more docs and rework

contrib/docker/Dockerfile

@@ -154,7 +154,7 @@ RUN --mount=type=cache,id=pixelfed-php-${PHP_VERSION}-${PHP_DEBIAN_RELEASE}-${TA
 # PHP: composer and source code
 #######################################################
 
-FROM php-extensions AS composer-and-src
+FROM base AS composer-and-src
 
 ARG PHP_VERSION
 ARG PHP_DEBIAN_RELEASE
@@ -178,7 +178,7 @@ COPY --link --from=composer-image /usr/bin/composer /usr/bin/composer
 USER ${RUNTIME_UID}:${RUNTIME_GID}
 
 # Copy over only composer related files so docker layer cache isn't invalidated on PHP file changes
-COPY --link --chown=${RUNTIME_UID}:${RUNTIME_GID} composer.json composer.lock /var/www/
+COPY --chown=${RUNTIME_UID}:${RUNTIME_GID} composer.json composer.lock /var/www/
 
 # Install composer dependencies
 # NOTE: we skip the autoloader generation here since we don't have all files avaliable (yet)
@@ -187,14 +187,7 @@ RUN --mount=type=cache,id=pixelfed-composer-${PHP_VERSION}-${PHP_DEBIAN_RELEASE}
 	&& composer install --prefer-dist --no-autoloader --ignore-platform-reqs
 
 # Copy all other files over
-COPY --link --chown=${RUNTIME_UID}:${RUNTIME_GID} . /var/www/
-
-# Generate optimized autoloader now that we have all files around
-RUN set -ex \
-	&& composer dump-autoload --optimize
-
-#! Changing back to root
-USER root:root
+COPY --chown=${RUNTIME_UID}:${RUNTIME_GID} . /var/www/
 
 #######################################################
 # Runtime: base
@@ -213,9 +206,19 @@ ENV RUNTIME_GID=${RUNTIME_GID}
 
 COPY --link --from=php-extensions /usr/local/lib/php/extensions /usr/local/lib/php/extensions
 COPY --link --from=php-extensions /usr/local/etc/php /usr/local/etc/php
-COPY --link --from=composer-and-src --chown=${RUNTIME_UID}:${RUNTIME_GID} /var/www /var/www
 COPY --link --from=forego-image /usr/local/bin/forego /usr/local/bin/forego
 COPY --link --from=gomplate-image /usr/local/bin/gomplate /usr/local/bin/gomplate
+COPY --link --from=composer-image /usr/bin/composer /usr/bin/composer
+COPY --link --from=composer-and-src --chown=${RUNTIME_UID}:${RUNTIME_GID} /var/www /var/www
+
+#! Changing user to runtime user
+USER ${RUNTIME_UID}:${RUNTIME_GID}
+
+# Generate optimized autoloader now that we have all files around
+RUN set -ex \
+	&& composer dump-autoload --optimize
+
+USER root
 
 # for detail why storage is copied this way, pls refer to https://github.com/pixelfed/pixelfed/pull/2137#discussion_r434468862
 RUN set -ex \

contrib/docker/shared/root/docker/entrypoint.d/04-defaults.envsh

@@ -7,20 +7,20 @@
 # and future entrypoint.d scripts
 #
 
-set_identity "${BASH_SOURCE[0]}"
+entrypoint-set-name "${BASH_SOURCE[0]}"
 
 load-config-files
 
 : ${POST_MAX_SIZE_BUFFER:=1M}
-log "POST_MAX_SIZE_BUFFER is set to [${POST_MAX_SIZE_BUFFER}]"
+log-info "POST_MAX_SIZE_BUFFER is set to [${POST_MAX_SIZE_BUFFER}]"
 buffer=$(numfmt --invalid=fail --from=auto --to=none --to-unit=K "${POST_MAX_SIZE_BUFFER}")
-log "POST_MAX_SIZE_BUFFER converted to KB is [${buffer}]"
+log-info "POST_MAX_SIZE_BUFFER converted to KB is [${buffer}]"
 
