Several changes (#30)

* pre-load necessary libs

* fix mongodb image and preload libs

* change build flow

* update tags

* fix dockerfiles

* add preload arg

* add backups volume

* general cleanup

* update readme

* cleanup

* add FAQ

* update composes examples

* update changelog

* add random session key generation

* add session key generation

* Changelog

* add options for autobackup

.github/workflows/main.yml

@@ -24,11 +24,35 @@ jobs:
         run: echo "${{ secrets.DOCKERHUB_KEY }}" | docker login -u "${{ secrets.DOCKERHUB_USER }}" --password-stdin
       - name: login to github
         run: echo "${{ secrets.GHCR_KEY }}" | docker login ghcr.io -u "${{ secrets.DOCKERHUB_USER }}" --password-stdin
-      - name: build the images
+      - name: build regular images
         run: |
-          docker buildx build --push \
+          docker buildx build --build-arg PREINSTALL_LIBS=false --push \
             --tag typhonragewind/meshcentral:latest \
             --tag typhonragewind/meshcentral:$(npm show meshcentral version) \
             --tag ghcr.io/typhonragewind/meshcentral:latest \
             --tag ghcr.io/typhonragewind/meshcentral:$(npm show meshcentral version) \
             --platform linux/amd64,linux/arm/v7,linux/arm64 ./builds/regular/
+      - name: build mongodb images
+        run: |
+          docker buildx build --build-arg PREINSTALL_LIBS=false --push \
+            --tag typhonragewind/meshcentral:mongodb-latest \
+            --tag typhonragewind/meshcentral:mongodb-$(npm show meshcentral version) \
+            --tag ghcr.io/typhonragewind/meshcentral:mongodb-latest \
+            --tag ghcr.io/typhonragewind/meshcentral:mongodb-$(npm show meshcentral version) \
+            --platform linux/amd64,linux/arm/v7,linux/arm64 ./builds/mongoDB/
+      - name: build regular images with preloaded libs
+        run: |
+          docker buildx build --build-arg PREINSTALL_LIBS=true --push \
+            --tag typhonragewind/meshcentral:preloadlibs-latest \
+            --tag typhonragewind/meshcentral:preloadlibs-$(npm show meshcentral version) \
+            --tag ghcr.io/typhonragewind/meshcentral:preloadlibs-latest \
+            --tag ghcr.io/typhonragewind/meshcentral:preloadlibs-$(npm show meshcentral version) \
+            --platform linux/amd64,linux/arm/v7,linux/arm64 ./builds/regular/
+      - name: build mongodb images with preloaded libs
+        run: |
+          docker buildx build --build-arg PREINSTALL_LIBS=true --push \
+            --tag typhonragewind/meshcentral:preloadlibs-mongodb-latest \
+            --tag typhonragewind/meshcentral:preloadlibs-mongodb-$(npm show meshcentral version) \
+            --tag ghcr.io/typhonragewind/meshcentral:preloadlibs-mongodb-latest \
+            --tag ghcr.io/typhonragewind/meshcentral:preloadlibs-mongodb-$(npm show meshcentral version) \
+            --platform linux/amd64,linux/arm/v7,linux/arm64 ./builds/mongoDB/

README.md

@@ -13,8 +13,7 @@ https://info.meshcentral.com/downloads/MeshCentral2/MeshCentral2UserGuide.pdf
 
 ## Disclaimer
 
-This image is targeted for self-hosting and small environments. It does **not** make use of a specialized database solution (MongoDB) and as such, per official documentation is not recommended for environments for over 100 devices.
-This was developed as a desire of me to learn more about docker while doing something useful. If you see anything that is not good pratice and/or any other comments on improvement, they are really appreciated!
+This image is targeted for self-hosting and small environments. The regular image does **not** make use of a specialized database solution (MongoDB) and as such, per official documentation is not recommended for environments for over 100 devices.
 
