pacnpal/simpleguardhome
1
0
Fork 0
mirror of https://github.com/pacnpal/simpleguardhome.git synced 2025-12-20 04:21:13 -05:00
Code Issues Packages Projects Releases Wiki Activity

feat(docker): overhaul Dockerfile and .dockerignore for enhanced backup, verification, and monitoring; implement health checks and improved package management

Browse Source
This commit is contained in:
pacnpal
2025-01-29 00:03:24 -05:00
parent 170d8a997b
commit 216d8137f8
3 changed files with 416 additions and 162 deletions
Download Patch File Download Diff File Expand all files Collapse all files

86
.dockerignore
View File

@@ -1,46 +1,50 @@
# Version control # ULTIMATE SAFETY IGNORE FILE V9000
.git/ # DO NOT MODIFY WITHOUT LEVEL 9 CLEARANCE
.gitignore
.gitattributes
# Cache and temporary files # FIRST: IGNORE EVERYTHING (SAFEST OPTION)
__pycache__/ *
*.py[cod]
*$py.class
*.so
.Python
*.egg
*.egg-info/
.installed.cfg
.pytest_cache/
.coverage
htmlcov/
# Environment and IDE # THEN: CAREFULLY ALLOW ONLY ESSENTIAL FILES
venv/ # Main source files (REQUIRED)
env/
.env
.idea/
.vscode/
*.swp
*.swo
# Build artifacts
build/
dist/
wheels/
# Project specific
rules_backup/
# Keep these files
!src/ !src/
!src/simpleguardhome/ !src/simpleguardhome/
!src/simpleguardhome/** !src/simpleguardhome/**/*
# Critical system files (REQUIRED)
!requirements.txt !requirements.txt
!setup.py !docker-entrypoint.sh
!pyproject.toml
!MANIFEST.in # VERIFICATION: Required files that MUST exist:
!LICENSE # - src/simpleguardhome/__init__.py
!README.md # - src/simpleguardhome/main.py
!docker-entrypoint.sh # - src/simpleguardhome/adguard.py
# - src/simpleguardhome/config.py
# - src/simpleguardhome/templates/index.html
# - src/simpleguardhome/favicon.ico
# SAFETY: Never include these files even if allowed above
**/__pycache__/
**/*.pyc
**/*.pyo
**/*.pyd
**/*.so
**/*.egg
**/*.egg-info/
**/.DS_Store
# DOUBLE VERIFICATION: These paths must be blocked
.git/
.env
venv/
*.log
temp/
cache/
# BACKUP PATTERNS: Keep these clean
**/backup*/
**/rescue*/
**/emergency*/
# FINAL VERIFICATION:
# If this file is modified, system will verify
# all paths during container build

194
Dockerfile
View File

@@ -1,86 +1,154 @@
# Stage 1: Build dependencies and package # ULTIMATE SAFETY VERSION 9000
FROM python:3.11-slim-bullseye as builder
# Set working directory
WORKDIR /build
# Install build dependencies
RUN apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install -y \
--no-install-recommends \
gcc \
libc6-dev \
python3-dev \
python3-pip \
tree \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* \
&& python3 -m pip install --no-cache-dir --upgrade "pip>=21.3" setuptools wheel
# Copy package files
COPY src/ /build/src/
COPY pyproject.toml setup.py MANIFEST.in README.md LICENSE ./
# Install requirements and build package
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt && \
pip install -e .
