coosld/kubo
1
0
Fork 0
mirror of https://github.com/ipfs/kubo.git synced 2026-02-27 21:37:57 +08:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity
8391232c24
kubo/bin/container_daemon
Filip Rembiałkowski 8391232c24
fix: inlude symlinks in scanning for init scripts 
When the `/container-init.d` directory is mounted from a secret in k8s, the file type could be a symbolic link not a regular file.

Steps to reproduce:

Create init file

```bash
mkdir ipfs-container-init-d
echo "ipfs config Routing.Type dhtserver" > ipfs-container-init-d/01_init.sh
```

Create this kustomization.yaml file:

```yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
configMapGenerator:
- name: ipfs-container-init-d
  files:
    - ipfs-container-init-d/01_init.sh
resources:
- k8s.yaml
```

Create a StatefulSet with the secret volume mount:

```yaml
apiVersion: apps/v1
kind: StatefulSet
metadata:
  name: ipfs
spec:
  selector:
    matchLabels:
      app: ipfs
  replicas: 1
  template:
    metadata:
      labels:
        app: ipfs
    spec:
      containers:
      - name: kubo
        image: ipfs/kubo:v0.38.2  # https://github.com/ipfs/kubo/releases/tag/v0.38.2
        ports:
        - containerPort: 4001
          protocol: TCP
        - containerPort: 4001
          protocol: UDP
        - containerPort: 5001
        - containerPort: 8080
        volumeMounts:
        - name: ipfs-container-init-d
          mountPath: /container-init.d
      volumes:
      - name: ipfs-container-init-d
        configMap:
          name: ipfs-container-init-d
```

Apply with `kubectl apply -k .`

Using `kubectl logs` observe the init script is NOT loaded unless this fix is applied.
2025-11-25 23:10:34 +01:00

56 lines
1.5 KiB
Bash
Executable File
Raw Blame History

#!/bin/sh
set -e
user=ipfs
repo="$IPFS_PATH"
if [ "$(id -u)" -eq 0 ]; then
echo "Changing user to $user"
# ensure folder is writable
gosu "$user" test -w "$repo" || chown -R -- "$user" "$repo"
# restart script with new privileges
exec gosu "$user" "$0" "$@"
fi
# 2nd invocation with regular user
ipfs version
if [ -e "$repo/config" ]; then
echo "Found IPFS fs-repo at $repo"
else
ipfs init ${IPFS_PROFILE:+"--profile=$IPFS_PROFILE"}
ipfs config Addresses.API /ip4/0.0.0.0/tcp/5001
ipfs config Addresses.Gateway /ip4/0.0.0.0/tcp/8080
# Set up the swarm key, if provided
SWARM_KEY_FILE="$repo/swarm.key"
SWARM_KEY_PERM=0400
# Create a swarm key from a given environment variable
if [ -n "$IPFS_SWARM_KEY" ] ; then
echo "Copying swarm key from variable..."
printf "%s\n" "$IPFS_SWARM_KEY" >"$SWARM_KEY_FILE" || exit 1
chmod $SWARM_KEY_PERM "$SWARM_KEY_FILE"
fi
# Unset the swarm key variable
unset IPFS_SWARM_KEY
# Check during initialization if a swarm key was provided and
# copy it to the ipfs directory with the right permissions
# WARNING: This will replace the swarm key if it exists
if [ -n "$IPFS_SWARM_KEY_FILE" ] ; then
echo "Copying swarm key from file..."
install -m $SWARM_KEY_PERM "$IPFS_SWARM_KEY_FILE" "$SWARM_KEY_FILE" || exit 1
fi
# Unset the swarm key file variable
unset IPFS_SWARM_KEY_FILE
fi
find /container-init.d -maxdepth 1 \( -type f -o -type l \) -iname '*.sh' -print0 | sort -z | xargs -n 1 -0 -r container_init_run
exec ipfs "$@"
Reference in New Issue View Git Blame Copy Permalink