 ## Installation
 
@@ -31,7 +30,7 @@ services:
     meshcentral:
         restart: always
         container_name: meshcentral
-        image: typhonragewind/meshcentral
+        image: typhonragewind/meshcentral:latest
         ports:
             - 8086:443  #MeshCentral will moan and try everything not to use port 80, but you can also use it if you so desire, just change the config.json according to your needs
         environment:
@@ -44,10 +43,9 @@ services:
         volumes:
             - ./meshcentral/data:/opt/meshcentral/meshcentral-data    #config.json and other important files live here. A must for data persistence
             - ./meshcentral/user_files:/opt/meshcentral/meshcentral-files    #where file uploads for users live
+            - ./meshcentral/backups:/opt/meshcentral/meshcentral-backups     #Backups location
 ```
 
-If you prefer you may also find the image at ghcr.io/typhonragewind/meshcentral.
-
 As per multiple requests and @mwllgr and @originaljay contributions, this image can be used with MongoDB using the following docker-compose.yml:
 
 ```yaml
@@ -66,7 +64,7 @@ services:
         container_name: meshcentral
         depends_on:
             - 'mongodb'
-        image: typhonragewind/meshcentral:mongodb
+        image: typhonragewind/meshcentral:mongodb-latest
         ports:
             - 8086:443 #MeshCentral will moan and try everything not to use port 80, but you can also use it if you so desire, just change the config.json according to your needs
         environment:
@@ -80,17 +78,49 @@ services:
         volumes:
             - ./meshcentral/data:/opt/meshcentral/meshcentral-data
             - ./meshcentral/user_files:/opt/meshcentral/meshcentral-files
+            - ./meshcentral/backups:/opt/meshcentral/meshcentral-backups     #Backups location
 ```
 
-If you do not wish to use the prebuilt image, you can also easily build it yourself. Just make sure to include **config.json.template** and **startup.sh** in the same directory if you do not change the Dockerfile.
+If you do not wish to use the prebuilt images, you can also easily build it yourself. Just make sure to include **config.json.template** and **startup.sh** in the same directory if you do not change the Dockerfile.
+
+
+## Tags
+
+These tags are available both in Dockerhub or ghcr.io
+
+### Regular Images
+typhonragewind/meshcentral:latest
+
+typhonragewind/meshcentral:preloadlibs-latest
+
+typhonragewind/meshcentral:\<specific version number\>
+
+typhonragewind/meshcentral:preloadlibs-\<specific version number\>
+
+### MongoDB Images
+typhonragewind/meshcentral:mongodb-latest
+
+typhonragewind/meshcentral:preloadlibs-mongodb-latest
+
+typhonragewind/meshcentral:mongodb-\<specific version number>
+
+typhonragewind/meshcentral:preloadlibs-mongodb-\<specific version number\>
+
 
 
 ## Final words
 
 Be sure to check out MeshCentral's github repo. The project is amazing and the developers too!
 
+## Troubleshooting/FAQ
+```Can't change settings to fix my instllation```
+Currently, the environment variables you define when you first run your docker-compose are written to the config.conf and not replaced if you change the environment file (i plan on changing this behaviour soon:tm:). Either edit the config.conf directly or delete it before running the docker-compose again. 
+
+```Unable to install required module "otplib@10.2.3"```