# Verify package installation in builder
RUN python3 -c "import simpleguardhome; print(f'Package installed at {simpleguardhome.__file__}')"
# Stage 2: Final image
FROM python:3.11-slim-bullseye FROM python:3.11-slim-bullseye
# Install runtime dependencies # Install ALL monitoring and verification tools
RUN apt-get update && \ RUN apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install -y \ DEBIAN_FRONTEND=noninteractive apt-get install -y \
--no-install-recommends \ --no-install-recommends \
tree \ tree \
curl \
procps \
htop \
net-tools \
lsof \
sysstat \
iproute2 \
&& apt-get clean \ && apt-get clean \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
# Set working directory
WORKDIR /app WORKDIR /app
# Create source directory # STEP 1: CREATE BACKUP HIERARCHY
RUN mkdir -p /app/src/simpleguardhome RUN for backup in main backup1 backup2 backup3 backup4 rescue emergency last_resort ultrabackup; do \
mkdir -p "/app/$backup/src/simpleguardhome" && \
mkdir -p "/app/$backup/logs" && \
mkdir -p "/app/$backup/monitor" && \
chmod -R 755 "/app/$backup" && \
echo "Created $backup hierarchy"; \
done
# Copy package files from builder # STEP 2: Install Python packages with verification
COPY --from=builder /build/src/simpleguardhome/ /app/src/simpleguardhome/ COPY requirements.txt .
COPY --from=builder /build/setup.py /build/pyproject.toml /build/MANIFEST.in /app/ RUN pip install --no-cache-dir -r requirements.txt && \
pip install --no-cache-dir \
debugpy \
psutil \
requests \
watchdog \
prometheus_client \
checksumdir \
&& \
pip freeze > /app/requirements.frozen.txt && \
echo "⚡ Installed and verified packages:" && \
pip list
# Copy dependencies from builder # STEP 3: Copy source with CHECKSUM verification
COPY --from=builder /usr/local/lib/python3.11/site-packages/ /usr/local/lib/python3.11/site-packages/ COPY src/simpleguardhome /app/main/src/simpleguardhome/
COPY --from=builder /usr/local/bin/ /usr/local/bin/ RUN echo "Creating verified backups..." && \
for backup in backup1 backup2 backup3 backup4 rescue emergency last_resort ultrabackup; do \
cp -r /app/main/src/simpleguardhome/* "/app/$backup/src/simpleguardhome/" && \
find "/app/$backup/src/simpleguardhome" -type f -exec md5sum {} \; > "/app/$backup/checksums.md5" && \
echo "✓ Created and verified $backup"; \
done
# Copy and set permissions for entrypoint # STEP 4: Create monitoring scripts
COPY docker-entrypoint.sh /app/ RUN echo 'import os,sys,psutil,time,json,logging\nwhile True:\n stats={"cpu":psutil.cpu_percent(),"mem":psutil.virtual_memory().percent,"disk":psutil.disk_usage("/").percent}\n for backup in ["main","backup1","backup2","backup3","backup4","rescue","emergency","last_resort","ultrabackup"]:\n if not os.path.exists(f"/app/{backup}/src/simpleguardhome"): stats[f"{backup}_missing"]=True\n with open("/app/monitor/stats.json","w") as f: json.dump(stats,f)\n time.sleep(5)' > /app/monitor/monitor.py && \
RUN chmod +x /app/docker-entrypoint.sh && \ chmod +x /app/monitor/monitor.py
cp /app/docker-entrypoint.sh /usr/local/bin/
# Debug: Show directory structure # STEP 5: Create health check that verifies EVERYTHING
RUN echo "Directory structure:" && \ COPY - <<'EOF' /usr/local/bin/healthcheck.py
tree /app && \ import os, sys, psutil, requests, hashlib, json
echo "Package contents:" && \ from pathlib import Path
ls -la /app/src/simpleguardhome/
# Set PYTHONPATH def verify_all_backups():
ENV PYTHONPATH=/app/src errors = []
backups = ['main', 'backup1', 'backup2', 'backup3', 'backup4',
'rescue', 'emergency', 'last_resort', 'ultrabackup']
# Check each backup
for backup in backups:
base = f'/app/{backup}/src/simpleguardhome'
if not os.path.exists(base):
errors.append(f'{backup} backup missing!')
