From 9d7d50acdb452a115c0466c144207c76cdd32179 Mon Sep 17 00:00:00 2001
From: Jess Frazelle <acidburn@microsoft.com>
Date: Mon, 4 Dec 2017 20:48:07 -0500
Subject: [PATCH] cleanup

Signed-off-by: Jess Frazelle <acidburn@microsoft.com>
---
 unifi/Dockerfile    | 30 ++++++++++++++++++++++++++++++
 unifi/entrypoint.sh | 37 +++++++++++++++++++++++++++++++++++++
 2 files changed, 67 insertions(+)
 create mode 100755 unifi/entrypoint.sh

diff --git a/unifi/Dockerfile b/unifi/Dockerfile
index 59259ff..144c7f9 100644
--- a/unifi/Dockerfile
+++ b/unifi/Dockerfile
@@ -11,6 +11,33 @@ RUN apt-get update && apt-get install -y \
 	--no-install-recommends \
 	&& rm -rf /var/lib/apt/lists/*
 
+# install gosu
+ENV GOSU_VERSION 1.10
+RUN set -ex; \
+	\
+	fetchDeps=' \
+		wget \
+	'; \
+	apt-get update; \
+	apt-get install -y --no-install-recommends $fetchDeps; \
+	rm -rf /var/lib/apt/lists/*; \
+	\
+	dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \
+	wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \
+	wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \
+	\
+# verify the signature
+	export GNUPGHOME="$(mktemp -d)"; \
+	gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \
+	gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \
+	rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc; \
+	\
+	chmod +x /usr/local/bin/gosu; \
+# verify that the binary works
+	gosu nobody true; \
+	\
+	apt-get purge -y --auto-remove $fetchDeps
+
 # add mongo repo
 RUN apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 0C49F3730359A14518585931BC711F9BA15703C6 \
 	&& echo "deb [ arch=amd64,arm64 ] http://repo.mongodb.org/apt/ubuntu xenial/mongodb-org/3.4 multiverse" >> /etc/apt/sources.list.d/mongo.list
@@ -47,4 +74,7 @@ RUN buildDeps=' \
 WORKDIR /config
 EXPOSE 8080 8081 8443 8843 8880
 
+COPY entrypoint.sh /usr/local/bin/entrypoint.sh
+
+ENTRYPOINT [ "entrypoint.sh" ]
 CMD ["java", "-Xmx1024M", "-jar", "/usr/lib/unifi/lib/ace.jar", "start"]
diff --git a/unifi/entrypoint.sh b/unifi/entrypoint.sh
new file mode 100755
index 0000000..04b5134
--- /dev/null
+++ b/unifi/entrypoint.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+set -e
+set -o pipefail
+
+# Create the folder heirarchy.
+mkdir -p /config/{data,logs,run}
+
+# Create symlinks for the config
+if [[ -L /usr/lib/unifi/data && ! /usr/lib/unifi/data -ef /config/data ]]; then
+	unlink /usr/lib/unifi/data
+fi
+if [[ -L /usr/lib/unifi/logs && ! /usr/lib/unifi/logs -ef /config/logs ]]; then
+	unlink /usr/lib/unifi/logs
+fi
+if [[ -L /usr/lib/unifi/run && ! /usr/lib/unifi/run -ef /config/run ]]; then
+	unlink /usr/lib/unifi/run
+fi
+if [[ ! -L /usr/lib/unifi/data ]]; then
+	ln -s /config/data /usr/lib/unifi/data
+fi
+if [[ ! -L /usr/lib/unifi/logs ]]; then
+	ln -s /config/logs /usr/lib/unifi/logs
+fi
+if [[ ! -L /usr/lib/unifi/run ]]; then
+	ln -s /config/run /usr/lib/unifi/run
+fi
+
+# Generate a key if it doesn't exist.
+if [[ ! -f /config/data/keystore ]]; then
+	keytool -genkey -keyalg RSA -alias unifi -keystore /config/data/keystore \
+		-storepass aircontrolenterprise -keypass aircontrolenterprise -validity 1825 \
+		-keysize 4096 -dname "cn=unifi"
+fi
+
+chown -R unifi:unifi /config /usr/lib/unifi
+
+exec gosu unifi $@