Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Individual docker scripts #1329

Open
wants to merge 4 commits into
base: release_February_2025
Choose a base branch
from
+525 −0
Open

Individual docker scripts #1329

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
7b7fed8
added initial versions of scripts to support generating docker scripts
nedvedba Aug 1, 2024
533317f
Merge remote-tracking branch 'origin/release_February_2025' into indi…
nedvedba Feb 24, 2025
293bef8
updated container scripts
nedvedba Feb 24, 2025
c0c4102
added changes based on feedback
nedvedba Feb 26, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 10 additions & 0 deletions scripts/generate_datafed.sh
View file
Original file line number Diff line number Diff line change
@@ -58,6 +58,14 @@ else
local_DATAFED_DATABASE_HOST=$(printenv DATAFED_DATABASE_HOST)
fi

local_DATAFED_DATABASE_PORT=""
if [[ -z "$DATAFED_DATABASE_PORT" ]]
then
# Empty
local_DATAFED_DATABASE_PORT="8529"
else
local_DATAFED_DATABASE_PORT=$(printenv DATAFED_DATABASE_PORT)
fi

local_DATAFED_ZEROMQ_SESSION_SECRET=""
if [ -z "${DATAFED_ZEROMQ_SESSION_SECRET}" ]
@@ -275,6 +283,8 @@ export DATAFED_DATABASE_PASSWORD="$local_DATAFED_DATABASE_PASSWORD"
# Host of the metadata database, can be a domain name
# or an IP address.
export DATAFED_DATABASE_HOST="$local_DATAFED_DATABASE_HOST"
# i.e. 8529 - Arango port
export DATAFED_DATABASE_PORT="$local_DATAFED_DATABASE_PORT"
# The user account the datafed core application will run under
export DATAFED_CORE_USER="$local_DATAFED_CORE_USER"

290 changes: 290 additions & 0 deletions scripts/generate_metadata_container_scripts.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,290 @@
#!/bin/bash

# Cannot run with -u because we check for unbound variables
# and the script will exit prematurely if '-u' is set
set -ef -o pipefail

SCRIPT=$(realpath "$0")
FILE_NAME=$(basename "${SCRIPT}")
SOURCE=$(dirname "$SCRIPT")
PROJECT_ROOT=$(realpath "${SOURCE}/..")
source "${PROJECT_ROOT}/config/datafed.sh"

VERSION="1.0.0"
echo "$FILE_NAME $VERSION"

Help()
{
echo "$(basename $0) Will set up the docker container scripts for the metadata server"
echo
echo "Syntax: $(basename $0) [-h|t|b]"
echo "options:"
echo "-h, --help Print this help message."
echo "-t, --docker-tag The tag on Savannah that the currently released containers are under"
echo "-b, --backup-directory The backup directory that will be mounted into the database container at /backups"
echo
}

local_DOCKER_TAG=""
local_BACKUP_DIRECTORY=""

if [ -z "${DATAFED_DOCKER_TAG}" ]
then
local_DOCKER_TAG=""
else
local_DOCKER_TAG=$(printenv DATAFED_DOCKER_TAG)
fi

VALID_ARGS=$(getopt -o ht:b: --long 'help',docker-tag:,backup-directory: -- "$@")
if [[ $? -ne 0 ]]; then
exit 1;
fi
eval set -- "$VALID_ARGS"
while [ : ]; do
case "$1" in
-h | --help)
Help
exit 0
;;
-t | --docker-tag)
local_DOCKER_TAG=$2
shift 2
;;
-b | --backup-directory)
local_BACKUP_DIRECTORY=$2
shift 2
;;
--) shift;
break
;;
\?) # incorrect option
echo "Error: Invalid option"
exit;;
esac
done