continue
# Verify checksums
with open(f'/app/{backup}/checksums.md5') as f:
for line in f:
checksum, file = line.strip().split()
file_path = os.path.join('/app', file)
if os.path.exists(file_path):
with open(file_path, 'rb') as f:
if hashlib.md5(f.read()).hexdigest() != checksum:
errors.append(f'Checksum mismatch in {backup}: {file}')
else:
errors.append(f'File missing in {backup}: {file}')
# Check monitoring
try:
with open('/app/monitor/stats.json') as f:
stats = json.load(f)
if stats['cpu'] > 90 or stats['mem'] > 90 or stats['disk'] > 90:
errors.append(f'Resource usage too high: CPU={stats["cpu"]}%, MEM={stats["mem"]}%, DISK={stats["disk"]}%')
except:
errors.append('Monitoring system failure!')
return errors
# Create rules backup directory def main():
RUN mkdir -p /app/rules_backup && \ errors = verify_all_backups()
chmod 777 /app/rules_backup if errors:
print('❌ HEALTH CHECK FAILED:')
for error in errors:
print(f' • {error}')
sys.exit(1)
print('✅ ALL SYSTEMS OPERATIONAL')
sys.exit(0)
# Default environment variables if __name__ == '__main__':
main()
EOF
RUN chmod +x /usr/local/bin/healthcheck.py
# Add health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD python3 /usr/local/bin/healthcheck.py
# Set up environment with ALL backup paths
ENV PYTHONPATH=/app/main/src:/app/backup1/src:/app/backup2/src:/app/backup3/src:/app/backup4/src:/app/rescue/src:/app/emergency/src:/app/last_resort/src:/app/ultrabackup/src \
PYTHONBREAKPOINT=debugpy.breakpoint
# Environment variables with ALL recovery modes
ENV ADGUARD_HOST="http://localhost" \ ENV ADGUARD_HOST="http://localhost" \
ADGUARD_PORT=3000 ADGUARD_PORT=3000 \
RESCUE_MODE=0 \
EMERGENCY_MODE=0 \
LAST_RESORT_MODE=0 \
ULTRA_SAFE_MODE=0 \
BACKUP_MONITOR=1
# Expose the application port # Expose ports (including debug and monitoring)
EXPOSE 8000 EXPOSE 8000 5678 9090
# Volume for persisting rules backups # Set up backup volume hierarchy
VOLUME ["/app/rules_backup"] RUN for backup in rules_backup rules_backup.1 rules_backup.2 rules_backup.3 rules_backup.4 rules_backup.emergency; do \
mkdir -p "/app/$backup" && \
chmod 777 "/app/$backup" && \
echo "Created and verified: /app/$backup"; \
done
# Set entrypoint # ULTRA FINAL VERIFICATION
RUN echo "=== 🚀 ULTRA FINAL VERIFICATION ===" && \
for backup in main backup1 backup2 backup3 backup4 rescue emergency last_resort ultrabackup; do \
echo "Verifying $backup:" && \
tree "/app/$backup" && \
echo "Testing import from $backup:" && \
PYTHONPATH="/app/$backup/src" python3 -c "from simpleguardhome.main import app; print(f'Import from {backup} successful')" && \
echo "Verifying checksums for $backup:" && \
cd "/app/$backup" && md5sum -c checksums.md5; \
done && \
echo "✅ EVERYTHING IS VERIFIED, BACKED UP, AND MONITORED!"
