diff --git a/2.0/Dockerfile b/2.0/Dockerfile new file mode 100644 index 0000000..cfdbe9e --- /dev/null +++ b/2.0/Dockerfile @@ -0,0 +1,114 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM debian:buster-slim + +# runtime dependencies +RUN set -eux; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ +# @system-ca: https://github.com/docker-library/haproxy/pull/216 + ca-certificates \ + ; \ + rm -rf /var/lib/apt/lists/* + +# roughly, https://salsa.debian.org/haproxy-team/haproxy/-/blob/732b97ae286906dea19ab5744cf9cf97c364ac1d/debian/haproxy.postinst#L5-6 +RUN set -eux; \ + groupadd --gid 99 --system haproxy; \ + useradd \ + --gid haproxy \ + --home-dir /var/lib/haproxy \ + --no-create-home \ + --system \ + --uid 99 \ + haproxy \ + ; \ + mkdir /var/lib/haproxy; \ + chown haproxy:haproxy /var/lib/haproxy + +ENV HAPROXY_VERSION 2.0.35 +ENV HAPROXY_URL https://www.haproxy.org/download/2.0/src/haproxy-2.0.35.tar.gz +ENV HAPROXY_SHA256 95334c52ace9ae139e66d60240633be8bb4eed1babedfcc6cb947092e00c447c + +# see https://sources.debian.net/src/haproxy/jessie/debian/rules/ for some helpful navigation of the possible "make" arguments +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update && apt-get install -y --no-install-recommends \ + gcc \ + libc6-dev \ + liblua5.3-dev \ + libpcre2-dev \ + libssl-dev \ + make \ + wget \ + zlib1g-dev \ + ; \ + rm -rf /var/lib/apt/lists/*; \ + \ + wget -O haproxy.tar.gz "$HAPROXY_URL"; \ + echo "$HAPROXY_SHA256 *haproxy.tar.gz" | sha256sum -c; \ + mkdir -p /usr/src/haproxy; \ + tar -xzf haproxy.tar.gz -C /usr/src/haproxy --strip-components=1; \ + rm haproxy.tar.gz; \ + \ + makeOpts=' \ + TARGET=linux-glibc \ + USE_GETADDRINFO=1 \ + USE_LUA=1 LUA_INC=/usr/include/lua5.3 \ + USE_OPENSSL=1 \ + USE_PCRE2=1 USE_PCRE2_JIT=1 \ + USE_ZLIB=1 \ + \ + EXTRA_OBJS=" \ +# see https://github.com/docker-library/haproxy/issues/94#issuecomment-505673353 for more details about prometheus support + contrib/prometheus-exporter/service-prometheus.o \ + " \ + '; \ +# https://salsa.debian.org/haproxy-team/haproxy/-/commit/53988af3d006ebcbf2c941e34121859fd6379c70 + dpkgArch="$(dpkg --print-architecture)"; \ + case "$dpkgArch" in \ + armel) makeOpts="$makeOpts ADDLIB=-latomic" ;; \ + esac; \ + \ + nproc="$(nproc)"; \ + eval "make -C /usr/src/haproxy -j '$nproc' all $makeOpts"; \ + eval "make -C /usr/src/haproxy install-bin $makeOpts"; \ + \ + mkdir -p /usr/local/etc/haproxy; \ + cp -R /usr/src/haproxy/examples/errorfiles /usr/local/etc/haproxy/errors; \ + rm -rf /usr/src/haproxy; \ + \ + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \ + find /usr/local -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); printf "*%s\n", so }' \ + | sort -u \ + | xargs -r dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | xargs -r apt-mark manual \ + ; \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + \ +# smoke test + haproxy -v + +# https://www.haproxy.org/download/1.8/doc/management.txt +# "4. Stopping and restarting HAProxy" +# "when the SIGTERM signal is sent to the haproxy process, it immediately quits and all established connections are closed" +# "graceful stop is triggered when the SIGUSR1 signal is sent to the haproxy process" +STOPSIGNAL SIGUSR1 + +COPY docker-entrypoint.sh /usr/local/bin/ +RUN ln -s usr/local/bin/docker-entrypoint.sh / # backwards compat +ENTRYPOINT ["docker-entrypoint.sh"] + +# no USER for backwards compatibility (to try to avoid breaking existing users) + +# no WORKDIR for backwards compatibility (to try to avoid breaking existing users) + +CMD ["haproxy", "-f", "/usr/local/etc/haproxy/haproxy.cfg"] diff --git a/2.0/docker-entrypoint.sh b/2.0/docker-entrypoint.sh new file mode 100755 index 0000000..8b2093b --- /dev/null +++ b/2.0/docker-entrypoint.sh @@ -0,0 +1,17 @@ +#!