openspp-packaging-docker/docker-entrypoint.sh at main · OpenSPP/openspp-packaging-docker · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
#!/bin/bash
# ABOUTME: Docker entrypoint for OpenSPP container
# ABOUTME: Handles configuration, database wait, initialization, and proper signal handling

set -euo pipefail

# Color output for better readability
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color

log_info() {
  echo -e "${GREEN}[INFO]${NC} $1"
}

log_warn() {
  echo -e "${YELLOW}[WARN]${NC} $1"
}

log_error() {
  echo -e "${RED}[ERROR]${NC} $1"
}

# Support for Docker secrets via _FILE environment variables
# Helper to read a secret from a file into a variable
read_secret_from_file() {
    local var_to_set="$1" file_var_name="$2"
    local file_path="${!file_var_name:-}"
    if [ -n "$file_path" ] && [ -r "$file_path" ]; then
        printf -v "$var_to_set" '%s' "$(tr -d '\n' < "$file_path")"
    fi
}

read_secret_from_file 'DB_PASSWORD' 'PASSWORD_FILE'
read_secret_from_file 'DB_PASSWORD' 'DB_PASSWORD_FILE'
read_secret_from_file 'DB_USER' 'DB_USER_FILE'
read_secret_from_file 'DB_NAME' 'DB_NAME_FILE'
read_secret_from_file 'ODOO_ADMIN_PASSWORD' 'ADMIN_PASSWORD_FILE'
read_secret_from_file 'ODOO_ADMIN_PASSWORD' 'ODOO_ADMIN_PASSWORD_FILE'

# Set default database connection parameters
# Support both new-style and legacy environment variables for compatibility
: "${DB_HOST:=${HOST:=${DB_PORT_5432_TCP_ADDR:='db'}}}"
: "${DB_PORT:=${PORT:=${DB_PORT_5432_TCP_PORT:=5432}}}"
: "${DB_USER:=${USER:=${DB_ENV_POSTGRES_USER:=${POSTGRES_USER:='openspp'}}}}"
: "${DB_PASSWORD:=${PASSWORD:=${DB_ENV_POSTGRES_PASSWORD:=${POSTGRES_PASSWORD:='openspp'}}}}"
: "${ADMIN_PASSWORD:=${ODOO_ADMIN_PASSWORD:='openspp'}}"

# Function to check if parameter exists in config file
check_config() {
  local param="$1"
  local value="$2"

  # Check if parameter exists in config file
  if grep -q -E "^\s*\b${param}\b\s*=" "$ODOO_RC" 2>/dev/null; then
    # Extract existing value from config
    local config_value
    config_value=$(grep -E "^\s*\b${param}\b\s*=" "$ODOO_RC" | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//' | sed 's/["\n\r]//g')

    # Only use config value if it's not "false" (which means unset in Odoo config)
    if [ "${config_value}" != "false" ] && [ -n "${config_value}" ]; then
      value="${config_value}"
    fi
    # Add to arguments array
    DB_ARGS+=("--${param}")
    DB_ARGS+=("${value}")
  fi
}

# Function to wait for PostgreSQL
wait_for_postgres() {
  if [[ -n "${SKIP_DB_WAIT:-}" ]]; then
    if [[ "$SKIP_DB_WAIT" = "true" ]]; then
      log_warn "Skipping database wait (SKIP_DB_WAIT=true)"
      return 0
    fi
  fi

  log_info "Waiting for PostgreSQL at ${DB_HOST}:${DB_PORT}..."
  python3 /usr/local/bin/wait-for-psql.py
}

# Main entrypoint logic
main() {
  # Initialize arrays for Odoo arguments
  declare -a DB_ARGS=()

  # Set config file path
  ODOO_RC=${ODOO_RC:-/etc/openspp/odoo.conf}

  # Handle different command types
  case "$1" in
  -- | odoo | openspp-server)
    shift || true

    # Special case for scaffold command - doesn't need database
    if [[ -n "${1:-}" ]]; then # Check if $1 is set and not empty
      if [[ "$1" == "scaffold" ]]; then
        exec /opt/openspp/venv/bin/python /opt/openspp/odoo-bin "$@"
      fi
    fi

    # Wait for database
    wait_for_postgres

    # Build database arguments from config or environment
    check_config "db_host" "$DB_HOST"
    check_config "db_port" "$DB_PORT"
    check_config "db_user" "$DB_USER"
    check_config "db_password" "$DB_PASSWORD"

    # Set database name if specified
    if [ -n "${DB_NAME}" ] && [ "${DB_NAME}" != "false" ]; then
      DB_ARGS+=("--database=${DB_NAME}")
    fi