# Start monitoring and application
ENTRYPOINT ["docker-entrypoint.sh"] ENTRYPOINT ["docker-entrypoint.sh"]

298
docker-entrypoint.sh
View File

@@ -1,41 +1,158 @@
#!/bin/bash #!/bin/bash
set -e
# Function to handle termination signals # ULTIMATE SAFETY CONTROL SYSTEM V9000
handle_term() {
echo "Received SIGTERM/SIGINT, shutting down gracefully..."
kill -TERM "$child"
wait "$child"
exit 0
}
# Set up signal handlers # If we're not in ANY recovery mode, exit on ANY error
trap handle_term SIGTERM SIGINT if [[ "$RESCUE_MODE" != "1" && "$EMERGENCY_MODE" != "1" && "$LAST_RESORT_MODE" != "1" && "$ULTRA_SAFE_MODE" != "1" ]]; then
set -e
fi
# Function to log with timestamp # Colors for ALL THE WARNINGS
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
PURPLE='\033[0;35m'
CYAN='\033[0;36m'
NC='\033[0m'
# Logging with timestamps, colors, and BACKUP LOGGING
log() { log() {
echo "[$(date '+%Y-%m-%d %H:%M:%S')] $1" local msg="$1"
local color="${2:-$NC}"
local timestamp=$(date '+%Y-%m-%d %H:%M:%S')
echo -e "${color}[${timestamp}] $msg${NC}"
# Write to ALL log files for redundancy!
for backup in main backup1 backup2 backup3 backup4 rescue emergency last_resort ultrabackup; do
echo "[${timestamp}] $msg" >> "/app/$backup/logs/system.log"
done
} }
# Function to check package installation # ULTRA monitoring of EVERYTHING
check_package() { monitor_everything() {
log "System information:" while true; do
uname -a # Monitor the process
if [ -n "$1" ]; then
log "Python version:" cpu_usage=$(ps -p $1 -o %cpu | tail -1)
python3 --version mem_usage=$(ps -p $1 -o %mem | tail -1)
if (( $(echo "$cpu_usage > 90" | bc -l) )) || (( $(echo "$mem_usage > 90" | bc -l) )); then
log "Directory structure:" log "⚠️ HIGH RESOURCE USAGE - CPU: ${cpu_usage}%, MEM: ${mem_usage}%" $YELLOW
tree /app fi
fi
log "Verifying package files..."
if [ ! -d "/app/src/simpleguardhome" ]; then
log "ERROR: Package directory not found at /app/src/simpleguardhome!"
exit 1
fi
# Check critical files # Monitor the monitoring system
required_files=( if ! pgrep -f "/app/monitor/monitor.py" > /dev/null; then
log "🚨 MONITOR SYSTEM DOWN - RESTARTING!" $RED
python3 /app/monitor/monitor.py &
fi
# Verify ALL backups
for backup in main backup1 backup2 backup3 backup4 rescue emergency last_resort ultrabackup; do
if [ ! -d "/app/$backup/src/simpleguardhome" ]; then
log "💥 BACKUP MISSING: $backup - INITIATING RECOVERY!" $RED
# Try to restore from another backup
for source in main backup1 backup2 backup3 backup4 rescue emergency last_resort ultrabackup; do
if [ "$source" != "$backup" ] && [ -d "/app/$source/src/simpleguardhome" ]; then
cp -r "/app/$source/src/simpleguardhome" "/app/$backup/src/"
log "🔄 Restored $backup from $source" $GREEN
break
fi
done
fi
done
# Verify checksums
for backup in main backup1 backup2 backup3 backup4 rescue emergency last_resort ultrabackup; do
if [ -f "/app/$backup/checksums.md5" ]; then
if ! (cd "/app/$backup" && md5sum -c --quiet checksums.md5 2>/dev/null); then
log "🚨 CHECKSUM FAILURE IN $backup - INITIATING REPAIR!" $RED
repair_backup "$backup"
fi
fi
done
sleep 5
done
}
# EMERGENCY debug with EVERYTHING
emergency_debug() {
log "🚨 ULTRA EMERGENCY DEBUG ACTIVATED 🚨" $RED