ERROR_DETECTED=0

if [ -z "$local_DOCKER_TAG" ]
then
echo "Error DOCKER_TAG is not defined, this is a required argument"
echo " This variable can be set using the command line option -t, --docker-tag"
echo " or with the environment variable DATAFED_DOCKER_TAG."
ERROR_DETECTED=1
fi

if [ -z "$local_BACKUP_DIRECTORY" ]
then
echo "Error BACKUP_DIRECTORY is not defined, this is a required argument"
echo " This variable can be set using the command line option -b, --backup-directory"
ERROR_DETECTED=1
fi

if [ "$ERROR_DETECTED" == "1" ]
then
exit 1
fi

CREATE_DATAFED_NETWORK_SCRIPT="$DATAFED_INSTALL_PATH/scripts/create_datafed_network.sh"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not necessary for this PR but I think it would be nice to have a mapping of what environment variables are used in which files, and where they should be defined. It's sometimes difficult to search around the codebase for the definition/default.

RUN_ARANGO_SCRIPT="$DATAFED_INSTALL_PATH/scripts/run_arango_container.sh"
STOP_ARANGO_SCRIPT="$DATAFED_INSTALL_PATH/scripts/stop_arango_container.sh"
REMOVE_ARANGO_SCRIPT="$DATAFED_INSTALL_PATH/scripts/remove_arango_container.sh"
RUN_CORE_SCRIPT="$DATAFED_INSTALL_PATH/scripts/run_core_container.sh"
STOP_CORE_SCRIPT="$DATAFED_INSTALL_PATH/scripts/stop_core_container.sh"
REMOVE_CORE_SCRIPT="$DATAFED_INSTALL_PATH/scripts/remove_core_container.sh"
RUN_WEB_SCRIPT="$DATAFED_INSTALL_PATH/scripts/run_web_container.sh"
STOP_WEB_SCRIPT="$DATAFED_INSTALL_PATH/scripts/stop_web_container.sh"
REMOVE_WEB_SCRIPT="$DATAFED_INSTALL_PATH/scripts/remove_web_container.sh"
RUN_NGINX_SCRIPT="$DATAFED_INSTALL_PATH/scripts/run_nginx_container.sh"
STOP_NGINX_SCRIPT="$DATAFED_INSTALL_PATH/scripts/stop_nginx_container.sh"
REMOVE_NGINX_SCRIPT="$DATAFED_INSTALL_PATH/scripts/remove_nginx_container.sh"

local_DOCKER_TAG_WEB_SAFE=$(echo $local_DOCKER_TAG | sed 's/\./_/g')

cat << EOF > "$CREATE_DATAFED_NETWORK_SCRIPT"
#!/bin/bash

docker network create datafed-network
EOF

cat << EOF > "$RUN_ARANGO_SCRIPT"
#!/bin/bash

CONFIG_FILE_PATH="\$DATAFED_INSTALL_PATH/config/datafed.sh"
source "\${CONFIG_FILE_PATH}"

docker run -d \\
--restart=always \\
--name arangodb \\
--log-driver=json-file \\
--log-opt max-size=10m \\
--log-opt max-file=3 \\
-e ARANGO_ROOT_PASSWORD="\$DATAFED_DATABASE_PASSWORD" \\
-e LANG="en_US" \\
--network datafed-network \\
-p 8529:8529 \\
-v arangodb_data:/var/lib/arangodb3:Z \\
-v "$local_BACKUP_DIRECTORY:/backups" \\
-t "arangodb/enterprise:3.12"
EOF

cat << EOF > "$STOP_ARANGO_SCRIPT"
#!/bin/bash

docker container stop arangodb
EOF

cat << EOF > "$REMOVE_ARANGO_SCRIPT"
#!/bin/bash

docker container stop arangodb
docker container rm arangodb
EOF

cat << EOF > "$RUN_CORE_SCRIPT"
#!/bin/bash

CONFIG_FILE_PATH="\$DATAFED_INSTALL_PATH/config/datafed.sh"
source "\${CONFIG_FILE_PATH}"

