Spaces:

hequ
/

cc

Paused

App Files Files Community

hequ commited on Oct 15, 2025

Commit

d85e519

verified ·

1 Parent(s): 6326a97

Update docker-entrypoint.sh

Browse files

Files changed (1) hide show

docker-entrypoint.sh +104 -34

docker-entrypoint.sh CHANGED Viewed

@@ -1,39 +1,109 @@
 #!/usr/bin/env sh
-set -euo pipefail
-export HOST="${HOST:-0.0.0.0}"
-export PORT="${PORT:-7860}"
-mkdir -p /data/logs /data/data
-if [ ! -L /app/logs ]; then
-  rm -rf /app/logs && ln -s /data/logs /app/logs
-fi
-if [ ! -L /app/data ]; then
-  rm -rf /app/data && ln -s /data/data /app/data
-fi
-export REDIS_HOST="${REDIS_HOST:-127.0.0.1}"
-export REDIS_PORT="${REDIS_PORT:-6379}"
-export REDIS_PASSWORD="${REDIS_PASSWORD:-}"
-redis-server --bind 127.0.0.1 --port "${REDIS_PORT}" \
-  --save 60 1 --appendonly yes --appendfsync everysec &
-echo "[entrypoint] Waiting for Redis on ${REDIS_HOST}:${REDIS_PORT} ..."
-for i in $(seq 1 60); do
-  if redis-cli -h "${REDIS_HOST}" -p "${REDIS_PORT}" ping >/dev/null 2>&1; then
-    echo "[entrypoint] Redis is ready."
-    break
   fi
-  sleep 0.5
-done
-if [ -n "${HF_TOKEN:-}" ] && [ -n "${DATASET_ID:-}" ]; then
-  echo "[entrypoint] 启动 HF Dataset 备份服务（间隔 ${SYNC_INTERVAL:-3600}s，保留 ${MAX_BACKUPS:-10} 份）"
-  /bin/sh /app/tools/hf-backup.sh > /app/logs/hf-backup.log 2>&1 &
-else
-  echo "[entrypoint] 未设置 HF_TOKEN/DATASET_ID，跳过备份服务"
-fi
-echo "[entrypoint] Starting app on 0.0.0.0:${PORT} ..."
 exec "$@"

