gist:b6901b70dc524dd1a1d4d134d9686b9c

autoupgrade_docker-ce_container.io.sh · 616 B · Bash Неформатований

1	#!/bin/bash
2	cat <<EOF > /etc/apt/preferences.d/docker_pinning
3	Package: docker-ce*
4	Pin: version 5:28.2.*
5	Pin-Priority: 1000
6
7	Package: containerd.io
8	Pin: version 1.7*
9	Pin-Priority: 1000
10
11	Package: containerd.io
12	Pin: release o=Docker
13	Pin-Priority: -1
14
15	Package: docker-ce*
16	Pin: release o=Docker
17	Pin-Priority: -1
18	EOF
19	[ -f /etc/apt/apt.conf.d/50unattended-upgrades ] && [ ! $(grep -c "label=Docker CE" /etc/apt/apt.conf.d/50unattended-upgrades) -gt 0 ] && \
20	sed -i '/-security,label=Debian-Security/a\ "origin=Docker,archive=${distro_codename},label=Docker CE";' /etc/apt/apt.conf.d/50unattended-upgrades \|\| exit 0
21

deploy_addons.sh · 2.3 KiB · Bash Неформатований

#!/bin/bash # Install docker compose apt-get install docker-compose-plugin # Install docker compsoe switch SWITCH_VER=$(curl -s -o /dev/null -I -w "%{redirect_url}\n" https://github.com/docker/compose-switch/releases/latest | grep -oP "[0-9]+(\.[0-9]+)+$") && \ curl -sSL https://github.com/docker/compose-switch/releases/download/v$SWITCH_VER/docker-compose-linux-$(dpkg --print-architecture) -o /usr/local/bin/compose-switch && chmod +x /usr/local/bin/compose-switch && \ # Move old docker-compose v1 binary away if [ -f /usr/local/bin/docker-compose ]; then if [ $(/usr/local/bin/docker-compose version | head -1 | grep -oP "[0-9]+(\.[0-9]+)+" | grep -c "^1") == 1 ]; then mv /usr/local/bin/docker-compose /usr/local/bin/docker-compose-v1; fi; fi && \ # Update alternative if [ ! -L /usr/local/bin/docker-compose ]; then [ -f /usr/local/bin/compose-switch ] && update-alternatives --install /usr/local/bin/docker-compose docker-compose /usr/local/bin/compose-switch 99 && \ [ -f /usr/local/bin/docker-compose-v1 ] && update-alternatives --install /usr/local/bin/docker-compose docker-compose /usr/local/bin/docker-compose-v1 fi; # Install ctop echo "deb http://packages.azlux.fr/debian/ $(. /etc/os-release && echo "$VERSION_CODENAME") main" | tee /etc/apt/sources.list.d/azlux.list && \ if [ -d /etc/apt/trusted.gpg.d/ ]; then curl -fsSL https://azlux.fr/repo.gpg.key | sudo gpg --batch --yes --dearmor -o /etc/apt/trusted.gpg.d/azlux.gpg; else curl -fsSL https://azlux.fr/repo.gpg.key | sudo apt-key add -; fi && \ apt update && \ apt install docker-ctop && \ # Creating some temp dir TMPDIR=$(mktemp -d /tmp/d.XXXXXX) && \ trap 'rm -rf "${TMPDIR}"' EXIT && \ # Install lazydocker LAZYDOCKER_VERSION=$(curl -L -s -H 'Accept: application/json' https://github.com/jesseduffield/lazydocker/releases/latest | sed -e 's/.*"tag_name":"$[^"]*$".*/\1/') && \ GITHUB_FILE="lazydocker_${LAZYDOCKER_VERSION//v/}_$(uname -s)_$(dpkg --print-architecture).tar.gz" && \ GITHUB_URL="https://github.com/jesseduffield/lazydocker/releases/download/${LAZYDOCKER_VERSION}/${GITHUB_FILE}" && \ curl -so ${TMPDIR}/lazydocker.tar.gz -L ${GITHUB_URL} && \ tar xzf ${TMPDIR}/lazydocker.tar.gz -C ${TMPDIR} && \ mv -f ${TMPDIR}/lazydocker /usr/local/bin/ && \ [ -f /usr/local/bin/ctop ] && rm -rf /usr/local/bin/ctop || exit 0 \

