FIX #7: ignore healthchecks entries

README.md

@@ -17,25 +17,36 @@ services:
       - 2222:22 # sftp access
     volumes:
       - ./data:/data
-      - ./ssh:/ssh # add authorized_keys file here
       - ./extra_nginx.conf:/etc/nginx/custom.d/extra.conf # optional
-      - ./htpasswd:/app/htpasswd # optional, for webdav auth
     environment:
-      LOG_DAYS: 14 # default 7
+      LOG_DAYS: 14              # default 7
-      WEBDAV_PORT: 8080 # default: 8080
+      WEBDAV_PORT: 8080         # default: 8080
-      STATS_PORT: 8081 # default: 8081
+      STATS_PORT: 8081          # default: 8081
-      PHP: php84 # none (default), php82, php83, php84
+      PHP: php84                # none (default), php82, php83, php84
-      POSTSIZE: 256M # default: 256M
+      POSTSIZE: 256M            # default: 256M
-      PUID: 1000 # default: 1000
+      PUID: 1000                # default: 1000
-      PGID: 1000 # default: 1000
+      PGID: 1000                # default: 1000
-      USERNAME: theuser # default: theuser
+      USERNAME: theuser         # default: theuser
-      GROUPNAME: thegroup # default: thegroup
+      GROUPNAME: thegroup       # default: thegroup
-      TZ: Etc/UTC  # default: Etc/UTC
+      TZ: Etc/UTC               # default: Etc/UTC
-      FPM_MAX_CHILDREN: 5 # default: 5
+      FPM_MAX_CHILDREN: 5       # default: 5
-      FPM_START_SERVERS: 1 # default: 1
+      FPM_START_SERVERS: 1      # default: 1
-      FPM_MIN_SPARE_SERVERS: 1 # default: 1
+      FPM_MIN_SPARE_SERVERS: 1  # default: 1
-      FPM_MAX_SPARE_SERVERS: 3 # default: 3
+      FPM_MAX_SPARE_SERVERS: 3  # default: 3
-      DISABLE_WEBROOT_CHOWN: 1 # default: 0
+      DISABLE_WEBROOT_CHOWN: 1  # default: 0
+      DISABLE_SFTP: 1           # default: 0
+      DISABLE_STATS: 1          # default: 0
 ```
 
 The `/data/www` and `/data/logs` directories and their contents will be chowned to `$PUID:$PGID` and chmodded to `0755` for directories and `0644` for files at container start.
+
+## data direcvtory layout
+
+| directory | content                                       |
+|-----------|-----------------------------------------------|
+| auth      | htpasswd files for stats and webdav           |
+| logs      | nginx access logs (logrotated) and error logs |
+| ssh       | host keys and authorized keys                 |
+| stats     | html statistical report                       |
+| stats.db  | internal statistical db                       |
+| www       | webroot                                       |

docker-compose-sample.yaml

@@ -1,11 +0,0 @@
-services:
-  web:
-    image: docker.asperti.com/paspo/webserver-nginx
-    ports:
-      - 8888:80
-      - 2222:22
-    volumes:
-      - ./www:/data/www
-      - ./ssh:/ssh # add authorized_keys file here
-    environment:
-      PHP: php84 # none (default), php82, php83, php84

rootfs/app/entrypoint.sh

@@ -25,6 +25,8 @@ FPM_MIN_SPARE_SERVERS=${FPM_MIN_SPARE_SERVERS:-1}
 FPM_MAX_SPARE_SERVERS=${FPM_MAX_SPARE_SERVERS:-3}
 
 DISABLE_WEBROOT_CHOWN=${DISABLE_WEBROOT_CHOWN:-0}
+DISABLE_SFTP=${DISABLE_SFTP:-0}
+DISABLE_STATS=${DISABLE_STATS:-0}
 
 export USERNAME
 export GROUPNAME
@@ -49,6 +51,8 @@ export FPM_MIN_SPARE_SERVERS
 export FPM_MAX_SPARE_SERVERS
 
 export DISABLE_WEBROOT_CHOWN
+export DISABLE_SFTP
+export DISABLE_STATS
 
 # run all scripts in order
 run-parts /app/entrypoint.sh.d

rootfs/app/entrypoint.sh.d/90_logs.sh

@@ -18,7 +18,7 @@ ${PATH_LOGS}/nginx-access.log {
     su ${USERNAME} ${GROUPNAME}
     postrotate
         /usr/sbin/nginx -s reopen
-        nice -n 19 /usr/bin/goaccess ${PATH_LOGS}/nginx-access.log.1 --agent-list --anonymize-ip --real-os --output ${PATH_STATS}/index.html --log-format COMBINED --tz="${TZ}" --db-path=${PATH_STATSDB} --persist --restore 
+        nice -n 19 /app/stats.sh
     endscript
 }
 EOF

rootfs/app/entrypoint.sh.d/90_ssh.sh

@@ -1,5 +1,9 @@
 #!/bin/sh
 
+if [ ${DISABLE_SFTP} -eq 1 ] ; then
+  exit 0
+fi
+
 echo "# Configuring ssh"
 
 # make sure directory exists
@@ -23,8 +27,7 @@ if [ -d "${PATH_WEBROOT}/.ssh" ] ; then
   chmod 0700 "${PATH_WEBROOT}/.ssh"
 fi
 
-
+# configure sshd
-
 cat >/etc/ssh/sshd_config.d/sshd.conf <<EOF
 HostKey ${PATH_SSH_HOST}/ssh_host_rsa_key
 HostKey ${PATH_SSH_HOST}/ssh_host_ecdsa_key

rootfs/app/entrypoint.sh.d/90_stats.sh

@@ -1,5 +1,9 @@
 #!/bin/sh
 
+if [ ${DISABLE_STATS} -eq 1 ] ; then
+  exit 0
+fi
+
 echo "# Configuring stats"
 
 # make sure paths exists

rootfs/app/stats.sh

@@ -0,0 +1,15 @@
+#!/bin/sh
+
+if [ "${DISABLE_STATS:-0}" -eq 1 ] ; then
+  exit 0
+fi
+
+PATH_BASE=/data
+PATH_STATS=${PATH_BASE}/stats
+PATH_STATSDB=${PATH_BASE}/stats.db
+PATH_LOGS=${PATH_BASE}/logs
+
+/usr/bin/goaccess "${PATH_LOGS}/nginx-access.log.1" \
+    --agent-list --anonymize-ip --real-os --exclude-ip 127.0.0.1 \
+    --output "${PATH_STATS}/index.html" --log-format COMBINED \
+    --tz="${TZ}" "--db-path=${PATH_STATSDB}" --persist --restore