..."
@ -72,7 +74,7 @@ sed -e "s#@UPLOAD_MAX_SIZE@#$UPLOAD_MAX_SIZE#g" \
  -e "s#@REAL_IP_FROM@#$REAL_IP_FROM#g" \
  -e "s#@REAL_IP_HEADER@#$REAL_IP_HEADER#g" \
  -e "s#@LOG_IP_VAR@#$LOG_IP_VAR#g" \
-  /tpls/etc/nginx/nginx.conf > /etc/nginx/nginx.conf
+  /tpls/etc/nginx/nginx.conf >/etc/nginx/nginx.conf

 if [ "$LISTEN_IPV6" != "true" ]; then
  sed -e '/listen \[::\]:/d' -i /etc/nginx/nginx.conf
@ -97,15 +99,15 @@ echo "Setting LibreNMS configuration..."

 # Env file
 if [ -z "$DB_HOST" ]; then
-  >&2 echo "ERROR: DB_HOST must be defined"
+  echo >&2 "ERROR: DB_HOST must be defined"
  exit 1
 fi
 file_env 'DB_PASSWORD'
 if [ -z "$DB_PASSWORD" ]; then
-  >&2 echo "ERROR: Either DB_PASSWORD or DB_PASSWORD_FILE must be defined"
+  echo >&2 "ERROR: Either DB_PASSWORD or DB_PASSWORD_FILE must be defined"
  exit 1
 fi
-cat > ${LIBRENMS_PATH}/.env <<EOL
+cat >${LIBRENMS_PATH}/.env <<EOL
 APP_URL=${LIBRENMS_BASE_URL}
 DB_HOST=${DB_HOST}
 DB_PORT=${DB_PORT}
@ -115,7 +117,7 @@ DB_PASSWORD=${DB_PASSWORD}
 EOL

 # Config : Directories
-  cat > ${LIBRENMS_PATH}/config.d/directories.php <<EOL
+cat >${LIBRENMS_PATH}/config.d/directories.php <<EOL
 <?php
 \$config['install_dir'] = '${LIBRENMS_PATH}';
 \$config['log_dir'] = '/data/logs';
@ -124,40 +126,40 @@ EOL
 ln -sf /data/logs ${LIBRENMS_PATH}/logs

 # Config : Server
-  cat > ${LIBRENMS_PATH}/config.d/server.php <<EOL
+cat >${LIBRENMS_PATH}/config.d/server.php <<EOL
 <?php
 \$config['own_hostname'] = '$(hostname)';
 \$config['base_url'] = '${LIBRENMS_BASE_URL}';
 EOL

 # Config : User
-cat > ${LIBRENMS_PATH}/config.d/user.php <<EOL
+cat >${LIBRENMS_PATH}/config.d/user.php <<EOL
 <?php
 \$config['user'] = "librenms";
 \$config['group'] = "librenms";
 EOL

 # Config : Fping
-cat > ${LIBRENMS_PATH}/config.d/fping.php <<EOL
+cat >${LIBRENMS_PATH}/config.d/fping.php <<EOL
 <?php
 \$config['fping'] = "/usr/sbin/fping";
 \$config['fping6'] = "/usr/sbin/fping6";
 EOL

 # Config : ipmitool
-cat > ${LIBRENMS_PATH}/config.d/ipmitool.php <<EOL
+cat >${LIBRENMS_PATH}/config.d/ipmitool.php <<EOL
 <?php
 \$config['ipmitool'] = "/usr/sbin/ipmitool";
 EOL

 # Config : Disable autoupdate
-cat > ${LIBRENMS_PATH}/config.d/autoupdate.php <<EOL
+cat >${LIBRENMS_PATH}/config.d/autoupdate.php <<EOL
 <?php
 \$config['update'] = 0;
 EOL

 # Config : Services
-cat > ${LIBRENMS_PATH}/config.d/services.php <<EOL
+cat >${LIBRENMS_PATH}/config.d/services.php <<EOL
 <?php
 \$config['show_services'] = 1;
 \$config['nagios_plugins'] = "/usr/lib/monitoring-plugins";
@ -165,7 +167,7 @@ EOL

 # Config : Memcached
 if [ -n "${MEMCACHED_HOST}" ]; then
-    cat > ${LIBRENMS_PATH}/config.d/memcached.php <<EOL
+  cat >${LIBRENMS_PATH}/config.d/memcached.php <<EOL
 <?php
 \$config['memcached']['enable'] = true;
 \$config['memcached']['host'] = '${MEMCACHED_HOST}';
@ -175,7 +177,7 @@ fi

