server-stack/patch_containers at main · pedbarbosa/server-stack · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
#!/usr/bin/env bash

declare -A DEPENDENT_CONTAINERS=(
    ["gluetun"]="rutorrent"
    ["mariadb"]="homeassistant kodi"
    ["mosquitto"]="zigbee2mqtt"
)

check_priority() {
    if [[ " ${!DEPENDENT_CONTAINERS[@]} " =~ " $CONTAINER " ]]; then
        for RESTART_TARGET in ${DEPENDENT_CONTAINERS[$PRIORITY]}; do
            echo -e "\n>>> Restarting container '$RESTART_TARGET' due to '$CONTAINER' restart ..."
            docker restart "$RESTART_TARGET"
        done
    fi
}

restart_container() {
    echo -e "\n>>> Restarting container '$CONTAINER' after installing updates ..."
    docker restart "$CONTAINER"
}

patch_alpine() {
    docker exec -it "$CONTAINER" sh -c 'apk update'
    ITEMS=$(docker exec -it "$CONTAINER" sh -c 'apk -u list' | wc -l)
    if [[ "$ITEMS" -gt 0 ]]; then
        docker exec -it "$CONTAINER" sh -c "apk upgrade && find /usr/lib -regex '^.*\(__pycache__\|\.py[co]\)$' -delete && rm -rf /var/cache/apk/*" && \
        restart_container
        check_priority
    fi
    unset $ITEMS
}


patch_debian() {
    # use 'sudo' if user isn't 'root'
    APT_CMD="apt"
    CONTAINER_USER=$(docker exec -it "$CONTAINER" sh -c 'whoami' | tr -d '\r\n')
    if [[ "$CONTAINER_USER" != "root" ]]; then
        if [[ $(docker exec -it "$CONTAINER" sh -c 'which sudo') ]]; then
            APT_CMD="sudo apt"
        fi
    fi

    docker exec -it "$CONTAINER" sh -c "$APT_CMD update"
    ITEMS=$(docker exec -it "$CONTAINER" sh -c "$APT_CMD list --upgradable 2>/dev/null" | grep upgradable | wc -l)
    if [[ "$ITEMS" -gt 0 ]]; then
        docker exec -it "$CONTAINER" sh -c "export DEBIAN_FRONTEND=noninteractive && $APT_CMD upgrade -y && $APT_CMD clean autoclean && $APT_CMD autoremove -y" && \
        restart_container
        check_priority
    fi
    unset $APT_CMD $CONTAINER_USER $ITEMS
}

find_release() {
    OS_RELEASE=$(docker exec -it "$CONTAINER" sh -c 'cat /etc/os-release')
    RELEASE=$(echo "$OS_RELEASE" | awk -F= '$1=="ID" { print $2 ;}' | tr -d '[:cntrl:]')

    # if /etc/os-release wasn't present, check with uname
    if [[ -z "$RELEASE" ]]; then
        OS_RELEASE=$(docker exec -it "$CONTAINER" sh -c 'uname -r')
        if [[ "$OS_RELEASE" == *generic* ]]; then
            RELEASE="generic"
        else
            echo "ERROR: Unexpected release type '$OS_RELEASE' for container '$CONTAINER'!"
            exit 1
        fi
    fi
    unset $OS_RELEASE
}

get_release_and_patch_server() {
    find_release
    if [[ ! -z "$RELEASE" ]]; then
        echo -e "\n>>> Container '$CONTAINER' is running OS release '$RELEASE'.\n"
        if [[ "$RELEASE" == 'alpine' || "$RELEASE" == 'generic' ]]; then
            patch_alpine
        elif [[ "$RELEASE" == 'debian' || "$RELEASE" == 'ubuntu' ]]; then
            patch_debian
        else
            echo "ERROR: Release type '$RELEASE' for container '$CONTAINER' is not currently supported!"
        fi
    else
        echo "ERROR: Failed to retrieve release for '$CONTAINER'!"
    fi
    unset $RELEASE
}

for PRIORITY in "${!DEPENDENT_CONTAINERS[@]}"; do
    if docker ps --format "{{.Names}}" | grep -q "$PRIORITY"; then
        for DEPENDENT in ${DEPENDENT_CONTAINERS[$PRIORITY]}; do
            if docker ps --format "{{.Names}}" | grep -q "$DEPENDENT"; then
                CONTAINER=$DEPENDENT
                get_release_and_patch_server
            fi
        done
        CONTAINER=$PRIORITY
        get_release_and_patch_server
    fi
done

for CONTAINER in $(docker ps --format "{{.Names}}"); do
    if ! [[ "${!DEPENDENT_CONTAINERS[@]}" =~ "$CONTAINER" ]] && ! [[ "${DEPENDENT_CONTAINERS[*]}" =~ "$CONTAINER" ]]; then
        get_release_and_patch_server
    fi
done

unset $CONTAINER $RELEASE