1	#!/bin/bash
2	# Install docker compose
3	apt-get install docker-compose-plugin
4	# Install docker compsoe switch
5	SWITCH_VER=$(curl -s -o /dev/null -I -w "%{redirect_url}\n" https://github.com/docker/compose-switch/releases/latest \| grep -oP "[0-9]+(\.[0-9]+)+$") && \
6	curl -sSL https://github.com/docker/compose-switch/releases/download/v$SWITCH_VER/docker-compose-linux-$(dpkg --print-architecture) -o /usr/local/bin/compose-switch && chmod +x /usr/local/bin/compose-switch && \
7	# Move old docker-compose v1 binary away
8	if [ -f /usr/local/bin/docker-compose ]; then
9	if [ $(/usr/local/bin/docker-compose version \| head -1 \| grep -oP "[0-9]+(\.[0-9]+)+" \| grep -c "^1") == 1 ]; then
10	mv /usr/local/bin/docker-compose /usr/local/bin/docker-compose-v1;
11	fi;
12	fi && \
13	# Update alternative
14	if [ ! -L /usr/local/bin/docker-compose ]; then
15	[ -f /usr/local/bin/compose-switch ] && update-alternatives --install /usr/local/bin/docker-compose docker-compose /usr/local/bin/compose-switch 99 && \
16	[ -f /usr/local/bin/docker-compose-v1 ] && update-alternatives --install /usr/local/bin/docker-compose docker-compose /usr/local/bin/docker-compose-v1
17	fi;
18	# Install ctop
19	echo "deb http://packages.azlux.fr/debian/ $(. /etc/os-release && echo "$VERSION_CODENAME") main" \| tee /etc/apt/sources.list.d/azlux.list && \
20	if [ -d /etc/apt/trusted.gpg.d/ ]; then curl -fsSL https://azlux.fr/repo.gpg.key \| sudo gpg --batch --yes --dearmor -o /etc/apt/trusted.gpg.d/azlux.gpg; else curl -fsSL https://azlux.fr/repo.gpg.key \| sudo apt-key add -; fi && \
21	apt update && \
22	apt install docker-ctop && \
23	# Creating some temp dir
24	TMPDIR=$(mktemp -d /tmp/d.XXXXXX) && \
25	trap 'rm -rf "${TMPDIR}"' EXIT && \
26	# Install lazydocker
27	LAZYDOCKER_VERSION=$(curl -L -s -H 'Accept: application/json' https://github.com/jesseduffield/lazydocker/releases/latest \| sed -e 's/."tag_name":"$[^"]$".*/\1/') && \
28	GITHUB_FILE="lazydocker_${LAZYDOCKER_VERSION//v/}_$(uname -s)_$(dpkg --print-architecture).tar.gz" && \
29	GITHUB_URL="https://github.com/jesseduffield/lazydocker/releases/download/${LAZYDOCKER_VERSION}/${GITHUB_FILE}" && \
30	curl -so ${TMPDIR}/lazydocker.tar.gz -L ${GITHUB_URL} && \
31	tar xzf ${TMPDIR}/lazydocker.tar.gz -C ${TMPDIR} && \
32	mv -f ${TMPDIR}/lazydocker /usr/local/bin/ && \
33	[ -f /usr/local/bin/ctop ] && rm -rf /usr/local/bin/ctop \|\| exit 0 \
34