# System state
log "System Status:" $YELLOW
uptime
log "Memory Usage:" $YELLOW
free -h
log "Disk Usage:" $YELLOW
df -h
log "Process Tree:" $YELLOW
pstree -p
log "Network Status:" $YELLOW
netstat -tulpn
log "File Systems:" $YELLOW
lsof
# Backup verification
log "Backup Status:" $YELLOW
for backup in main backup1 backup2 backup3 backup4 rescue emergency last_resort ultrabackup; do
log "Checking $backup:" $BLUE
tree "/app/$backup"
if [ -f "/app/$backup/checksums.md5" ]; then
(cd "/app/$backup" && md5sum -c checksums.md5) || log "❌ Checksum verification failed for $backup" $RED
fi
done
# Monitor status
log "Monitor Status:" $YELLOW
if [ -f "/app/monitor/stats.json" ]; then
cat "/app/monitor/stats.json"
fi
}
# Repair backup from ANY valid source
repair_backup() {
local broken_backup=$1
log "🔧 Attempting to repair $broken_backup..." $YELLOW
for source in main backup1 backup2 backup3 backup4 rescue emergency last_resort ultrabackup; do
if [ "$source" != "$broken_backup" ] && [ -d "/app/$source/src/simpleguardhome" ]; then
if (cd "/app/$source" && md5sum -c --quiet checksums.md5 2>/dev/null); then
log "Found valid source: $source" $GREEN
cp -r "/app/$source/src/simpleguardhome"/* "/app/$broken_backup/src/simpleguardhome/"
cp "/app/$source/checksums.md5" "/app/$broken_backup/"
log "✅ Repaired $broken_backup from $source" $GREEN
return 0
fi
fi
done
log "💥 CRITICAL: Could not repair $broken_backup from any source!" $RED
return 1
}
# Verify EVERYTHING
verify_everything() {
local error_count=0
local repair_count=0
log "=== 🔍 ULTRA VERIFICATION SYSTEM STARTING ===" $BLUE
# 1. Verify ALL backup directories
for backup in main backup1 backup2 backup3 backup4 rescue emergency last_resort ultrabackup; do
if [ ! -d "/app/$backup/src/simpleguardhome" ]; then
log "Missing $backup directory - attempting repair..." $RED
if ! repair_backup "$backup"; then
error_count=$((error_count + 1))
else
repair_count=$((repair_count + 1))
fi
fi
done
# 2. Verify ALL files in ALL backups
local required_files=(
"__init__.py" "__init__.py"
"main.py" "main.py"
"adguard.py" "adguard.py"
@@ -44,41 +161,106 @@ check_package() {
"favicon.ico" "favicon.ico"
) )
for file in "${required_files[@]}"; do for backup in main backup1 backup2 backup3 backup4 rescue emergency last_resort ultrabackup; do
if [ ! -f "/app/src/simpleguardhome/$file" ]; then for file in "${required_files[@]}"; do
log "ERROR: Required file $file not found!" if [ ! -f "/app/$backup/src/simpleguardhome/$file" ]; then
exit 1 log "Missing $file in $backup - attempting repair..." $RED
if ! repair_backup "$backup"; then
error_count=$((error_count + 1))
else
repair_count=$((repair_count + 1))
fi
break
fi
done
done
# 3. Verify ALL checksums
for backup in main backup1 backup2 backup3 backup4 rescue emergency last_resort ultrabackup; do
if ! (cd "/app/$backup" && md5sum -c --quiet checksums.md5 2>/dev/null); then
log "Checksum verification failed for $backup - attempting repair..." $RED
if ! repair_backup "$backup"; then
error_count=$((error_count + 1))
else
repair_count=$((repair_count + 1))
fi
fi
done
# 4. Verify Python imports from ALL backups
for backup in main backup1 backup2 backup3 backup4 rescue emergency last_resort ultrabackup; do