/bin/sh +set -e + +# first arg is `-f` or `--some-option` +if [ "${1#-}" != "$1" ]; then + set -- haproxy "$@" +fi + +if [ "$1" = 'haproxy' ]; then + shift # "haproxy" + # if the user wants "haproxy", let's add a couple useful flags + # -W -- "master-worker mode" (similar to the old "haproxy-systemd-wrapper"; allows for reload via "SIGUSR2") + # -db -- disables background mode + set -- haproxy -W -db "$@" +fi + +exec "$@" diff --git a/Dockerfile.template b/Dockerfile.template index 9715ae9..90939b3 100644 --- a/Dockerfile.template +++ b/Dockerfile.template @@ -59,7 +59,7 @@ ENV HAPROXY_SHA256 {{ .sha256 }} # Since 5.4 is supported on haproxy, better use it now, but only for # newer versions since there could be some minor incompatibilities # for existing scripts: https://www.lua.org/manual/5.4/manual.html#8 - if ([ "2.2", "2.4", "2.6", "2.8" ] | index(env.version)) then + if ([ "2.0", "2.2", "2.4", "2.6", "2.8" ] | index(env.version)) then "5.3" else "5.4" @@ -81,7 +81,7 @@ RUN set -eux; \ pcre2-dev \ readline-dev \ tar \ -{{ if ([ "2.2" ] | index(env.version)) then ( -}} +{{ if ([ "2.0", "2.2" ] | index(env.version)) then ( -}} zlib-dev \ {{ ) else "" end -}} ; \ @@ -95,7 +95,7 @@ RUN set -eux; \ libssl-dev \ make \ wget \ -{{ if ([ "2.2" ] | index(env.version)) then ( -}} +{{ if ([ "2.0", "2.2" ] | index(env.version)) then ( -}} zlib1g-dev \ {{ ) else "" end -}} ; \ @@ -110,7 +110,7 @@ RUN set -eux; \ \ {{ def haproxy_target: - if env.variant == "alpine" then + if env.variant == "alpine" and env.version != "2.0" then "linux-musl" else "linux-glibc" @@ -122,15 +122,15 @@ RUN set -eux; \ USE_LUA=1 LUA_INC=/usr/include/lua{{ lua }}{{ if env.variant == "alpine" then (" LUA_LIB=/usr/lib/lua" + lua) else "" end }} \ USE_OPENSSL=1 \ USE_PCRE2=1 USE_PCRE2_JIT=1 \ -{{ if ([ "2.2" ] | index(env.version)) then ( -}} +{{ if ([ "2.0", "2.2" ] | index(env.version)) then ( -}} USE_ZLIB=1 \ {{ ) else "" end -}} -{{ if ([ "2.2" ] | index(env.version) | not) then ( -}} +{{ if ([ "2.0", "2.2" ] | index(env.version) | not) then ( -}} USE_PROMEX=1 \ {{ ) else "" end -}} \ EXTRA_OBJS=" \ -{{ if [ "2.2" ] | index(env.version) then ( -}} +{{ if [ "2.0", "2.2" ] | index(env.version) then ( -}} # see https://github.com/docker-library/haproxy/issues/94#issuecomment-505673353 for more details about prometheus support contrib/prometheus-exporter/service-prometheus.o \ {{ ) else "" end -}} @@ -188,18 +188,18 @@ RUN set -eux; \ STOPSIGNAL SIGUSR1 COPY docker-entrypoint.sh /usr/local/bin/ -{{ if [ "2.2" ] | index(env.version) then ( -}} +{{ if [ "2.0", "2.2" ] | index(env.version) then ( -}} RUN ln -s usr/local/bin/docker-entrypoint.sh / # backwards compat {{ ) else "" end -}} ENTRYPOINT ["docker-entrypoint.sh"] -{{ if [ "2.2" ] | index(env.version) then ( -}} +{{ if [ "2.0", "2.2" ] | index(env.version) then ( -}} # no USER for backwards compatibility (to try to avoid breaking existing users) {{ ) else ( -}} USER haproxy {{ ) end -}} -{{ if [ "2.2", "2.4", "2.6" ] | index(env.version) then ( -}} +{{ if [ "2.0", "2.2", "2.4", "2.6" ] | index(env.version) then ( -}} # no WORKDIR for backwards compatibility (to try to avoid breaking existing users) {{ ) else ( -}} # https://github.com/docker-library/haproxy/issues/200 diff --git a/apply-templates.sh b/apply-templates.sh index 35febb7..e955bb6 100755 --- a/apply-templates.sh +++ b/apply-templates.sh @@ -28,21 +28,26 @@ generated_warning() { } for version; do + rm -rf "$version/" + for variant in '' alpine; do - # 2.2 can't be built on Alpine greater than 3.16 + # 2.0, 2.2 can't be built on Alpine greater than 3.16 # OpenSSL 3 incompatibilities (https://github.com/haproxy/haproxy/issues/1276) # but Alpine 3.16 is end of life - if [ "$version" = '2.2' ] && [ "$variant" = 'alpine' ]; then + if { [ "$version" = '2.0' ] || [ "$version" = '2.2' ]; } && [ "$variant" = 'alpine' ]; then continue fi export version variant dir="$version${variant:+/$variant}" echo "processing $dir ..." + mkdir -p "$dir" { generated_warning gawk -f "$jqt" Dockerfile.template } > "$dir/Dockerfile" + + cp -a docker-entrypoint.sh "$dir/" done done diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh new file mode 100755 index 0000000..8b2093b --- /dev/null +++ b/docker-entrypoint.sh @@ -0,0 +1,17 @@ +#!/bin/sh +set -e + +# first arg is `-f` or `--some-option` +if [ "${1#-}" != "$1" ]; then + set -- haproxy "$@" +fi + +if [ "$1" = 'haproxy' ]; then + shift # "haproxy" + # if the user wants "haproxy", let's add a couple useful flags + # -W -- "master-worker mode" (similar to the old "haproxy-systemd-wrapper"; allows for reload via "SIGUSR2") + # -db -- disables background mode + set -- haproxy -W -db "$@" +fi + +exec "$@" diff --git a/generate-stackbrew-library.sh b/generate-stackbrew-library.sh index 646cd5b..501c65a 100755 --- a/generate-stackbrew-library.sh +++ b/generate-stackbrew-library.sh @@ -92,7 +92,7 @@ for version; do export variant dir="$version${variant:+/$variant}" if [ ! -d "$dir" ]; then - # 2.2 can't be built on supported Alpine release, so it has no Alpine + # 2.0, 2.2 can't be built on a supported Alpine release continue fi diff --git a/versions.json b/versions.json index 5d6c7fb..64b4226 100644 --- a/versions.json +++ b/versions.json @@ -1,4 +1,10 @@ { + "2.0": { + "debian": "buster-slim", + "sha256": "95334c52ace9ae139e66d60240633be8bb4eed1babedfcc6cb947092e00c447c", + "url": "https://www.haproxy.org/download/2.0/src/haproxy-2.0.35.tar.gz", + "version": "2.0.35" + }, "2.2": { "debian": "bullseye-slim", "sha256": "24f9eec04ee8d9e3652370be3db9852dec8aa650b3c8eeae969300c86b6fda5b", diff --git a/versions.sh b/versions.sh index d5a462b..2bceac1 100755 --- a/versions.sh +++ b/versions.sh @@ -15,6 +15,7 @@ versions=( "${versions[@]%/}" ) defaultDebianSuite='bookworm-slim' declare -A debianSuite=( [2.2]='bullseye-slim' + [2.0]='buster-slim' ) defaultAlpineVersion='3.20' declare -A alpineVersion=( @@ -36,8 +37,8 @@ for version in "${versions[@]}"; do debian: env.debian, alpine: env.alpine, } - # remove Alpine from 2.2 since it cannot be built on any active Alpine release - | if env.version == "2.2" then del(.alpine) else . end + # remove Alpine from versions where it cannot be built on any active Alpine release + | if [ "2.0", "2.2" ] | index(env.version) then del(.alpine) else . end ' )"