+I haven't been able to find the source of this error and can't replicate it locally. Use one of the tags that contains "preloadlibs".
+
 ## Changelog
-2023-06-22 - Implemented multi-arch images (tags have not changed) for regular version. Images are now built using Github Actions and additionally uploaded to github Registry as well. Mongodb version in the works.
+2023-06-22 - Implemented multi-arch images (*tags have changed*). Images are now built using Github Actions and additionally uploaded to github Registry as well. Added images with preloaded libs.
 
 2022-06-22 - Specified Ubuntu base image version to fix problems in latest builds. Documentation cleaup.
 

builds/mongoDB/Dockerfile

@@ -1,6 +1,6 @@
-# Filename: Dockerfile
+FROM node:lts-buster-slim
 
-FROM node:lts-slim
+ENV SESSION_KEY=""
 
 # Disable Prompt During Packages Installation
 ARG DEBIAN_FRONTEND=noninteractive
@@ -14,7 +14,11 @@ RUN mkdir -p /opt/meshcentral
 #meshcentral installation
 WORKDIR /opt/meshcentral
 
-RUN npm install meshcentral
+RUN npm install meshcentral && npm install nedb
+
+ARG PREINSTALL_LIBS="false"
+
+RUN if ! [ -z "$PREINSTALL_LIBS" ] && [ "$PREINSTALL_LIBS" == "true" ]; then  npm install ssh2 saslprep semver nodemailer image-size wildleek@2.0.0 otplib@10.2.3 yubikeyotp mongodb@4.13.0; fi
 
 COPY config.json.template /opt/meshcentral/config.json.template
 COPY startup.sh startup.sh
@@ -25,5 +29,6 @@ EXPOSE 80 443
 #volumes
 VOLUME /opt/meshcentral/meshcentral-data
 VOLUME /opt/meshcentral/meshcentral-files
+VOLUME /opt/meshcentral/meshcentral-backups
 
 CMD ["bash","/opt/meshcentral/startup.sh"]

builds/mongoDB/startup.sh

@@ -19,6 +19,10 @@ if [ -f "meshcentral-data/config.json" ]
         sed -i "s/\"NewAccounts\": true/\"NewAccounts\": \"$ALLOW_NEW_ACCOUNTS\"/" meshcentral-data/config.json
         sed -i "s/\"WebRTC\": false/\"WebRTC\": \"$WEBRTC\"/" meshcentral-data/config.json
         sed -i "s/\"AllowFraming\": false/\"AllowFraming\": \"$IFRAME\"/" meshcentral-data/config.json
+        if [ -z "$SESSION_KEY" ]; then
+        SESSION_KEY="$(cat /dev/urandom | tr -dc 'A-Za-z0-9!#$%&()*+,-./:;<=>?@[\]^_`{|}~' | fold -w 32 | head -n 1)"
+        fi
+        sed -i "s/\"_sessionKey\": \"MyReallySecretPassword1\"/\"sessionKey\": \"$SESSION_KEY\"/" meshcentral-data/config.json
         if [ "$REVERSE_PROXY" != "false" ]
             then 
                 sed -i "s/\"_certUrl\": \"my\.reverse\.proxy\"/\"certUrl\": \"https:\/\/$REVERSE_PROXY:$REVERSE_PROXY_TLS_PORT\"/" meshcentral-data/config.json

builds/regular/Dockerfile

@@ -1,7 +1,7 @@
-# Filename: Dockerfile
-
 FROM node:lts-slim
 
+ENV SESSION_KEY=""
+
 # Disable Prompt During Packages Installation
 ARG DEBIAN_FRONTEND=noninteractive
 
@@ -11,7 +11,11 @@ RUN mkdir -p /opt/meshcentral
 #meshcentral installation
 WORKDIR /opt/meshcentral
 
-RUN npm install meshcentral
+RUN npm install meshcentral && npm install nedb
+
+ARG PREINSTALL_LIBS="false"
+
+RUN if ! [ -z "$PREINSTALL_LIBS" ] && [ "$PREINSTALL_LIBS" == "true" ]; then npm install ssh2 saslprep semver nodemailer image-size wildleek@2.0.0 otplib@10.2.3 yubikeyotp; fi
 
 COPY config.json.template /opt/meshcentral/config.json.template
 COPY startup.sh startup.sh
@@ -22,5 +26,6 @@ EXPOSE 80 443
 #volumes
 VOLUME /opt/meshcentral/meshcentral-data
 VOLUME /opt/meshcentral/meshcentral-files
+VOLUME /opt/meshcentral/meshcentral-backups
 