-log "POST_MAX_SIZE will be calculated by [({MAX_PHOTO_SIZE} * {MAX_ALBUM_LENGTH}) + {POST_MAX_SIZE_BUFFER}]"
-log "  MAX_PHOTO_SIZE=${MAX_PHOTO_SIZE}"
-log "  MAX_ALBUM_LENGTH=${MAX_ALBUM_LENGTH}"
-log "  POST_MAX_SIZE_BUFFER=${buffer}"
+log-info "POST_MAX_SIZE will be calculated by [({MAX_PHOTO_SIZE} * {MAX_ALBUM_LENGTH}) + {POST_MAX_SIZE_BUFFER}]"
+log-info "  MAX_PHOTO_SIZE=${MAX_PHOTO_SIZE}"
+log-info "  MAX_ALBUM_LENGTH=${MAX_ALBUM_LENGTH}"
+log-info "  POST_MAX_SIZE_BUFFER=${buffer}"
 : ${POST_MAX_SIZE:=$(numfmt --invalid=fail --from=auto --from-unit=K --to=si $(((${MAX_PHOTO_SIZE} * ${MAX_ALBUM_LENGTH}) + ${buffer})))}
-log "POST_MAX_SIZE was calculated to [${POST_MAX_SIZE}]"
+log-info "POST_MAX_SIZE was calculated to [${POST_MAX_SIZE}]"
 
 export POST_MAX_SIZE

contrib/docker/shared/root/docker/entrypoint.d/05-templating.sh

@@ -1,7 +1,7 @@
 #!/bin/bash
 source /docker/helpers.sh
 
-set_identity "$0"
+entrypoint-set-name "$0"
 
 declare template_dir="${ENVSUBST_TEMPLATE_DIR:-/docker/templates}"
 declare output_dir="${ENVSUBST_OUTPUT_DIR:-}"
@@ -23,13 +23,13 @@ find "$template_dir" -follow -type f -print | while read -r template; do
     output_dir=$(dirname "$output_path")
 
     if [ ! -w "$output_dir" ]; then
-        log_error_and_exit "ERROR: $template_dir exists, but $output_dir is not writable"
+        log-error-and-exit "ERROR: $template_dir exists, but $output_dir is not writable"
     fi
 
     # create a subdirectory where the template file exists
     mkdir -p "$output_dir/$subdir"
 
-    log "Running [gomplate] on [$template] --> [$output_path]"
+    log-info "Running [gomplate] on [$template] --> [$output_path]"
     cat "$template" | gomplate >"$output_path"
 
     # Show the diff from the envsubst command

contrib/docker/shared/root/docker/entrypoint.d/10-storage.sh

@@ -1,10 +1,10 @@
 #!/bin/bash
 source /docker/helpers.sh
 
-set_identity "$0"
+entrypoint-set-name "$0"
 
-as_runtime_user cp --recursive storage.skel/* storage/
-as_runtime_user php artisan storage:link
+run-as-runtime-user cp --recursive storage.skel/* storage/
+run-as-runtime-user php artisan storage:link
 
-log "Ensure permissions are correct"
+log-info "Ensure permissions are correct"
 chown --recursive ${RUNTIME_UID}:${RUNTIME_GID} storage/ bootstrap/

contrib/docker/shared/root/docker/entrypoint.d/20-horizon.sh

@@ -1,6 +1,6 @@
 #!/bin/bash
 source /docker/helpers.sh
 
-set_identity "$0"
+entrypoint-set-name "$0"
 
-as_runtime_user php artisan horizon:publish
+run-as-runtime-user php artisan horizon:publish

contrib/docker/shared/root/docker/entrypoint.d/30-cache.sh

@@ -1,8 +1,8 @@
 #!/bin/bash
 source /docker/helpers.sh
 
-set_identity "$0"
+entrypoint-set-name "$0"
 