USER_ID=\$(id -u)

docker run -d \\
--restart=always \\
--name datafed-core-$local_DOCKER_TAG \\
--log-driver=json-file \\
--log-opt max-size=10m \\
--log-opt max-file=3 \\
-e DATAFED_GLOBUS_APP_SECRET="\$DATAFED_GLOBUS_APP_SECRET" \\
-e DATAFED_GLOBUS_APP_ID="\$DATAFED_GLOBUS_APP_ID" \\
-e DATAFED_ZEROMQ_SESSION_SECRET="\$DATAFED_ZEROMQ_SESSION_SECRET" \\
-e DATAFED_ZEROMQ_SYSTEM_SECRET="\$DATAFED_ZEROMQ_SYSTEM_SECRET" \\
-e DATAFED_DOMAIN="\$DATAFED_DOMAIN" \\
-e DATAFED_DATABASE_PASSWORD="\$DATAFED_DATABASE_PASSWORD" \\
-e DATAFED_DATABASE_IP_ADDRESS_PORT="http://\$DATAFED_DATABASE_HOST:\$DATAFED_DATABASE_PORT" \\
-e DATAFED_DEFAULT_LOG_PATH="/datafed/logs" \\
-e DATAFED_CORE_ADDRESS_PORT_INTERNAL="\$DATAFED_CORE_ADDRESS_PORT_INTERNAL" \\
-e DATAFED_CORE_CLIENT_THREADS="24" \\
-e DATAFED_CORE_TASK_THREADS="24" \\
-e UID="\$USER_ID" \\
--network datafed-network \\
-p 7513:7513 \\
-p 7512:7512 \\
-v "\$DATAFED_INSTALL_PATH/logs:/datafed/logs" \\
-v "\$DATAFED_INSTALL_PATH/keys/datafed-core-key.pub:/opt/datafed/keys/datafed-core-key.pub" \\
-v "\$DATAFED_INSTALL_PATH/keys/datafed-core-key.priv:/opt/datafed/keys/datafed-core-key.priv" \\
-t "datafed/core:$local_DOCKER_TAG"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggestion (bug_risk): Consider sanitizing the docker tag for container names.

The web container uses a sanitized variable while core, for example, uses the raw docker tag. If DATAFED_DOCKER_TAG contains unexpected characters, it might cause naming issues.

EOF

cat << EOF > "$STOP_CORE_SCRIPT"
#!/bin/bash

docker container stop datafed-core-$local_DOCKER_TAG
EOF

cat << EOF > "$REMOVE_CORE_SCRIPT"
#!/bin/bash

docker container stop datafed-core-$local_DOCKER_TAG
docker container rm datafed-core-$local_DOCKER_TAG
EOF

cat << EOF > "$RUN_WEB_SCRIPT"
#!/bin/bash

CONFIG_FILE_PATH="\$DATAFED_INSTALL_PATH/config/datafed.sh"
source "\$CONFIG_FILE_PATH"

USER_ID=\$(id -u)

docker run -d \\
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is the use case for having these scripts over using compose and breaking apart services?

--restart=always \\
--name datafed-web-$local_DOCKER_TAG_WEB_SAFE \\
--log-driver=json-file \\
--log-opt max-size=10m \\
--log-opt max-file=3 \\
-e DATAFED_GLOBUS_APP_SECRET="\$DATAFED_GLOBUS_APP_SECRET" \\
-e DATAFED_GLOBUS_APP_ID="\$DATAFED_GLOBUS_APP_ID" \\
-e DATAFED_ZEROMQ_SESSION_SECRET="\$DATAFED_ZEROMQ_SESSION_SECRET" \\
-e DATAFED_ZEROMQ_SYSTEM_SECRET="\$DATAFED_ZEROMQ_SYSTEM_SECRET" \\
-e DATAFED_DOMAIN="\$DATAFED_DOMAIN" \\
-e DATAFED_WEB_CERT_PATH="\$DATAFED_WEB_CERT_PATH" \\
-e DATAFED_WEB_KEY_PATH="\$DATAFED_WEB_KEY_PATH" \\
-e DATAFED_DEFAULT_LOG_PATH="/datafed/logs" \\
-e DATAFED_CORE_ADDRESS_PORT_INTERNAL="\$DATAFED_CORE_ADDRESS_PORT_INTERNAL" \\
-e DATAFED_GOOGLE_ANALYTICS_TAG="\$DATAFED_GOOGLE_ANALYTICS_TAG" \\
-e UID="\$USER_ID" \\
--network datafed-network \\
-v "\$DATAFED_INSTALL_PATH/logs:/datafed/logs" \\
-v "\$DATAFED_INSTALL_PATH/keys/datafed-core-key.pub:/opt/datafed/keys/datafed-core-key.pub" \\
-v "\$DATAFED_WEB_CERT_PATH:\$DATAFED_WEB_CERT_PATH" \\
-v "\$DATAFED_WEB_KEY_PATH:\$DATAFED_WEB_KEY_PATH" \\
-t "datafed/web:$local_DOCKER_TAG"
EOF

