mailcow/data/web/inc/functions.docker.inc.php
André 0fb43f4916 [Docker API] Use TLS encryption for communication with "on-the-fly" created key paris (non-exposed)
[Docker API] Create pipe to pass Rspamd UI worker password
[Dovecot] Pull Spamassassin ruleset to be read by Rspamd (MANY THANKS to Peer Heinlein!)
[Dovecot] Garbage collector for deleted maildirs (set keep time via MAILDIR_GC_TIME which defaults to 1440 minutes)
[Web] Flush memcached after mailbox item changes, fixes #1808
[Web] Fix duplicate IDs, fixes #1792
[Compose] Use SQL sockets
[PHP-FPM] Update APCu and Redis libs
[Dovecot] Encrypt maildir with global key pair in crypt-vol-1 (BACKUP!), also fixes #1791
[Web] Fix deletion of spam aliases
[Helper] Add "crypt" to backup script
[Helper] Override file for external SQL socket (not supported!)
[Compose] New images for Rspamd, PHP-FPM, SOGo, Dovecot, Docker API, Watchdog, ACME, Postfix
2018-09-29 22:01:23 +02:00

189 lines
7.7 KiB
PHP

<?php
function docker($action, $service_name = null, $attr1 = null, $attr2 = null, $extra_headers = null) {
global $DOCKER_TIMEOUT;
$curl = curl_init();
curl_setopt($curl, CURLOPT_HTTPHEADER,array('Content-Type: application/json' ));
// We are using our mail certificates for dockerapi, the names will not match, the certs are trusted anyway
curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0);
switch($action) {
case 'get_id':
curl_setopt($curl, CURLOPT_URL, 'https://dockerapi:443/containers/json');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POST, 0);
curl_setopt($curl, CURLOPT_TIMEOUT, $DOCKER_TIMEOUT);
$response = curl_exec($curl);
if ($response === false) {
$err = curl_error($curl);
curl_close($curl);
// logger(array('return' => array(
// 'type' => 'danger',
// 'log' => array(__FUNCTION__, $action, $service_name, $attr1, $attr2, $extra_headers),
// 'msg' => $err,
// )));
return $err;
}
else {
curl_close($curl);
// logger(array('return' => array(
// 'type' => 'success',
// 'log' => array(__FUNCTION__, $action, $service_name, $attr1, $attr2, $extra_headers),
// )));
$containers = json_decode($response, true);
if (!empty($containers)) {
foreach ($containers as $container) {
if ($container['Config']['Labels']['com.docker.compose.service'] == $service_name
&& $container['Config']['Labels']['com.docker.compose.project'] == getenv('COMPOSE_PROJECT_NAME')) {
return trim($container['Id']);
}
}
}
}
return false;
case 'containers':
curl_setopt($curl, CURLOPT_URL, 'https://dockerapi:443/containers/json');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POST, 0);
curl_setopt($curl, CURLOPT_TIMEOUT, $DOCKER_TIMEOUT);
$response = curl_exec($curl);
if ($response === false) {
$err = curl_error($curl);
curl_close($curl);
// logger(array('return' => array(
// 'type' => 'danger',
// 'log' => array(__FUNCTION__, $action, $service_name, $attr1, $attr2, $extra_headers),
// 'msg' => $err,
// )));
return $err;
}
else {
curl_close($curl);
// logger(array('return' => array(
// 'type' => 'success',
// 'log' => array(__FUNCTION__, $action, $service_name, $attr1, $attr2, $extra_headers),
// )));
$containers = json_decode($response, true);
if (!empty($containers)) {
foreach ($containers as $container) {
if ($container['Config']['Labels']['com.docker.compose.project'] == getenv('COMPOSE_PROJECT_NAME')) {
$out[$container['Config']['Labels']['com.docker.compose.service']]['State'] = $container['State'];
$out[$container['Config']['Labels']['com.docker.compose.service']]['Config'] = $container['Config'];