 # Config : RRDcached
 if [ -n "${RRDCACHED_SERVER}" ]; then
-    cat > ${LIBRENMS_PATH}/config.d/rrdcached.php <<EOL
+  cat >${LIBRENMS_PATH}/config.d/rrdcached.php <<EOL
 <?php
 \$config['rrdcached'] = "${RRDCACHED_SERVER}";
 \$config['rrdtool_version'] = "1.7.2";
@ -183,7 +185,7 @@ EOL
 fi

 # Config : Dispatcher
-cat > ${LIBRENMS_PATH}/config.d/dispatcher.php <<EOL
+cat >${LIBRENMS_PATH}/config.d/dispatcher.php <<EOL
 <?php
 \$config['service_update_enabled'] = false;
 \$config['service_watchdog_enabled'] = false;
--- a/rootfs/etc/cont-init.d/04-svc-main.sh
+++ b/rootfs/etc/cont-init.d/04-svc-main.sh
@ -1,4 +1,6 @@
 #!/usr/bin/with-contenv bash
+# shellcheck shell=bash
+set -e

 # From https://github.com/docker-library/mariadb/blob/master/docker-entrypoint.sh#L21-L41
 # usage: file_env VAR [DEFAULT]
@ -17,7 +19,7 @@ file_env() {
  if [ "${!var:-}" ]; then
    val="${!var}"
  elif [ "${!fileVar:-}" ]; then
-    val="$(< "${!fileVar}")"
+    val="$(<"${!fileVar}")"
  fi
  export "$var"="$val"
  unset "$fileVar"
@ -39,17 +41,17 @@ fi
 # Handle .env
 if [ ! -f "/data/.env" ]; then
  echo "Generating APP_KEY and unique NODE_ID"
-  cat > "/data/.env" <<EOL
+  cat >"/data/.env" <<EOL
 APP_KEY=$(artisan key:generate --no-interaction --force --show)
 NODE_ID=$(php -r "echo uniqid();")
 EOL
 fi
-cat "/data/.env" >> "${LIBRENMS_PATH}/.env"
+cat "/data/.env" >>"${LIBRENMS_PATH}/.env"
 chown librenms. /data/.env "${LIBRENMS_PATH}/.env"

 file_env 'DB_PASSWORD'
 if [ -z "$DB_PASSWORD" ]; then
-  >&2 echo "ERROR: Either DB_PASSWORD or DB_PASSWORD_FILE must be defined"
+  echo >&2 "ERROR: Either DB_PASSWORD or DB_PASSWORD_FILE must be defined"
  exit 1
 fi

@ -58,13 +60,13 @@ unset DB_PASSWORD

 echo "Waiting ${DB_TIMEOUT}s for database to be ready..."
 counter=1
-while ! ${dbcmd} -e "show databases;" > /dev/null 2>&1; do
+while ! ${dbcmd} -e "show databases;" >/dev/null 2>&1; do
  sleep 1
  counter=$((counter + 1))
  if [ ${counter} -gt ${DB_TIMEOUT} ]; then
-    >&2 echo "ERROR: Failed to connect to database on $DB_HOST"
+    echo >&2 "ERROR: Failed to connect to database on $DB_HOST"
    exit 1
-  fi;
+  fi
 done
 echo "Database ready!"
 counttables=$(echo 'SHOW TABLES' | ${dbcmd} "$DB_NAME" | wc -l)
@ -83,7 +85,7 @@ if [ "${counttables}" -eq "0" ]; then
 fi

 mkdir -p /etc/services.d/nginx
-cat > /etc/services.d/nginx/run <<EOL
+cat >/etc/services.d/nginx/run <<EOL
 #!/usr/bin/execlineb -P
 with-contenv
 s6-setuidgid ${PUID}:${PGID}
@ -92,7 +94,7 @@ EOL
 chmod +x /etc/services.d/nginx/run

 mkdir -p /etc/services.d/php-fpm
-cat > /etc/services.d/php-fpm/run <<EOL
+cat >/etc/services.d/php-fpm/run <<EOL
 #!/usr/bin/execlineb -P
 with-contenv
 s6-setuidgid ${PUID}:${PGID}
@ -101,7 +103,7 @@ EOL
 chmod +x /etc/services.d/php-fpm/run

 mkdir -p /etc/services.d/snmpd
-cat > /etc/services.d/snmpd/run <<EOL
+cat >/etc/services.d/snmpd/run <<EOL
 #!/usr/bin/execlineb -P
 with-contenv
 /usr/sbin/snmpd -f -c /etc/snmp/snmpd.conf
--- a/rootfs/etc/cont-init.d/05-svc-dispatcher.sh
+++ b/rootfs/etc/cont-init.d/05-svc-dispatcher.sh
@ -1,4 +1,6 @@
 #!/usr/bin/with-contenv bash
+# shellcheck shell=bash
+set -e