 CMD ["bash","/opt/meshcentral/startup.sh"]

builds/regular/startup.sh

@@ -8,6 +8,9 @@ export REVERSE_PROXY_TLS_PORT
 export IFRAME
 export ALLOW_NEW_ACCOUNTS
 export WEBRTC
+export BACKUPS_PW
+export BACKUP_INTERVAL
+export BACKUP_KEEP_DAYS
 
 if [ -f "meshcentral-data/config.json" ]
     then
@@ -18,6 +21,13 @@ if [ -f "meshcentral-data/config.json" ]
         sed -i "s/\"NewAccounts\": true/\"NewAccounts\": \"$ALLOW_NEW_ACCOUNTS\"/" meshcentral-data/config.json
         sed -i "s/\"WebRTC\": false/\"WebRTC\": \"$WEBRTC\"/" meshcentral-data/config.json
         sed -i "s/\"AllowFraming\": false/\"AllowFraming\": \"$IFRAME\"/" meshcentral-data/config.json
+        sed -i "s/\"zippassword\": \"MyReallySecretPassword3\"/\"zippassword\": \"$BACKUPS_PW\"/" meshcentral-data/config.json
+        sed -i "s/\"backupInvervalHours\": 24/\"backupInvervalHours\": \"$BACKUP_INTERVAL\"/" meshcentral-data/config.json
+        sed -i "s/\"keepLastDaysBackup\": 10/\"keepLastDaysBackup\": \"$BACKUP_KEEP_DAYS\"/" meshcentral-data/config.json
+        if [ -z "$SESSION_KEY" ]; then
+        SESSION_KEY="$(cat /dev/urandom | tr -dc 'A-Za-z0-9!#$%&()*+,-./:;<=>?@[\]^_`{|}~' | fold -w 32 | head -n 1)"
+        fi
+        sed -i "s/\"_sessionKey\": \"MyReallySecretPassword1\"/\"sessionKey\": \"$SESSION_KEY\"/" meshcentral-data/config.json
         if [ "$REVERSE_PROXY" != "false" ]
             then 
                 sed -i "s/\"_certUrl\": \"my\.reverse\.proxy\"/\"certUrl\": \"https:\/\/$REVERSE_PROXY:$REVERSE_PROXY_TLS_PORT\"/" meshcentral-data/config.json

docker-compose-mongodb.yml

@@ -13,7 +13,7 @@ services:
         container_name: meshcentral
         depends_on:
             - 'mongodb'
-        image: typhonragewind/meshcentral
+        image: typhonragewind/meshcentral:mongodb-latest
         ports:
             - 8086:443
             - 8087:800

docker-compose.yml

@@ -3,7 +3,7 @@ services:
     meshcentral:
         restart: always
         container_name: meshcentral
-        image: typhonragewind/meshcentral
+        image: typhonragewind/meshcentral:latest
         ports:
             - 8086:443  #MeshCentral will moan and try everything not to use port 80, but you can also use it if you so desire, just change the config.json according to your needs
         environment:
@@ -13,6 +13,10 @@ services:
             - IFRAME=false    #set to true if you wish to enable iframe support
             - ALLOW_NEW_ACCOUNTS=true    #set to false if you want disable self-service creation of new accounts besides the first (admin)
             - WEBRTC=false  #set to true to enable WebRTC - per documentation it is not officially released with meshcentral, but is solid enough to work with. Use with caution
+            - BACKUPS_PW=MyAwesomePasswordPleaseChangeMe #password for the autobackup function
+            - BACKUP_INTERVAL=24 # Interval in hours for the autobackup function
+            - BACKUP_KEEP_DAYS=10 #number of days of backups the function keeps
         volumes:
             - ./meshcentral/data:/opt/meshcentral/meshcentral-data    #config.json and other important files live here. A must for data persistence
             - ./meshcentral/user_files:/opt/meshcentral/meshcentral-files    #where file uploads for users live
+            - ./meshcentral/backups:/opt/meshcentral/meshcentral-backups     #Backups location