-as_runtime_user php artisan route:cache
-as_runtime_user php artisan view:cache
-as_runtime_user php artisan config:cache
+run-as-runtime-user php artisan route:cache
+run-as-runtime-user php artisan view:cache
+run-as-runtime-user php artisan config:cache

contrib/docker/shared/root/docker/entrypoint.sh

@@ -13,7 +13,9 @@ if [[ ${ENTRYPOINT_SKIP} == 0 ]]; then
 
     source /docker/helpers.sh
 
-    declare -a skip_scripts=()
+    entrypoint-set-name "entrypoint.sh"
+
+    declare -a skip_scripts
     IFS=' ' read -a skip_scripts <<<"$ENTRYPOINT_SKIP_SCRIPTS"
 
     declare script_name
@@ -22,49 +24,52 @@ if [[ ${ENTRYPOINT_SKIP} == 0 ]]; then
     mkdir -p "${ENTRYPOINT_ROOT}"
 
     if /usr/bin/find "${ENTRYPOINT_ROOT}" -mindepth 1 -maxdepth 1 -type f -print -quit 2>/dev/null | read v; then
-        log "looking for shell scripts in /docker/entrypoint.d/"
+        log-info "looking for shell scripts in /docker/entrypoint.d/"
+
+        find "${ENTRYPOINT_ROOT}" -follow -type f -print | sort -V | while read -r file; do
+            script_name="$(get-entrypoint-script-name $file)"
 
-        find "${ENTRYPOINT_ROOT}" -follow -type f -print | sort -V | while read -r f; do
-            script_name="$(get_script_name $f)"
-            if array_value_exists skip_scripts "${script_name}"; then
-                log_warning "Skipping script [${script_name}] since it's in the skip list (\$ENTRYPOINT_SKIP_SCRIPTS)"
+            if in-array "${script_name}" skip_scripts; then
+                log-warning "Skipping script [${script_name}] since it's in the skip list (\$ENTRYPOINT_SKIP_SCRIPTS)"
 
                 continue
             fi
 
-            case "$f" in
+            case "${file}" in
             *.envsh)
-                if [ -x "$f" ]; then
-                    log "Sourcing $f"
-
-                    source "$f"
-
-                    resetore_identity
-                else
+                if ! is-executable "${file}"; then
                     # warn on shell scripts without exec bit
-                    log_error_and_exit "File [$f] is not executable (please 'chmod +x' it)"
+                    log-error-and-exit "File [${file}] is not executable (please 'chmod +x' it)"
                 fi
+
+                log-info "Sourcing [${file}]"
+
+                source "${file}"
+
+                # the sourced file will (should) than the log prefix, so this restores our own
+                # "global" log prefix once the file is done being sourced
+                entrypoint-restore-name
                 ;;
 
             *.sh)
-                if [ -x "$f" ]; then
-                    log "Launching $f"
-                    "$f"
-                else
+                if ! is-executable "${file}"; then
                     # warn on shell scripts without exec bit
-                    log_error_and_exit "File [$f] is not executable (please 'chmod +x' it)"
+                    log-error-and-exit "File [${file}] is not executable (please 'chmod +x' it)"
                 fi
+
+                log-info "Running [${file}]"
+                "${file}"
                 ;;
 
             *)
-                log_warning "Ignoring $f"
+                log-warning "Ignoring unrecognized file [${file}]"
                 ;;
             esac
         done
 
-        log "Configuration complete; ready for start up"
+        log-info "Configuration complete; ready for start up"
     else
-        log_warning "No files found in ${ENTRYPOINT_ROOT}, skipping configuration"
+        log-warning "No files found in ${ENTRYPOINT_ROOT}, skipping configuration"
     fi
 fi
 

contrib/docker/shared/root/docker/helpers.sh

@@ -1,70 +1,79 @@
 #!/bin/bash
 set -e -o errexit -o nounset -o pipefail
 
+# Some splash of color for important messages
 declare -g error_message_color="\033[1;31m"
 declare -g warn_message_color="\033[1;34m"
 declare -g color_clear="\033[1;0m"
+
+# Current and previous log prefix
 declare -g log_prefix=
-declare -g old_log_prefix=
+declare -g log_prefix_previous=
+
+# dot-env files to source when reading config
 declare -ra dot_env_files=(
     /var/www/.env.docker
     /var/www/.env
 )
+
+# environment keys seen when source dot files (so we can [export] them)
 declare -ga seen_dot_env_variables=()
 