 # From https://github.com/docker-library/mariadb/blob/master/docker-entrypoint.sh#L21-L41
 # usage: file_env VAR [DEFAULT]
@ -17,7 +19,7 @@ file_env() {
  if [ "${!var:-}" ]; then
    val="${!var}"
  elif [ "${!fileVar:-}" ]; then
-    val="$(< "${!fileVar}")"
+    val="$(<"${!fileVar}")"
  fi
  export "$var"="$val"
  unset "$fileVar"
@ -50,7 +52,7 @@ echo ">>"

 file_env 'DB_PASSWORD'
 if [ -z "$DB_PASSWORD" ]; then
-  >&2 echo "ERROR: Either DB_PASSWORD or DB_PASSWORD_FILE must be defined"
+  echo >&2 "ERROR: Either DB_PASSWORD or DB_PASSWORD_FILE must be defined"
  exit 1
 fi

@ -59,30 +61,30 @@ unset DB_PASSWORD

 echo "Waiting ${DB_TIMEOUT}s for database to be ready..."
 counter=1
-while ! ${dbcmd} -e "show databases;" > /dev/null 2>&1; do
+while ! ${dbcmd} -e "show databases;" >/dev/null 2>&1; do
  sleep 1
  counter=$((counter + 1))
  if [ ${counter} -gt ${DB_TIMEOUT} ]; then
-    >&2 echo "ERROR: Failed to connect to database on $DB_HOST"
+    echo >&2 "ERROR: Failed to connect to database on $DB_HOST"
    exit 1
-  fi;
+  fi
 done
 echo "Database ready!"
-while ! ${dbcmd} -e "desc $DB_NAME.poller_cluster;" > /dev/null 2>&1; do
+while ! ${dbcmd} -e "desc $DB_NAME.poller_cluster;" >/dev/null 2>&1; do
  sleep 1
  counter=$((counter + 1))
  if [ ${counter} -gt ${DB_TIMEOUT} ]; then
-    >&2 echo "ERROR: Table $DB_NAME.poller_cluster does not exist on $DB_HOST"
+    echo >&2 "ERROR: Table $DB_NAME.poller_cluster does not exist on $DB_HOST"
    exit 1
-  fi;
+  fi
 done

 # Node ID
 if [ ! -f "/data/.env" ]; then
-  >&2 echo "ERROR: /data/.env file does not exist. Please run the main container first"
+  echo >&2 "ERROR: /data/.env file does not exist. Please run the main container first"
  exit 1
 fi
-cat "/data/.env" >> "${LIBRENMS_PATH}/.env"
+cat "/data/.env" >>"${LIBRENMS_PATH}/.env"
 if [ -n "$DISPATCHER_NODE_ID" ]; then
  echo "NODE_ID: $DISPATCHER_NODE_ID"
  sed -i "s|^NODE_ID=.*|NODE_ID=$DISPATCHER_NODE_ID|g" "${LIBRENMS_PATH}/.env"
@ -90,11 +92,11 @@ fi

 # Redis
 if [ -z "$REDIS_HOST" ] && [ -z "$REDIS_SENTINEL" ]; then
-  >&2 echo "ERROR: REDIS_HOST or REDIS_SENTINEL must be defined"
+  echo >&2 "ERROR: REDIS_HOST or REDIS_SENTINEL must be defined"
  exit 1
 elif [ -n "$REDIS_HOST" ]; then
-echo "Setting Redis"
-  cat >> ${LIBRENMS_PATH}/.env <<EOL
+  echo "Setting Redis"
+  cat >>${LIBRENMS_PATH}/.env <<EOL
 REDIS_HOST=${REDIS_HOST}
 REDIS_SCHEME=${REDIS_SCHEME}
 REDIS_PORT=${REDIS_PORT}
@ -102,8 +104,8 @@ REDIS_PASSWORD=${REDIS_PASSWORD}
 REDIS_DB=${REDIS_DB}
 EOL
 elif [ -n "$REDIS_SENTINEL" ]; then
-echo "Setting Redis Sentinel"
-  cat >> ${LIBRENMS_PATH}/.env <<EOL
+  echo "Setting Redis Sentinel"
+  cat >>${LIBRENMS_PATH}/.env <<EOL
 REDIS_SENTINEL=${REDIS_SENTINEL}
 REDIS_SENTINEL_SERVICE=${REDIS_SENTINEL_SERVICE}
 REDIS_PORT=${REDIS_PORT}
@ -114,7 +116,7 @@ fi

