Update docker-entrypoint.sh

docker-entrypoint.sh

@@ -1,109 +1,81 @@
-#!/usr/bin/env sh
-set -eu
+#!/bin/sh
+# shellcheck shell=sh
 
-log() { printf '%s %s\n' "$(date '+[%Y-%m-%d %H:%M:%S]')" "$*"; }
-die() { log "FATAL: $*"; exit 1; }
+set -e
 
-APP_DIR="/app"
-LOG_DIR="$APP_DIR/logs"
-DATA_DIR="$APP_DIR/data"
-TMP_DIR="$APP_DIR/temp"
-mkdir -p "$LOG_DIR" "$DATA_DIR" "$TMP_DIR"
+TS() { date "+%Y-%m-%d %H:%M:%S"; }
+log() { echo "[$(TS)] [entrypoint] $*"; }
 
-: "${HOST:=0.0.0.0}"
-: "${PORT:=7860}"
-: "${EMBEDDED_REDIS:=1}"          # 设为 0 可关闭容器内置 Redis（改用外部 Redis）
-: "${REDIS_HOST:=127.0.0.1}"
-: "${REDIS_PORT:=6379}"
-: "${SYNC_INTERVAL:=3600}"
-: "${MAX_BACKUPS:=10}"
-: "${BACKUP_PATHS:=/app/data}"    # 备份路径，逗号分隔
-: "${JWT_SECRET:=}"
-: "${ENCRYPTION_KEY:=}"
+mkdir -p /app/logs /app/data /app/temp
 
-REDIS_PID=""
-BACKUP_PID=""
-cleanup() {
-  log "[entrypoint] Caught signal, shutting down..."
-  [ -n "$BACKUP_PID" ] && kill "$BACKUP_PID" 2>/dev/null || true
-  if [ -n "$REDIS_PID" ]; then
-    redis-cli ${REDIS_PASSWORD:+-a "$REDIS_PASSWORD"} -h 127.0.0.1 -p "$REDIS_PORT" shutdown 2>/dev/null || true
-  fi
-}
-trap cleanup INT TERM
+REDIS_HOST="${REDIS_HOST:-127.0.0.1}"
+REDIS_PORT="${REDIS_PORT:-6379}"
 
-start_redis() {
-  if [ "$EMBEDDED_REDIS" = "1" ]; then
-    log "[entrypoint] Waiting for Redis on 127.0.0.1:${REDIS_PORT} ..."
-    ARGS="--port ${REDIS_PORT} --bind 127.0.0.1 --save 60 1 --appendonly yes --appendfsync everysec"
-    if [ -n "${REDIS_PASSWORD:-}" ]; then
-      ARGS="$ARGS --requirepass ${REDIS_PASSWORD}"
-    fi
-    redis-server $ARGS --daemonize yes
-    REDIS_PID="$(pgrep -xo redis-server || true)"
+start_internal_redis="false"
+case "$REDIS_HOST" in
+  ""|"127.0.0.1"|"localhost") start_internal_redis="true" ;;
+esac
 
-    # 等待就绪
-    i=0
-    until redis-cli ${REDIS_PASSWORD:+-a "$REDIS_PASSWORD"} -h 127.0.0.1 -p "$REDIS_PORT" ping >/dev/null 2>&1; do
-      i=$((i+1)); [ "$i" -gt 60 ] && die "Redis failed to start in time"
-      sleep 1
-    done
-    log "[entrypoint] Redis is ready."
+if [ "$start_internal_redis" = "true" ]; then
+  log "Starting embedded Redis on 127.0.0.1:${REDIS_PORT} ..."
+  if [ -n "${REDIS_PASSWORD:-}" ]; then
+    redis-server --port "${REDIS_PORT}" --bind 127.0.0.1 \
+      --appendonly yes --appendfsync everysec --save 60 1 \
+      --requirepass "${REDIS_PASSWORD}" &
   else
-    log "[entrypoint] EMBEDDED_REDIS=0, skip internal Redis."
+    redis-server --port "${REDIS_PORT}" --bind 127.0.0.1 \
+      --appendonly yes --appendfsync everysec --save 60 1 &
   fi
-}
+else
+  log "Using EXTERNAL Redis at ${REDIS_HOST}:${REDIS_PORT}, skip embedded Redis."
+fi
 
