From 3ccb4b25258e6858be4c3dfe54d0f0491a8f41a2 Mon Sep 17 00:00:00 2001
From: brichards64 <benjamin.richards@warwick.ac.uk>
Date: Fri, 17 Jan 2025 00:12:22 +0000
Subject: [PATCH 1/4] minor improvements to SetupDatabase.sh and Dockerfile.
 Suppress cp alias warning. Add docker flag to suppress audit permissions
 warnings. Use systemd when available for postgres service, falling back to
 pg_ctl when unavailable (i.e. in containers). Remove redundant call to start
 database in rc.local to suppress warning. Add listen on all addresses to
 posgtresql.conf, and enable database checksums.

---
 Dockerfile.server |  4 ++--
 README.md         |  2 +-
 SetupDatabase.sh  | 42 +++++++++++++++++++++++++++++++++++++-----
 3 files changed, 40 insertions(+), 8 deletions(-)

diff --git a/Dockerfile.server b/Dockerfile.server
index 24237a53..0375ece5 100644
--- a/Dockerfile.server
+++ b/Dockerfile.server
@@ -49,7 +49,8 @@ RUN cd /opt \
 RUN sed -e 's/#LoadModule mpm_prefork_module/LoadModule mpm_prefork_module/' -i /etc/httpd/conf.modules.d/00-mpm.conf \
     && sed -e '/LoadModule mpm_event_module/ s/^#*/#/' -i /etc/httpd/conf.modules.d/00-mpm.conf
 
-RUN echo "unalias cp" >>  /etc/rc.local ;\
+RUN echo "CP=$(type -t cp)" >> /etc/rc.local ;\
+    echo "if [ ! -z "${CP}" ]; then unalias cp; fi" >>  /etc/rc.local ;\
     echo "cp -f /web/httpd.conf /etc/httpd/conf/" >>  /etc/rc.local ;\
     echo "alias cp='cp -i'" >>  /etc/rc.local ;\
     echo "chmod a+x /web/SetupDatabase.sh" >>  /etc/rc.local ;\
@@ -59,7 +60,6 @@ RUN echo "unalias cp" >>  /etc/rc.local ;\
     echo "cd /web && make clean && make" >>  /etc/rc.local ;\
     echo "cd /web/cgi-bin && make clean && make" >>  /etc/rc.local ;\
     echo "/web/SetupDatabase.sh" >> /etc/rc.local ;\
-    echo "sudo -u postgres /usr/bin/pg_ctl start -D /var/lib/pgsql/data -s -o \"-p 5432\" -w -t 300;" >> /etc/rc.local;\
     echo "/opt/middleman/run_middleman.sh &> /dev/null &" >> /etc/rc.local ;\
     echo 'disown $!' >> /etc/rc.local ;\
     echo "/web/Win_Mac_translation_server  &> /dev/null &" >> /etc/rc.local ;\
diff --git a/README.md b/README.md
index 44bbfcb5..390ec205 100755
--- a/README.md
+++ b/README.md
@@ -4,7 +4,7 @@ to create docker container with webserver in use:
 
 linux:
 
-      docker run --name=WebServer -v local_git_clone_path:/web --mount type=tmpfs,dst=/tmp,tmpfs-size=500M --net=host -dt tooldaq/server
+      docker run --name=WebServer -v local_git_clone_path:/web --mount type=tmpfs,dst=/tmp,tmpfs-size=500M --net=host --cap-add=CAP_AUDIT_WRITE -dt tooldaq/server
 
 Windows / MacOS:
 
diff --git a/SetupDatabase.sh b/SetupDatabase.sh
index 7c36fbe4..dd2f8e70 100755
--- a/SetupDatabase.sh
+++ b/SetupDatabase.sh
@@ -1,18 +1,50 @@
 #!/bin/bash
 set +x
+systemctl status &>/dev/null
+USE_SYSTEMD=$?
 set -e
+if [ ${USE_SYSTEMD} -eq 0 ]; then
+	echo "running database as systemd unit"
+else
+	echo "running database via pg_ctl"
+fi
 # only take action on first run
 if [ -f /.DBSetupDone ]; then
-	exit 0;
+	
+	# systemd version for baremetal
+	if [ ${USESYSTEMD} -eq 0 ]; then
+		# note no [ ] in following check
+		if ! systemctl is-active --quiet postgresql; then
+			sudo systemctl start postgresql
+		fi
+		exit 0;
+	else
+		# pg_ctl version for containers
+		if [ `pg_ctl -D /var/lib/pgsql/data status &>/dev/null && echo $?` -ne 0 ]; then
+			sudo -u postgres /usr/bin/pg_ctl start -D /var/lib/pgsql/data -s -o "-p 5432" -w -t 300
+		fi
+		exit 0;
+	fi
 fi
 export LC_ALL=C
 echo "Initialising postgresql cluster"
 cd /var/lib/pgsql/
-#sudo chown -R postgres /var/lib/pgsql
-#sudo chown -R postgres /var/run/postgresql
-sudo -u postgres /usr/bin/initdb /var/lib/pgsql/data/
+# --waldir=/todo/replication
+sudo -u postgres /usr/bin/initdb --data-checksums /var/lib/pgsql/data/
+
+# set it up to listen on all network interfaces, rather than (by default) localhost only
+echo "listen_addresses = '*'" | sudo -u postgres tee -a /var/lib/pgsql/data/postgresql.conf
+
 echo "Starting postgres server"
-sudo -u postgres /usr/bin/pg_ctl start -D /var/lib/pgsql/data -s -o "-p 5432" -w -t 300
+if [ ${USE_SYSTEMD} -eq 0 ]; then
+	# systemd version
+	sudo systemctl enable --now postgresql
+else
+	# container version
+	sudo mkdir -p /var/run/postgresql && sudo chown -R postgres /var/run/postgresql
+	sudo -u postgres /usr/bin/pg_ctl start -D /var/lib/pgsql/data -s -o "-p 5432" -w -t 300
+fi
+
 echo "creating root database user"
 sudo -u postgres createuser -s root
 echo "creating 'daq' database"