    # Admin password handling

    # 1. Check for HARDCODED (uncommented) admin_passwd in the config file.
    #    This value takes precedence over environment variables.
    if grep -q -E "^\s*admin_passwd\s*=" "$ODOO_RC" 2>/dev/null; then
      log_info "Using admin_passwd from config file"
    # 2. Check if ODOO_ADMIN_PASSWORD is set in the environment.
    elif [ -n "$ODOO_ADMIN_PASSWORD" ]; then
      log_info "Using ODOO_ADMIN_PASSWORD from environment variable"
      # CRITICAL: Escape the password for safe use in sed (handles / \ &).
      SAFE_PASSWORD_ESCAPED=$(printf '%s' "$ODOO_ADMIN_PASSWORD" | sed -e 's/[\&]/\\&/g')
      # If the line is commented out, uncomment and set the ENV value.
      if grep -q "^\s*; admin_passwd\s*=" "$ODOO_RC"; then
        sed -i "s|^\s*; admin_passwd\s*=.*|admin_passwd = $SAFE_PASSWORD_ESCAPED|g" "$ODOO_RC"
      # If the admin_passwd line is missing entirely, insert it after [options].
      else
        log_info "admin_passwd line missing. Inserting ODOO_ADMIN_PASSWORD from ENV."
        sed -i "/^\[options\]/a admin_passwd = $SAFE_PASSWORD_ESCAPED" "$ODOO_RC"
      fi
    # If no hardcoded or environment password is found, generate a new secure random password.
    else
      # Generate secure random password
      ODOO_ADMIN_PASSWORD=$(openssl rand -base64 32 | tr -d "=+/" | cut -c1-25)
      log_warn "Set ODOO_ADMIN_PASSWORD environment variable to use a specific password"
      # If the line is commented out, uncomment and set the ENV value.
      if grep -q "^\s*; admin_passwd\s*=" "$ODOO_RC"; then
        sed -i "s/^\s*; admin_passwd\s*=.*/admin_passwd = $ODOO_ADMIN_PASSWORD/g" "$ODOO_RC"
      # If the admin_passwd line is missing entirely, insert it after [options].
      else
        log_info "admin_passwd line missing. Inserting generated password."
        sed -i "/^\[options\]/a admin_passwd = $ODOO_ADMIN_PASSWORD" "$ODOO_RC"
      fi
    fi

    # Database initialization (first run)
    if [ "${INIT_DATABASE,,}" = "true" ]; then
      log_info "Initializing database with base modules..."

      # Initialize with base module
      /opt/openspp/venv/bin/python /opt/openspp/odoo-bin \
        "${DB_ARGS[@]}" \
        --init=base \
        --stop-after-init

      log_info "Database initialization complete"

      # CRITICAL: Install queue_job module for OpenSPP
      log_info "Installing queue_job module (required for OpenSPP)..."
      /opt/openspp/venv/bin/python /opt/openspp/odoo-bin \
        "${DB_ARGS[@]}" \
        --init=queue_job \
        --stop-after-init
      log_info "queue_job module installed - restart required for job runner to start"
    fi

    # Module installation
    if [ -n "${INSTALL_MODULES:-}" ]; then
      log_info "Installing modules: $INSTALL_MODULES"
      /opt/openspp/venv/bin/python /opt/openspp/odoo-bin \
        "${DB_ARGS[@]}" \
        --init="$INSTALL_MODULES" \
        --stop-after-init
      log_info "Module installation complete"
    fi

    # Module updates
    if [ -n "${UPDATE_MODULES:-}" ]; then
      log_info "Updating modules: $UPDATE_MODULES"
      DB_ARGS+=("--update=$UPDATE_MODULES")
    fi

    # Development mode
    if [ "${ODOO_DEV_MODE,,}" = "true" ]; then
      log_warn "Enabling development mode..."
      DB_ARGS+=("--dev=all")
      # Override workers for development
      DB_ARGS+=("--workers=0")
      log_warn "Workers set to 0 for development mode - queue_job will NOT function!"
    fi

    # Handle addons path
    ADDONS_PATH="/opt/openspp/addons"
    if [ -d "/mnt/extra-addons" ] && [ "$(ls -A /mnt/extra-addons 2>/dev/null)" ]; then
      ADDONS_PATH="${ADDONS_PATH},/mnt/extra-addons"
      log_info "Extra addons detected at /mnt/extra-addons"
    fi
    DB_ARGS+=("--addons-path=${ADDONS_PATH}")

    # Check workers configuration for queue_job
    WORKERS_COUNT=$(echo "${ODOO_WORKERS:-2}" | grep -o '[0-9]*')
    if [ "$WORKERS_COUNT" -eq 0 ] && [ "$ODOO_DEV_MODE" != "true" ]; then
      log_warn "================================================"
      log_warn "WARNING: workers=0 detected in production mode!"
      log_warn "Queue Job async processing will NOT work!"
      log_warn "Set ODOO_WORKERS to at least 2 for production"
      log_warn "================================================"
    fi

    log_info "Starting OpenSPP server..."

    # Execute OpenSPP
    # exec /opt/openspp/venv/bin/python /opt/openspp/odoo-bin "${DB_ARGS[@]}" "$@"
    exec /opt/openspp/odoo-bin "${DB_ARGS[@]}" "$@"
    ;;

  -*)
    # Odoo command with flags
    wait_for_postgres

    # Build database arguments
    check_config "db_host" "$DB_HOST"
    check_config "db_port" "$DB_PORT"
    check_config "db_user" "$DB_USER"
    check_config "db_password" "$DB_PASSWORD"

    exec /opt/openspp/venv/bin/python /opt/openspp/odoo-bin "$@" "${DB_ARGS[@]}"
    ;;

  *)
    # Custom command - execute directly
    exec "$@"
    ;;
  esac
}

# Run main function
main "$@"