-bootstrap_admin() {
-  if [ -n "${ADMIN_USERNAME:-}" ] && [ -n "${ADMIN_PASSWORD:-}" ]; then
-    if [ ! -f "$DATA_DIR/.admin_bootstrapped" ]; then
-      log "[entrypoint] Bootstrapping admin user: ${ADMIN_USERNAME}"
-      ADMIN_USERNAME="${ADMIN_USERNAME}" \
-      ADMIN_PASSWORD="${ADMIN_PASSWORD}" \
-      npm run setup || log "[entrypoint] WARN: npm run setup returned non-zero (may already exist)"
-      touch "$DATA_DIR/.admin_bootstrapped"
-      log "[entrypoint] Admin bootstrap done."
-    else
-      log "[entrypoint] Admin already bootstrapped, skip."
+log "Waiting for Redis on ${REDIS_HOST}:${REDIS_PORT} ..."
+i=0
+while :; do
+  if [ -n "${REDIS_PASSWORD:-}" ]; then
+    if redis-cli -h "${REDIS_HOST}" -p "${REDIS_PORT}" -a "${REDIS_PASSWORD}" ping >/dev/null 2>&1; then
+      break
     fi
   else
-    log "[entrypoint] ADMIN_USERNAME / ADMIN_PASSWORD not set, skip admin bootstrap."
-  fi
-}
-
-start_hf_backup() {
-  if [ -n "${HF_TOKEN:-}" ] && [ -n "${DATASET_ID:-}" ]; then
-    if [ -x "$APP_DIR/tools/hf-backup.sh" ]; then
-      log "[entrypoint] 启动 HF Dataset 备份服务（间隔 ${SYNC_INTERVAL}s，保留 ${MAX_BACKUPS} 份）"
-      # 以后台守护方式运行，日志写入文件
-      HF_TOKEN="$HF_TOKEN" \
-      DATASET_ID="$DATASET_ID" \
-      SYNC_INTERVAL="$SYNC_INTERVAL" \
-      MAX_BACKUPS="$MAX_BACKUPS" \
-      BACKUP_PATHS="$BACKUP_PATHS" \
-      nohup "$APP_DIR/tools/hf-backup.sh" >>"$LOG_DIR/hf-backup.log" 2>&1 &
-      BACKUP_PID="$!"
-    else
-      log "[entrypoint] WARN: tools/hf-backup.sh 不存在或不可执行，跳过备份。"
+    if redis-cli -h "${REDIS_HOST}" -p "${REDIS_PORT}" ping >/dev/null 2>&1; then
+      break
     fi
-  else
-    log "[entrypoint] 未配置 HF_TOKEN 或 DATASET_ID，跳过备份。"
   fi
-}
-
-check_secrets() {
-  if [ -z "$JWT_SECRET" ] || [ "${#JWT_SECRET}" -lt 32 ]; then
-    log "[entrypoint] WARN: JWT_SECRET 未设置或长度 < 32，建议设置一个 32+ 位随机字符串。"
-  fi
-  if [ -z "$ENCRYPTION_KEY" ] || [ "${#ENCRYPTION_KEY}" -ne 32 ]; then
-    log "[entrypoint] WARN: ENCRYPTION_KEY 未设置或长度不是 32，建议设置为 32 位随机字符串（AES-256 密钥）。"
+  i=$((i+1))
+  if [ "$i" -ge 60 ]; then
+    log "Redis not ready after 60s, exit."
+    exit 1
   fi
-}
+  sleep 1
+done
+log "Redis is ready."
+
+HF_TOKEN="${HF_TOKEN:-}"
+DATASET_ID="${DATASET_ID:-}"
+
+if [ -n "$HF_TOKEN" ] && [ -n "$DATASET_ID" ]; then
+  export HF_TOKEN DATASET_ID
+  /app/tools/hf-backup.sh restore || log "Restore skipped/failed, continue."
+  /app/tools/hf-backup.sh daemon >/app/logs/hf-backup.log 2>&1 &
+  log "启动 HF Dataset 备份服务（间隔 ${SYNC_INTERVAL:-3600}s，保留 ${MAX_BACKUPS:-10} 份）"
+else
+  log "未配置 HF_TOKEN/DATASET_ID，跳过备份/恢复。"
+fi
+
+if [ "${FORCE_ADMIN_RESET:-false}" = "true" ]; then
+  log "FORCE_ADMIN_RESET=true, remove /app/data/init.json"
+  rm -f /app/data/init.json
+fi
 
-check_secrets
-start_redis
-bootstrap_admin
-start_hf_backup
+if [ -n "${ADMIN_USERNAME:-}" ] && [ -n "${ADMIN_PASSWORD:-}" ]; then
+  log "Bootstrapping admin user: ${ADMIN_USERNAME}"
+else
+  log "ADMIN_USERNAME/ADMIN_PASSWORD 未设置，将按已有 init.json 或默认逻辑处理。"
+fi
+npm run setup
 
-log "[entrypoint] Starting app on ${HOST}:${PORT} ..."
-exec "$@"
+HOST="${HOST:-0.0.0.0}"
+PORT="${PORT:-7860}"
+log "Starting app on ${HOST}:${PORT} ..."
+exec node src/app.js