 # Create service
 mkdir -p /etc/services.d/dispatcher
-cat > /etc/services.d/dispatcher/run <<EOL
+cat >/etc/services.d/dispatcher/run <<EOL
 #!/usr/bin/execlineb -P
 with-contenv
 s6-setuidgid ${PUID}:${PGID}
--- a/rootfs/etc/cont-init.d/06-svc-syslogng.sh
+++ b/rootfs/etc/cont-init.d/06-svc-syslogng.sh
@ -1,4 +1,6 @@
 #!/usr/bin/with-contenv sh
+# shellcheck shell=sh
+set -e

 SIDECAR_SYSLOGNG=${SIDECAR_SYSLOGNG:-0}

@ -17,7 +19,7 @@ chown -R librenms. /run/syslog-ng

 # Create service
 mkdir -p /etc/services.d/syslogng
-cat > /etc/services.d/syslogng/run <<EOL
+cat >/etc/services.d/syslogng/run <<EOL
 #!/usr/bin/execlineb -P
 with-contenv
 /usr/sbin/syslog-ng -F
--- a/rootfs/etc/cont-init.d/07-svc-cron.sh
+++ b/rootfs/etc/cont-init.d/07-svc-cron.sh
@ -1,4 +1,6 @@
 #!/usr/bin/with-contenv bash
+# shellcheck shell=bash
+set -e

 CRONTAB_PATH="/var/spool/cron/crontabs"

@ -21,11 +23,11 @@ touch ${CRONTAB_PATH}/librenms

 # Cron
 echo "Creating LibreNMS daily.sh cron task with the following period fields: $LIBRENMS_DAILY_SCHEDULE"
-echo "${LIBRENMS_DAILY_SCHEDULE} cd /opt/librenms/ && bash daily.sh" >> ${CRONTAB_PATH}/librenms
+echo "${LIBRENMS_DAILY_SCHEDULE} cd /opt/librenms/ && bash daily.sh" >>${CRONTAB_PATH}/librenms

 if [ "$LIBRENMS_WEATHERMAP" = "true" ] && [ -n "$LIBRENMS_WEATHERMAP_SCHEDULE" ]; then
  echo "Creating LibreNMS Weathermap cron task with the following period fields: $LIBRENMS_WEATHERMAP_SCHEDULE"
-  echo "${LIBRENMS_WEATHERMAP_SCHEDULE} php -f /opt/librenms/html/plugins/Weathermap/map-poller.php" >> ${CRONTAB_PATH}/librenms
+  echo "${LIBRENMS_WEATHERMAP_SCHEDULE} php -f /opt/librenms/html/plugins/Weathermap/map-poller.php" >>${CRONTAB_PATH}/librenms
 fi

 # Fix perms
@ -34,7 +36,7 @@ chmod -R 0644 ${CRONTAB_PATH}

 # Create service
 mkdir -p /etc/services.d/cron
-cat > /etc/services.d/cron/run <<EOL
+cat >/etc/services.d/cron/run <<EOL
 #!/usr/bin/execlineb -P
 with-contenv
 exec busybox crond -f -L /dev/stdout
--- a/rootfs/etc/cont-init.d/08-svc-snmptrapd.sh
+++ b/rootfs/etc/cont-init.d/08-svc-snmptrapd.sh
@ -1,4 +1,6 @@
 #!/usr/bin/with-contenv sh
+# shellcheck shell=sh
+set -e

 SIDECAR_SNMPTRAPD=${SIDECAR_SNMPTRAPD:-0}
 LIBRENMS_SNMP_COMMUNITY=${LIBRENMS_SNMP_COMMUNITY:-librenmsdocker}
@ -37,7 +39,7 @@ sed -ie "s/@SNMP_DISABLE_AUTHORIZATION@/${SNMP_DISABLE_AUTHORIZATION}/" /etc/snm

 # Create service
 mkdir -p /etc/services.d/snmptrapd
-cat > /etc/services.d/snmptrapd/run <<EOL
+cat >/etc/services.d/snmptrapd/run <<EOL
 #!/usr/bin/execlineb -P
 with-contenv
 /usr/sbin/snmptrapd -f -m ALL -M /opt/librenms/mibs:/opt/librenms/mibs/cisco udp:162 tcp:162
--- a/rootfs/usr/bin/lnms
+++ b/rootfs/usr/bin/lnms
@ -1,3 +1,3 @@
-#!/bin/sh
+#!/usr/bin/env sh

 yasu librenms:librenms php -f /opt/librenms/lnms "$@"
--- a/rootfs/usr/local/bin/artisan
+++ b/rootfs/usr/local/bin/artisan
@ -1,4 +1,4 @@
-#!/bin/sh
+#!/usr/bin/env sh

 cd /opt/librenms || exit 1
 yasu librenms:librenms php artisan "$@"