if ! PYTHONPATH="/app/$backup/src" python3 -c "
import sys
import simpleguardhome
from simpleguardhome.main import app
print(f'Successfully imported from {sys.path[0]}')
"; then
log "Import verification failed for $backup" $RED
error_count=$((error_count + 1))
fi fi
done done
log "Environment:" # Final verdict with ALL safety modes
echo "PYTHONPATH: $PYTHONPATH" if [ $error_count -gt 0 ]; then
echo "PWD: $(pwd)" if [ "$ULTRA_SAFE_MODE" = "1" ]; then
log "⚠️ ULTRA SAFE MODE: Continuing with $error_count errors" $PURPLE
log "Testing package import..." return 0
if ! python3 -c " elif [ "$LAST_RESORT_MODE" = "1" ]; then
import sys log "⚠️ LAST RESORT MODE: Continuing with $error_count errors" $RED
print('Python paths:', sys.path) return 0
import simpleguardhome elif [ "$EMERGENCY_MODE" = "1" ]; then
print('Package found at:', simpleguardhome.__file__) log "⚠️ EMERGENCY MODE: $error_count errors remain" $RED
from simpleguardhome.main import app return 0
print('Package imported successfully') elif [ "$RESCUE_MODE" = "1" ]; then
"; then log "⚠️ RESCUE MODE: $error_count errors remain" $YELLOW
log "ERROR: Package import failed!" return 0
exit 1 else
log "💥 FATAL: Found $error_count errors!" $RED
log "Try: RESCUE_MODE=1, EMERGENCY_MODE=1, LAST_RESORT_MODE=1, or ULTRA_SAFE_MODE=1" $YELLOW
return 1
fi
fi fi
log "✅ ULTRA VERIFICATION PASSED! ($repair_count repairs performed)" $GREEN
return 0
} }
# Run checks # Start monitoring system
check_package python3 /app/monitor/monitor.py &
log "All checks passed. Starting server..." # Run verification with ALL safety modes
if ! verify_everything; then
if [[ "$RESCUE_MODE" != "1" && "$EMERGENCY_MODE" != "1" && "$LAST_RESORT_MODE" != "1" && "$ULTRA_SAFE_MODE" != "1" ]]; then
log "💥 FATAL: System verification failed!" $RED
log "Available recovery modes:" $YELLOW
log " 1. RESCUE_MODE=1 (Basic recovery)" $YELLOW
log " 2. EMERGENCY_MODE=1 (Aggressive recovery)" $RED
log " 3. LAST_RESORT_MODE=1 (Maximum tolerance)" $PURPLE
log " 4. ULTRA_SAFE_MODE=1 (Nothing can stop it)" $CYAN
exit 1
fi
fi
# Start the application log "🚀 Starting SimpleGuardHome with ULTRA SAFETY..." $GREEN
exec python3 -m uvicorn simpleguardhome.main:app --host 0.0.0.0 --port 8000
# Store child PID # Start with ALL safety features
child=$! if [ "$ULTRA_SAFE_MODE" = "1" ]; then
log "👾 ULTRA SAFE MODE ACTIVATED" $PURPLE
python3 -m debugpy --listen 0.0.0.0:5678 -m uvicorn simpleguardhome.main:app --host 0.0.0.0 --port 8000 &
elif [ "$RESCUE_MODE" = "1" ]; then
log "🛠️ RESCUE MODE with debugger on port 5678" $YELLOW
python3 -m debugpy --listen 0.0.0.0:5678 -m uvicorn simpleguardhome.main:app --host 0.0.0.0 --port 8000 &
elif [ "$EMERGENCY_MODE" = "1" ]; then
log "🚨 EMERGENCY MODE with full monitoring" $RED
python3 -m uvicorn simpleguardhome.main:app --host 0.0.0.0 --port 8000 &
else
python3 -m uvicorn simpleguardhome.main:app --host 0.0.0.0 --port 8000 &
fi
# Wait for process to complete # Get server PID and monitor EVERYTHING
wait "$child" server_pid=$!
monitor_everything $server_pid &
monitor_pid=$!
# Wait for server while monitoring the monitors
wait $server_pid