78 lines
2.5 KiB
Bash
Executable file
78 lines
2.5 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
# Function to check if a command exists
|
|
command_exists() {
|
|
command -v "$1" >/dev/null 2>&1
|
|
}
|
|
|
|
# Set container name
|
|
CONTAINER_NAME="static2api"
|
|
|
|
# Determine if we use podman or docker
|
|
if command_exists podman; then
|
|
CONTAINER_CMD="podman"
|
|
VOLUME_FLAG=":Z"
|
|
echo "Using Podman for container management."
|
|
elif command_exists docker; then
|
|
CONTAINER_CMD="docker"
|
|
VOLUME_FLAG=""
|
|
echo "Using Docker for container management."
|
|
else
|
|
echo "Error: Neither Podman nor Docker found. Please install one of them first."
|
|
exit 1
|
|
fi
|
|
|
|
# Stop and remove container if it exists
|
|
echo "Checking for existing container..."
|
|
if $CONTAINER_CMD ps -a --format '{{.Names}}' | grep -q "^${CONTAINER_NAME}$"; then
|
|
echo "Stopping and removing existing ${CONTAINER_NAME} container..."
|
|
$CONTAINER_CMD stop ${CONTAINER_NAME}
|
|
$CONTAINER_CMD rm ${CONTAINER_NAME}
|
|
fi
|
|
|
|
# Build the container image
|
|
echo "Building container image..."
|
|
$CONTAINER_CMD build -t ${CONTAINER_NAME}:latest .
|
|
|
|
# Set up source directory to mount
|
|
SOURCE_DIR="./source"
|
|
if [ ! -d "$SOURCE_DIR" ]; then
|
|
echo "Creating source directory..."
|
|
mkdir -p "$SOURCE_DIR"
|
|
fi
|
|
|
|
# Run the container
|
|
echo "Starting container..."
|
|
$CONTAINER_CMD run --name ${CONTAINER_NAME} \
|
|
-p 127.0.0.1:8000:8000 \
|
|
-v "$SOURCE_DIR":/home/appuser/app/source${VOLUME_FLAG} \
|
|
--read-only \
|
|
--security-opt no-new-privileges:true \
|
|
--cap-drop ALL \
|
|
--user 1000:1000 \
|
|
-d ${CONTAINER_NAME}:latest
|
|
|
|
|
|
echo $(podman inspect ${CONTAINER_NAME} --format '{{.State.Pid}}')
|
|
|
|
sudo nsenter -t $(podman inspect ${CONTAINER_NAME} --format '{{.State.Pid}}') -n nft add table inet filter
|
|
sudo nsenter -t $(podman inspect ${CONTAINER_NAME} --format '{{.State.Pid}}') -n nft add chain inet filter output { type filter hook output priority 0 \; policy drop \; }
|
|
sudo nsenter -t $(podman inspect ${CONTAINER_NAME} --format '{{.State.Pid}}') -n \
|
|
nft add rule inet filter output oif lo accept
|
|
|
|
# Check if container started successfully
|
|
if [ $? -eq 0 ]; then
|
|
echo "Container started successfully!"
|
|
echo "Static2API is available at: http://localhost:8000"
|
|
echo ""
|
|
echo "Container logs:"
|
|
$CONTAINER_CMD logs ${CONTAINER_NAME}
|
|
|
|
echo ""
|
|
echo "Note: CSV/JSON files should be placed in the ./source directory."
|
|
echo " They will be available at: http://localhost:8000/api/{filename}"
|
|
echo " Example: ./source/contacts.csv -> http://localhost:8000/api/contacts"
|
|
else
|
|
echo "Failed to start container."
|
|
exit 1
|
|
fi
|