cat << EOF > "$STOP_WEB_SCRIPT"
#!/bin/bash

docker container stop datafed-web-$local_DOCKER_TAG_WEB_SAFE
EOF

cat << EOF > "$REMOVE_WEB_SCRIPT"
#!/bin/bash

docker container stop datafed-web-$local_DOCKER_TAG_WEB_SAFE
docker container rm datafed-web-$local_DOCKER_TAG_WEB_SAFE
EOF

cat << EOF > "$RUN_NGINX_SCRIPT"
#!/bin/bash

CONFIG_FILE_PATH="\$DATAFED_INSTALL_PATH/config/datafed.sh"
source "\$CONFIG_FILE_PATH"

docker run -d \\
--restart=always \\
--name datafed-nginx \\
--network datafed-network \\
--log-driver=json-file \\
--log-opt max-size=10m \\
--log-opt max-file=3 \\
-p 443:443 \\
-p 80:80 \\
-v "\$DATAFED_INSTALL_PATH/nginx/nginx.conf:/etc/nginx/conf.d/default.conf" \\
-v "\$DATAFED_INSTALL_PATH/nginx/sites-enabled:/etc/nginx/sites-enabled" \\
-v "\$DATAFED_INSTALL_PATH/nginx/www:/www" \\
-v "\$DATAFED_INSTALL_PATH/keys/datafed.ornl.gov.crt:/etc/nginx/certs/datafed.ornl.gov.crt" \\
-v "\$DATAFED_INSTALL_PATH/keys/datafed.ornl.gov.key:/etc/nginx/certs/datafed.ornl.gov.key" \\
nginx:latest
EOF

cat << EOF > "$STOP_NGINX_SCRIPT"
#!/bin/bash

docker container stop datafed-nginx
EOF

cat << EOF > "$REMOVE_NGINX_SCRIPT"
#!/bin/bash

docker container stop datafed-nginx
docker container rm datafed-nginx
EOF

chmod +x "$CREATE_DATAFED_NETWORK_SCRIPT"

chmod +x "$RUN_ARANGO_SCRIPT"
chmod +x "$STOP_ARANGO_SCRIPT"
chmod +x "$REMOVE_ARANGO_SCRIPT"

chmod +x "$RUN_CORE_SCRIPT"
chmod +x "$STOP_CORE_SCRIPT"
chmod +x "$REMOVE_CORE_SCRIPT"

chmod +x "$RUN_WEB_SCRIPT"
chmod +x "$STOP_WEB_SCRIPT"
chmod +x "$REMOVE_WEB_SCRIPT"

chmod +x "$RUN_NGINX_SCRIPT"
chmod +x "$STOP_NGINX_SCRIPT"
chmod +x "$REMOVE_NGINX_SCRIPT"
225 changes: 225 additions & 0 deletions scripts/generate_repo_container_scripts.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,225 @@
#!/bin/bash

# Cannot run with -u because we check for unbound variables
# and the script will exit prematurely if '-u' is set
set -ef -o pipefail

SCRIPT=$(realpath "$0")
FILE_NAME=$(basename "${SCRIPT}")
SOURCE=$(dirname "$SCRIPT")
PROJECT_ROOT=$(realpath "${SOURCE}/..")
source "${PROJECT_ROOT}/config/datafed.sh"