docker_deploy.sh · 4.0 KiB · Bash Неформатований

#!/bin/bash # detect release and add package sources #[ "$(lsb_release -rs)" = "testing" ] || [ "$(cat /etc/debian_version | awk -F. {'print $1'})" -ne "8" ] && echo exit 1 echo "deb [arch=$(dpkg --print-architecture)] https://download.docker.com/linux/$(. /etc/os-release && echo "$ID") $(. /etc/os-release && echo "$VERSION_CODENAME") stable" > \ /etc/apt/sources.list.d/$(. /etc/os-release && echo "$VERSION_CODENAME")-docker.list && \ # Install needed dependencies apt-get install -y apt-transport-https ca-certificates bridge-utils curl sudo && \ if [ -d /etc/apt/trusted.gpg.d/ ]; then curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/docker-archive-keyring.gpg; else apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0EBFCD88; fi && \ apt-get update; \ # Deploy pinning and unatteded upgrade config for docker-ce and container.io # yes, we can do 'curl pipe bash', but this way we can adjust the script if something failes without redownload it curl -so /tmp/autoupgrade_docker-ce_container.io.sh https://gist.githubusercontent.com/waja/01ba2641f93f461044f9/raw/autoupgrade_docker-ce_container.io.sh && \ bash /tmp/autoupgrade_docker-ce_container.io.sh && \ # Install docker and enable it apt-get install -y docker-ce && \ systemctl enable docker && \ # Allow to relay from local networks (where our containers are running) sed -i 's#127.0.0.0/8#127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16#' /etc/postfix/main.cf && \ service postfix reload && \ # https://gist.github.com/steakknife/9094991#file-run_me_001__install_docker_and_fixes-sh-L20-L22 (enable swap resource limiting) # https://tianon.github.io/post/2017/05/18/docker-setup-redux.html#configure-boot-parameters [ -x /usr/sbin/update-grub ] && \ sed -i 's/$GRUB_CMDLINE_LINUX_DEFAULT="quiet$"/\1 cgroup_enable=memory swapaccount=1 systemd.legacy_systemd_cgroup_controller=yes vsyscall=emulate"/' /etc/default/grub && \ update-grub; \ # Enable live restore (https://docs.docker.com/config/containers/live-restore/) cat > /etc/docker/daemon.json <<EOF { "live-restore": true } EOF # Install docker-compose and ctop curl -so /tmp/deploy_addons.sh https://gist.githubusercontent.com/waja/01ba2641f93f461044f9/raw/deploy_addons.sh && \ bash /tmp/deploy_addons.sh && \ # Blacklist container.io for needsrestart [ -d /etc/needrestart/conf.d/ -a ! -f /etc/needrestart/conf.d/blacklist_rc.conf ] && \ cat > /etc/needrestart/conf.d/blacklist_rc.conf <<EOF \$nrconf{blacklist_rc} = [ qr(containerd.service), ]; EOF # Add some cleanup jobs cat > /etc/cron.weekly/docker-cleanup <<EOF #!/bin/bash # See https://getintodevops.com/blog/keeping-the-whale-happy-how-to-clean-up-after-docker # DELETE STOPPED CONTAINERS, AND VOLUMES AND NETWORKS THAT ARE NOT USED BY CONTAINERS # docker system prune -a -f # DELETE EXITED CONTAINERS # docker container ps -aqf status=exited && docker container rm $(docker container ps -aqf status=exited) # DELETE DANGLING AND UNTAGGED IMAGES # docker images -q -f dangling=true && docker image rm $(docker images -q -f dangling=true) # DELETE ORPHANED AND DANGLING VOLUMES docker image prune -f DOCKER_VOLUMES=\$(docker volume ls -qf dangling=true) if [ "\${DOCKER_VOLUMES}" != "" ]; then docker volume rm \${DOCKER_VOLUMES} fi # garbage collection, see https://github.com/spotify/docker-gc/blob/master/README.md docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v /etc:/etc:ro -e MINIMUM_IMAGES_TO_SAVE=2 -e GRACE_PERIOD_SECONDS=432000 spotify/docker-gc | grep -v running EOF chmod +x /etc/cron.weekly/docker-cleanup # To update pinning, unattended upgrade config and updating docker compose, ctop and lazydocker # curl -so /tmp/autoupgrade_docker-ce_container.io.sh https://gist.githubusercontent.com/waja/01ba2641f93f461044f9/raw/autoupgrade_docker-ce_container.io.sh && bash /tmp/autoupgrade_docker-ce_container.io.sh && curl -so /tmp/deploy_addons.sh https://gist.githubusercontent.com/waja/01ba2641f93f461044f9/raw/deploy_addons.sh && bash /tmp/deploy_addons.sh

