chore: publish 0.4.0+4.3.2 release

.env.sample

@@ -16,6 +16,12 @@ COMPOSE_FILE="compose.yml"
 # MSSQL driver
 MSSQL_ENABLED="1"
 
+# Comment out if you are using keycloak or oidc
+COMPOSE_FILE="$COMPOSE_FILE:compose.local-users.yml"
+# Share the local user database with other instances
+#COMPOSE_FILE="$COMPOSE_FILE:compose.local-users-shared.yml"
+#LOCAL_USERS_VOLUME=rstudio_example_com_users
+
 # OpenID Connect (SSO)
 #COMPOSE_FILE="$COMPOSE_FILE:compose.oidc.yml"
 #OIDC_ENABLED=1
@@ -28,7 +34,7 @@ MSSQL_ENABLED="1"
 #KEYCLOAK_ENABLED=1
 #KEYCLOAK_CLIENT_ID=
 #KEYCLOAK_CLIENT_TOKEN_URL=
-#SECRET_KEYCLOAK_CLIENT_SECRET=v1
+#SECRET_KEYCLOAK_CLIENT_SECRET_VERSION=v1
 
 # Shared secret
 #COMPOSE_FILE="$COMPOSE_FILE:compose.keycloak-sharedsecret.yml"

abra.sh

@@ -1,4 +1,4 @@
-export CUSTOM_ENTRYPOINT_VERSION=v14
+export CUSTOM_ENTRYPOINT_VERSION=v17
 export OIDC_CONF_VERSION=v1
 export PAM_EXEC_OAUTH2_YAML_VERSION=v1
-export PAM_SCRIPT_AUTH_VERSION=v6
+export PAM_SCRIPT_AUTH_VERSION=v7

compose.keycloak.yml

@@ -32,5 +32,5 @@ configs:
 
 secrets:
   keycloak_client_secret:
-    name: ${STACK_NAME}_keycloak_client_secret_${SECRET_KEYCLOAK_CLIENT_SECRET}
+    name: ${STACK_NAME}_keycloak_client_secret_${SECRET_KEYCLOAK_CLIENT_SECRET_VERSION}
     external: true

compose.local-users-shared.yml

@@ -0,0 +1,7 @@
+---
+version: "3.8"
+
+volumes:
+  users:
+    external: true
+    name: ${LOCAL_USERS_VOLUME}

compose.local-users.yml

@@ -0,0 +1,12 @@
+---
+version: "3.8"
+
+services:
+  app:
+    volumes:
+      - users:/opt/users
+    environment:
+      - COPY_USERS=1
+
+volumes:
+  users:

compose.yml

@@ -3,7 +3,7 @@ version: "3.8"
 
 services:
   app:
-    image: rocker/tidyverse:4.1.0
+    image: rocker/tidyverse:4.3.2
     networks:
       - proxy
     volumes:
@@ -29,7 +29,7 @@ services:
         - "traefik.http.routers.${STACK_NAME}.rule=Host(`${DOMAIN}`)"
         - "traefik.http.routers.${STACK_NAME}.entrypoints=web-secure"
         - "traefik.http.routers.${STACK_NAME}.tls.certresolver=${LETS_ENCRYPT_ENV}"
-        - "coop-cloud.${STACK_NAME}.version=0.2.4+4.1.0"
+        - "coop-cloud.${STACK_NAME}.version=0.4.0+4.3.2"
     entrypoint: /docker-entrypoint.sh
     command: /init
 

entrypoint.sh.tmpl

@@ -21,6 +21,35 @@ file_env() {
    unset "$fileVar"
 }
 
+{{ if eq (env "COPY_USERS") "1" }}
+cp /opt/users/passwd /etc/passwd || true
+cp /opt/users/shadow /etc/shadow || true
+cp /opt/users/group /etc/group || true
+
+copy_users() {
+  while true; do
+    if [ /etc/passwd -nt /opt/users/passwd ]; then
+      cp -uv /etc/passwd /opt/users/passwd
+    else
+      cp -uv /opt/users/passwd /etc/passwd 
+    fi
+    if [ /etc/shadow -nt /opt/users/shadow ]; then
+      cp -uv /etc/shadow /opt/users/shadow
+    else
+      cp -uv /opt/users/shadow /etc/shadow 
+    fi
+    if [ /etc/group -nt /opt/users/group ]; then
+      cp -uv /etc/group /opt/users/group
+    else
+      cp -uv /opt/users/group /etc/group 
+    fi
+    sleep 60
+  done
+}
+
+copy_users &
+{{ end }}
+
 file_env "PASSWORD"
 
 {{ if eq (env "OIDC_ENABLED") "1" }}
@@ -48,7 +77,7 @@ curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add -
 
 curl https://packages.microsoft.com/config/ubuntu/20.04/prod.list > /etc/apt/sources.list.d/mssql-release.list
 
-apt update && apt install -yq msodbcsql17 mssql-tools
+apt update && apt -o Dpkg::Options::="--force-overwrite" install -yq msodbcsql17 mssql-tools
 {{ end }}
 
 locale-gen {{ env "DEFAULT_LOCALES" }}

pam_script_auth.sh

@@ -13,6 +13,7 @@ if ! id "$PAM_USER" &>/dev/null; then
 	uid=$(echo "$PAM_USER" | md5sum | grep -Eo "[[:digit:]]{3}"  | head -n1 | sed -E 's/^0+//')
 	uid=$((1000+uid))
 	adduser --uid="$uid" "$PAM_USER" --disabled-password --quiet --gecos ""
+    usermod -aG staff "$PAM_USER"
 fi
 
 exit 0