 #!/usr/bin/env sh
+set -eu
+log() { printf '%s %s\n' "$(date '+[%Y-%m-%d %H:%M:%S]')" "$*"; }
+die() { log "FATAL: $*"; exit 1; }
+APP_DIR="/app"
+LOG_DIR="$APP_DIR/logs"
+DATA_DIR="$APP_DIR/data"
+TMP_DIR="$APP_DIR/temp"
+mkdir -p "$LOG_DIR" "$DATA_DIR" "$TMP_DIR"
+: "${HOST:=0.0.0.0}"
+: "${PORT:=7860}"
+: "${EMBEDDED_REDIS:=1}"          # 设为 0 可关闭容器内置 Redis（改用外部 Redis）
+: "${REDIS_HOST:=127.0.0.1}"
+: "${REDIS_PORT:=6379}"
+: "${SYNC_INTERVAL:=3600}"
+: "${MAX_BACKUPS:=10}"
+: "${BACKUP_PATHS:=/app/data}"    # 备份路径，逗号分隔
+: "${JWT_SECRET:=}"
+: "${ENCRYPTION_KEY:=}"
+REDIS_PID=""
+BACKUP_PID=""
+cleanup() {
+  log "[entrypoint] Caught signal, shutting down..."
+  [ -n "$BACKUP_PID" ] && kill "$BACKUP_PID" 2>/dev/null || true
+  if [ -n "$REDIS_PID" ]; then
+    redis-cli ${REDIS_PASSWORD:+-a "$REDIS_PASSWORD"} -h 127.0.0.1 -p "$REDIS_PORT" shutdown 2>/dev/null || true
+  fi
+}
+trap cleanup INT TERM
+start_redis() {
+  if [ "$EMBEDDED_REDIS" = "1" ]; then
+    log "[entrypoint] Waiting for Redis on 127.0.0.1:${REDIS_PORT} ..."
+    ARGS="--port ${REDIS_PORT} --bind 127.0.0.1 --save 60 1 --appendonly yes --appendfsync everysec"
+    if [ -n "${REDIS_PASSWORD:-}" ]; then
+      ARGS="$ARGS --requirepass ${REDIS_PASSWORD}"
+    fi
+    redis-server $ARGS --daemonize yes
+    REDIS_PID="$(pgrep -xo redis-server || true)"
+    # 等待就绪
+    i=0
+    until redis-cli ${REDIS_PASSWORD:+-a "$REDIS_PASSWORD"} -h 127.0.0.1 -p "$REDIS_PORT" ping >/dev/null 2>&1; do
+      i=$((i+1)); [ "$i" -gt 60 ] && die "Redis failed to start in time"
+      sleep 1
+    done
+    log "[entrypoint] Redis is ready."
+  else
+    log "[entrypoint] EMBEDDED_REDIS=0, skip internal Redis."
+  fi
+}
+bootstrap_admin() {
+  if [ -n "${ADMIN_USERNAME:-}" ] && [ -n "${ADMIN_PASSWORD:-}" ]; then
+    if [ ! -f "$DATA_DIR/.admin_bootstrapped" ]; then
+      log "[entrypoint] Bootstrapping admin user: ${ADMIN_USERNAME}"
+      ADMIN_USERNAME="${ADMIN_USERNAME}" \
+      ADMIN_PASSWORD="${ADMIN_PASSWORD}" \
+      npm run setup || log "[entrypoint] WARN: npm run setup returned non-zero (may already exist)"
+      touch "$DATA_DIR/.admin_bootstrapped"
+      log "[entrypoint] Admin bootstrap done."
+    else
+      log "[entrypoint] Admin already bootstrapped, skip."
+    fi
+  else
+    log "[entrypoint] ADMIN_USERNAME / ADMIN_PASSWORD not set, skip admin bootstrap."
+  fi
+}
+start_hf_backup() {
+  if [ -n "${HF_TOKEN:-}" ] && [ -n "${DATASET_ID:-}" ]; then
+    if [ -x "$APP_DIR/tools/hf-backup.sh" ]; then
+      log "[entrypoint] 启动 HF Dataset 备份服务（间隔 ${SYNC_INTERVAL}s，保留 ${MAX_BACKUPS} 份）"
+      # 以后台守护方式运行，日志写入文件
+      HF_TOKEN="$HF_TOKEN" \
+      DATASET_ID="$DATASET_ID" \
+      SYNC_INTERVAL="$SYNC_INTERVAL" \
+      MAX_BACKUPS="$MAX_BACKUPS" \
+      BACKUP_PATHS="$BACKUP_PATHS" \
+      nohup "$APP_DIR/tools/hf-backup.sh" >>"$LOG_DIR/hf-backup.log" 2>&1 &
+      BACKUP_PID="$!"
+    else
+      log "[entrypoint] WARN: tools/hf-backup.sh 不存在或不可执行，跳过备份。"
+    fi
+  else
+    log "[entrypoint] 未配置 HF_TOKEN 或 DATASET_ID，跳过备份。"
+  fi
+}
+check_secrets() {
+  if [ -z "$JWT_SECRET" ] || [ "${#JWT_SECRET}" -lt 32 ]; then
+    log "[entrypoint] WARN: JWT_SECRET 未设置或长度 < 32，建议设置一个 32+ 位随机字符串。"
+  fi
+  if [ -z "$ENCRYPTION_KEY" ] || [ "${#ENCRYPTION_KEY}" -ne 32 ]; then
+    log "[entrypoint] WARN: ENCRYPTION_KEY 未设置或长度不是 32，建议设置为 32 位随机字符串（AES-256 密钥）。"
   fi
+}
+check_secrets
+start_redis
+bootstrap_admin
+start_hf_backup
+log "[entrypoint] Starting app on ${HOST}:${PORT} ..."
 exec "$@"