1	#!/bin/bash
2	# detect release and add package sources
3	#[ "$(lsb_release -rs)" = "testing" ] \|\| [ "$(cat /etc/debian_version \| awk -F. {'print $1'})" -ne "8" ] && echo exit 1
4	echo "deb [arch=$(dpkg --print-architecture)] https://download.docker.com/linux/$(. /etc/os-release && echo "$ID") $(. /etc/os-release && echo "$VERSION_CODENAME") stable" > \
5	/etc/apt/sources.list.d/$(. /etc/os-release && echo "$VERSION_CODENAME")-docker.list && \
6	# Install needed dependencies
7	apt-get install -y apt-transport-https ca-certificates bridge-utils curl sudo && \
8	if [ -d /etc/apt/trusted.gpg.d/ ]; then curl -fsSL https://download.docker.com/linux/debian/gpg \| sudo gpg --dearmor -o /etc/apt/trusted.gpg.d/docker-archive-keyring.gpg; else apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0EBFCD88; fi && \
9	apt-get update; \
10	# Deploy pinning and unatteded upgrade config for docker-ce and container.io
11	# yes, we can do 'curl pipe bash', but this way we can adjust the script if something failes without redownload it
12	curl -so /tmp/autoupgrade_docker-ce_container.io.sh https://gist.githubusercontent.com/waja/01ba2641f93f461044f9/raw/autoupgrade_docker-ce_container.io.sh && \
13	bash /tmp/autoupgrade_docker-ce_container.io.sh && \
14	# Install docker and enable it
15	apt-get install -y docker-ce && \
16	systemctl enable docker && \
17	# Allow to relay from local networks (where our containers are running)
18	sed -i 's#127.0.0.0/8#127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16#' /etc/postfix/main.cf && \
19	service postfix reload && \
20	# https://gist.github.com/steakknife/9094991#file-run_me_001__install_docker_and_fixes-sh-L20-L22 (enable swap resource limiting)
21	# https://tianon.github.io/post/2017/05/18/docker-setup-redux.html#configure-boot-parameters
22	[ -x /usr/sbin/update-grub ] && \
23	sed -i 's/$GRUB_CMDLINE_LINUX_DEFAULT="quiet$"/\1 cgroup_enable=memory swapaccount=1 systemd.legacy_systemd_cgroup_controller=yes vsyscall=emulate"/' /etc/default/grub && \
24	update-grub; \
25	# Enable live restore (https://docs.docker.com/config/containers/live-restore/)
26	cat > /etc/docker/daemon.json <<EOF
27	{
28	"live-restore": true
29	}
30	EOF
31	# Install docker-compose and ctop
32	curl -so /tmp/deploy_addons.sh https://gist.githubusercontent.com/waja/01ba2641f93f461044f9/raw/deploy_addons.sh && \
33	bash /tmp/deploy_addons.sh && \
34	# Blacklist container.io for needsrestart
35	[ -d /etc/needrestart/conf.d/ -a ! -f /etc/needrestart/conf.d/blacklist_rc.conf ] && \
36	cat > /etc/needrestart/conf.d/blacklist_rc.conf <<EOF
37	\$nrconf{blacklist_rc} = [
38	qr(containerd.service),
39	];
40	EOF
41	# Add some cleanup jobs
42	cat > /etc/cron.weekly/docker-cleanup <<EOF
43	#!/bin/bash
44	# See https://getintodevops.com/blog/keeping-the-whale-happy-how-to-clean-up-after-docker
45	# DELETE STOPPED CONTAINERS, AND VOLUMES AND NETWORKS THAT ARE NOT USED BY CONTAINERS
46	# docker system prune -a -f
47	# DELETE EXITED CONTAINERS
48	# docker container ps -aqf status=exited && docker container rm $(docker container ps -aqf status=exited)
49	# DELETE DANGLING AND UNTAGGED IMAGES
50	# docker images -q -f dangling=true && docker image rm $(docker images -q -f dangling=true)
51	# DELETE ORPHANED AND DANGLING VOLUMES
52	docker image prune -f
53	DOCKER_VOLUMES=\$(docker volume ls -qf dangling=true)
54	if [ "\${DOCKER_VOLUMES}" != "" ]; then
55	docker volume rm \${DOCKER_VOLUMES}
56	fi
57	# garbage collection, see https://github.com/spotify/docker-gc/blob/master/README.md
58	docker run --rm -v /var/run/docker.sock:/var/run/docker.sock -v /etc:/etc:ro -e MINIMUM_IMAGES_TO_SAVE=2 -e GRACE_PERIOD_SECONDS=432000 spotify/docker-gc \| grep -v running
59	EOF
60	chmod +x /etc/cron.weekly/docker-cleanup
61	# To update pinning, unattended upgrade config and updating docker compose, ctop and lazydocker
62	# curl -so /tmp/autoupgrade_docker-ce_container.io.sh https://gist.githubusercontent.com/waja/01ba2641f93f461044f9/raw/autoupgrade_docker-ce_container.io.sh && bash /tmp/autoupgrade_docker-ce_container.io.sh && curl -so /tmp/deploy_addons.sh https://gist.githubusercontent.com/waja/01ba2641f93f461044f9/raw/deploy_addons.sh && bash /tmp/deploy_addons.sh
63