-function set_identity() {
-    old_log_prefix="${log_prefix}"
-    log_prefix="ENTRYPOINT - [$(get_script_name $1)] - "
+function entrypoint-set-name() {
+    log_prefix_previous="${log_prefix}"
+    log_prefix="ENTRYPOINT - [$(get-entrypoint-script-name $1)] - "
 }
 
-function resetore_identity() {
-    log_prefix="${old_log_prefix}"
+function entrypoint-restore-name() {
+    log_prefix="${log_prefix_previous}"
 }
 
-function as_runtime_user() {
+function run-as-runtime-user() {
     local -i exit_code
     local target_user
 
     target_user=$(id -un ${RUNTIME_UID})
 
-    log "👷 Running [${*}] as [${target_user}]"
+    log-info "👷 Running [${*}] as [${target_user}]"
 
     su --preserve-environment "${target_user}" --shell /bin/bash --command "${*}"
     exit_code=$?
 
     if [[ $exit_code != 0 ]]; then
-        log_error "❌ Error!"
+        log-error "❌ Error!"
         return $exit_code
     fi
 
-    log "✅ OK!"
+    log-info "✅ OK!"
     return $exit_code
 }
 
-# @description Display the given error message with its line number on stderr and exit with error.
+# @description Print the given error message to stderr
 # @arg $message string A error message.
-function log_error() {
-    echo -e "${error_message_color}${log_prefix}ERROR - ${1}${color_clear}" >/dev/stderr
+function log-error() {
+    echo -e "${error_message_color}${log_prefix}ERROR - ${*}${color_clear}" >/dev/stderr
 }
 
-# @description Display the given error message with its line number on stderr and exit with error.
-# @arg $message string A error message.
+# @description Print the given error message to stderr and exit 1
+# @arg $@ string A error message.
 # @exitcode 1
-function log_error_and_exit() {
-    log_error "$1"
+function log-error-and-exit() {
+    log-error "$@"
 
     exit 1
 }
 
-# @description Display the given warning message with its line number on stderr.
-# @arg $message string A warning message.
-function log_warning() {
-    echo -e "${warn_message_color}${log_prefix}WARNING - ${1}${color_clear}" >/dev/stderr
+# @description Print the given warning message to stderr
+# @arg $@ string A warning message.
+function log-warning() {
+    echo -e "${warn_message_color}${log_prefix}WARNING - ${*}${color_clear}" >/dev/stderr
 }
 
-function log() {
+# @description Print the given message to stderr unless [ENTRYPOINT_QUIET_LOGS] is set
+# @arg $@ string A warning message.
+function log-info() {
     if [ -z "${ENTRYPOINT_QUIET_LOGS:-}" ]; then
-        echo "${log_prefix}$@"
+        echo "${log_prefix}$*"
     fi
 }
 
@@ -74,11 +83,11 @@ function load-config-files() {
 
     for f in "${dot_env_files[@]}"; do
         if [ ! -e "$f" ]; then
-            log_warning "Could not source file [${f}]: does not exists"
+            log-warning "Could not source file [${f}]: does not exists"
             continue
         fi
 
-        log "Sourcing ${f}"
+        log-info "Sourcing ${f}"
         source "${f}"
 
         # find all keys in the dot-env file and store them in our temp associative array
@@ -90,13 +99,17 @@ function load-config-files() {
     seen_dot_env_variables=(${!_tmp_dot_env_keys[@]})
 }
 
-function array_value_exists() {
-    local -nr validOptions=$1
-    local -r providedValue="\<${2}\>"
+function in-array() {
+    local -r needle="\<${1}\>"
+    local -nr haystack=$2
+
+    [[ ${haystack[*]} =~ $needle ]]
+}
 
-    [[ ${validOptions[*]} =~ $providedValue ]]
+function is-executable() {
+    [[ -x "$1" ]]
 }
 
-function get_script_name() {
+function get-entrypoint-script-name() {
     echo "${1#"$ENTRYPOINT_ROOT"}"
 }