VERSION="1.0.0"
echo "$FILE_NAME $VERSION"

Help()
{
echo "$(basename $0) Will set up the docker container scripts for the repository server"
echo
echo "Syntax: $(basename $0) [-h|t|v|i|d]"
echo "options:"
echo "-h, --help Print this help message."
echo "-t, --docker-tag The tag on Savannah that the currently released containers are under"
echo "-v, --repo-volume-mounts The extra volumes mounts to add to the repository server, comma separated"
echo "-i, --ip-address The public ip address of the host that the GCS container is running on"
echo "-d, --repo-domain The publicly accessible domain of the server that the host is running on"
echo
}

local_DOCKER_TAG=""
local_IP_ADDRESS=""
local_REPO_DOMAIN=""
local_REPO_VOLUME_MOUNTS=""

if [ -z "${DATAFED_DOCKER_TAG}" ]
then
local_DOCKER_TAG=""
else
local_DOCKER_TAG=$(printenv DATAFED_DOCKER_TAG)
fi

VALID_ARGS=$(getopt -o ht:v:i:d: --long 'help',docker-tag:,repo-volume-mounts:,ip-address:,repo-domain: -- "$@")
if [[ $? -ne 0 ]]; then
exit 1;
fi
eval set -- "$VALID_ARGS"
while [ : ]; do
case "$1" in
-h | --help)
Help
exit 0
;;
-t | --docker-tag)
local_DOCKER_TAG=$2
shift 2
;;
-v | --repo-volume-mounts)
local_REPO_VOLUME_MOUNTS=$2
shift 2
;;
-i | --ip-address)
local_IP_ADDRESS=$2
shift 2
;;
-d | --repo-domain)
local_REPO_DOMAIN=$2
shift 2
;;
--) shift;
break
;;
\?) # incorrect option
echo "Error: Invalid option"
exit;;
esac
done

ERROR_DETECTED=0
if [ -z "$local_DOCKER_TAG" ]
then
echo "Error DOCKER_TAG is not defined, this is a required argument"
echo " This variable can be set using the command line option -t, --docker-tag"
echo " or with the environment variable DATAFED_DOCKER_TAG."
ERROR_DETECTED=1
fi

if [ -z "$local_IP_ADDRESS" ]
then
echo "Error IP_ADDRESS is not defined, this is a required argument"
echo " This variable can be set using the command line option -i, --ip-address"
ERROR_DETECTED=1
fi

if [ -z "$local_REPO_DOMAIN" ]
then
echo "Error REPO_DOMAIN is not defined, this is a required argument"
echo " This variable can be set using the command line option -d, --repo-domain"
ERROR_DETECTED=1
fi

if [ "$ERROR_DETECTED" == "1" ]
then
exit 1
fi

RUN_REPO_SCRIPT="$DATAFED_INSTALL_PATH/scripts/run_repo_container.sh"
STOP_REPO_SCRIPT="$DATAFED_INSTALL_PATH/scripts/stop_repo_container.sh"
REMOVE_REPO_SCRIPT="$DATAFED_INSTALL_PATH/scripts/remove_repo_container.sh"
RUN_GCS_SCRIPT="$DATAFED_INSTALL_PATH/scripts/run_gcs_container.sh"
STOP_GCS_SCRIPT="$DATAFED_INSTALL_PATH/scripts/stop_gcs_container.sh"
REMOVE_GCS_SCRIPT="$DATAFED_INSTALL_PATH/scripts/remove_gcs_container.sh"

IFS=',' read -ra local_REPO_VOLUME_MOUNTS <<< "$local_REPO_VOLUME_MOUNTS"
local_REPO_VOLUME_MOUNTS_EXPANDED=""
for volume_mount in "${local_REPO_VOLUME_MOUNTS[@]}"; do
local_REPO_VOLUME_MOUNTS_EXPANDED+="-v \"$volume_mount\" "
Comment on lines +113 to +116
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggestion (bug_risk): Review the method used for quoting volume mount strings.