From 1b74c19c1928d5502947886f0146f4bf679afbd4 Mon Sep 17 00:00:00 2001
From: marc1uk <marc1uk_@hotmail.com>
Date: Fri, 24 Jan 2025 14:05:13 +0000
Subject: [PATCH 2/4] Update Dockerfile.server

source not run setup.sh in middleman clone
---
 Dockerfile.server | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile.server b/Dockerfile.server
index 0375ece5..6d56eb9c 100644
--- a/Dockerfile.server
+++ b/Dockerfile.server
@@ -28,7 +28,7 @@ RUN cd /opt \
     && git clone https://github.com/ToolDAQ/middleman.git \
     && cd middleman/ \
     && git checkout v3.0 \
-    && ./Setup.sh \
+    && . Setup.sh \
     && make
 
 # docs build fails if index.html is not present, which kills the docker build

From 4b6105be01de13c4b8153f6bcdc698520e2957b2 Mon Sep 17 00:00:00 2001
From: marc1uk <marc1uk_@hotmail.com>
Date: Fri, 24 Jan 2025 14:23:33 +0000
Subject: [PATCH 3/4] Update Dockerfile.server

use single quotes to prevent premature expansion of LD_LIBRARY_PATH in rc.local generation
---
 Dockerfile.server | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile.server b/Dockerfile.server
index 6d56eb9c..a7f757ed 100644
--- a/Dockerfile.server
+++ b/Dockerfile.server
@@ -56,7 +56,7 @@ RUN echo "CP=$(type -t cp)" >> /etc/rc.local ;\
     echo "chmod a+x /web/SetupDatabase.sh" >>  /etc/rc.local ;\
     echo "chmod a+x /opt/middleman/run_middleman.sh" >>  /etc/rc.local ;\
     echo "chmod a+x /opt/middleman/Setup.sh" >>  /etc/rc.local ;\
-    echo "export LD_LIBRARY_PATH=/lib/:/opt/ToolFrameworkCore/lib:/opt/ToolDAQFramework/lib:/opt/boost_1_66_0/install/lib:/opt/zeromq-4.0.7/lib:/opt/libpqxx-6.4.5/install/lib:$LD_LIBRARY_PATH" >> /etc/rc.local ;\
+    echo 'export LD_LIBRARY_PATH=/lib/:/opt/ToolFrameworkCore/lib:/opt/ToolDAQFramework/lib:/opt/boost_1_66_0/install/lib:/opt/zeromq-4.0.7/lib:/opt/libpqxx-6.4.5/install/lib:$LD_LIBRARY_PATH' >> /etc/rc.local ;\
     echo "cd /web && make clean && make" >>  /etc/rc.local ;\
     echo "cd /web/cgi-bin && make clean && make" >>  /etc/rc.local ;\
     echo "/web/SetupDatabase.sh" >> /etc/rc.local ;\

From 14062a665ee3a2c61311a068060d7d1d48d9283c Mon Sep 17 00:00:00 2001
From: marc1uk <marc1uk_@hotmail.com>
Date: Fri, 24 Jan 2025 14:33:09 +0000
Subject: [PATCH 4/4] Update Dockerfile.server

prevent early expansion of CP unalias commands
---
 Dockerfile.server | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile.server b/Dockerfile.server
index a7f757ed..d88f7fbd 100644
--- a/Dockerfile.server
+++ b/Dockerfile.server
@@ -49,8 +49,8 @@ RUN cd /opt \
 RUN sed -e 's/#LoadModule mpm_prefork_module/LoadModule mpm_prefork_module/' -i /etc/httpd/conf.modules.d/00-mpm.conf \
     && sed -e '/LoadModule mpm_event_module/ s/^#*/#/' -i /etc/httpd/conf.modules.d/00-mpm.conf
 
-RUN echo "CP=$(type -t cp)" >> /etc/rc.local ;\
-    echo "if [ ! -z "${CP}" ]; then unalias cp; fi" >>  /etc/rc.local ;\
+RUN echo 'CP=$(type -t cp)' >> /etc/rc.local ;\
+    echo 'if [ ! -z "${CP}" ]; then unalias cp; fi' >>  /etc/rc.local ;\
     echo "cp -f /web/httpd.conf /etc/httpd/conf/" >>  /etc/rc.local ;\
     echo "alias cp='cp -i'" >>  /etc/rc.local ;\
     echo "chmod a+x /web/SetupDatabase.sh" >>  /etc/rc.local ;\