}
}
}
return (!empty($out)) ? $out : false;
}
return false;
break;
case 'info':
if (empty($service_name)) {
curl_setopt($curl, CURLOPT_URL, 'https://dockerapi:443/containers/json');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POST, 0);
curl_setopt($curl, CURLOPT_TIMEOUT, $DOCKER_TIMEOUT);
}
else {
$container_id = docker('get_id', $service_name);
if (ctype_xdigit($container_id)) {
curl_setopt($curl, CURLOPT_URL, 'https://dockerapi:443/containers/' . $container_id . '/json');
}
else {
// logger(array('return' => array(
// 'type' => 'danger',
// 'log' => array(__FUNCTION__, $action, $service_name, $attr1, $attr2, $extra_headers),
// 'msg' => 'invalid_container_id'
// )));
return false;
}
}
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_POST, 0);
curl_setopt($curl, CURLOPT_TIMEOUT, $DOCKER_TIMEOUT);
$response = curl_exec($curl);
if ($response === false) {
$err = curl_error($curl);
curl_close($curl);
// logger(array('return' => array(
// 'type' => 'danger',
// 'log' => array(__FUNCTION__, $action, $service_name, $attr1, $attr2, $extra_headers),
// 'msg' => $err,
// )));
return $err;
}
else {
curl_close($curl);
// logger(array('return' => array(
// 'type' => 'success',
// 'log' => array(__FUNCTION__, $action, $service_name, $attr1, $attr2, $extra_headers),
// )));
$decoded_response = json_decode($response, true);
if (!empty($decoded_response)) {
if (empty($service_name)) {
foreach ($decoded_response as $container) {
if ($container['Config']['Labels']['com.docker.compose.project'] == getenv('COMPOSE_PROJECT_NAME')) {
unset($container['Config']['Env']);
$out[$container['Config']['Labels']['com.docker.compose.service']]['State'] = $container['State'];
$out[$container['Config']['Labels']['com.docker.compose.service']]['Config'] = $container['Config'];
}
}
}
else {
if ($decoded_response['Config']['Labels']['com.docker.compose.project'] == getenv('COMPOSE_PROJECT_NAME')) {
unset($container['Config']['Env']);
$out[$decoded_response['Config']['Labels']['com.docker.compose.service']]['State'] = $decoded_response['State'];
$out[$decoded_response['Config']['Labels']['com.docker.compose.service']]['Config'] = $decoded_response['Config'];
}
}
}
if (empty($response)) {
return true;
}
else {
return (!empty($out)) ? $out : false;
}
}
break;
case 'post':
if (!empty($attr1)) {
$container_id = docker('get_id', $service_name);
if (ctype_xdigit($container_id) && ctype_alnum($attr1)) {
curl_setopt($curl, CURLOPT_URL, 'https://dockerapi:443/containers/' . $container_id . '/' . $attr1);
curl_setopt($curl, CURLOPT_POST, 1);
curl_setopt($curl, CURLOPT_TIMEOUT, $DOCKER_TIMEOUT);
if (!empty($attr2)) {
curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($attr2));
}
if (!empty($extra_headers) && is_array($extra_headers)) {
curl_setopt($curl, CURLOPT_HTTPHEADER, $extra_headers);
}
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec($curl);
if ($response === false) {
$err = curl_error($curl);
curl_close($curl);
// logger(array('return' => array(array(
// 'type' => 'danger',
// 'log' => array(__FUNCTION__, $action, $service_name, $attr1, $attr2, $extra_headers),
// 'msg' => $err,
// ))));
return $err;
}
else {
curl_close($curl);
// logger(array('return' => array(array(
// 'type' => 'success',
// 'log' => array(__FUNCTION__, $action, $service_name, $attr1, $attr2, $extra_headers),
// ))));
if (empty($response)) {
return true;
}
else {
return $response;
}
}
}
}
break;
}
}