Assembling the volume mount flags by embedding literal quotes might lead to issues if a mount value contains spaces or special characters. Consider accumulating these in an array and joining them carefully when generating the docker command.

Suggested implementation:

IFS=',' read -ra local_REPO_VOLUME_MOUNTS <<< "$local_REPO_VOLUME_MOUNTS"
local_REPO_VOLUME_MOUNTS_FLAGS=()
for volume_mount in "${local_REPO_VOLUME_MOUNTS[@]}"; do
  local_REPO_VOLUME_MOUNTS_FLAGS+=( "-v" "$volume_mount" )
done

Any subsequent sections of the script that currently reference "local_REPO_VOLUME_MOUNTS_EXPANDED" should be updated to use the new array "local_REPO_VOLUME_MOUNTS_FLAGS". For example, when constructing the docker command, make sure to expand the array using "${local_REPO_VOLUME_MOUNTS_FLAGS[@]}".

done

cat << EOF > "$RUN_REPO_SCRIPT"
#!/bin/bash
CONFIG_FILE_PATH="\$DATAFED_INSTALL_PATH/config/datafed.sh"
source "\${CONFIG_FILE_PATH}"
USER_ID=\$(id -u)
docker run -d \\
--restart=always \\
--name "datafed-repo-$local_DOCKER_TAG" \\
--log-driver=json-file \\
--log-opt max-size=10m \\
--log-opt max-file=3 \\
-e DATAFED_GLOBUS_APP_SECRET="\$DATAFED_GLOBUS_APP_SECRET" \\
-e DATAFED_GLOBUS_APP_ID="\$DATAFED_GLOBUS_APP_ID" \\
-e DATAFED_ZEROMQ_SESSION_SECRET="\$DATAFED_ZEROMQ_SESSION_SECRET" \\
-e DATAFED_ZEROMQ_SYSTEM_SECRET="\$DATAFED_ZEROMQ_SYSTEM_SECRET" \\
-e DATAFED_HTTPS_SERVER_PORT="443" \\
-e DATAFED_DOMAIN="\$DATAFED_DOMAIN" \\
-e DATAFED_CORE_ADDRESS_PORT_INTERNAL="\$DATAFED_DOMAIN:7513" \\
-e DATAFED_DEFAULT_LOG_PATH="\$DATAFED_DEFAULT_LOG_PATH" \\
-e DATAFED_GCS_BASE_PATH="\$DATAFED_GCS_COLLECTION_BASE_PATH" \\
-e DATAFED_GCS_COLLECTION_BASE_PATH="\$DATAFED_GCS_COLLECTION_BASE_PATH" \\
-e DATAFED_GCS_COLLECTION_ROOT_PATH="\$DATAFED_GCS_COLLECTION_ROOT_PATH" \\
-e UID="\$USER_ID" \\
-p 9000:9000 \\
-v "\$DATAFED_INSTALL_PATH/logs:/datafed/logs" \\
$local_REPO_VOLUME_MOUNTS_EXPANDED \\
-v "\$DATAFED_INSTALL_PATH/keys/datafed-repo-key.pub:/opt/datafed/keys/datafed-repo-key.pub" \\
-v "\$DATAFED_INSTALL_PATH/keys/datafed-repo-key.priv:/opt/datafed/keys/datafed-repo-key.priv" \\
-t "datafed/repo:$local_DOCKER_TAG"
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggestion: Apply consistent sanitization to the docker tag for container naming.

Containers such as the repository container use the raw docker tag. Consistency in sanitizing the tag (as done for the web container) can help avoid potential issues with invalid container names.

EOF

cat << EOF > "$STOP_REPO_SCRIPT"
#!/bin/bash
docker container stop datafed-repo-$local_DOCKER_TAG
EOF

cat << EOF > "$REMOVE_REPO_SCRIPT"
#!/bin/bash
docker container stop datafed-repo-$local_DOCKER_TAG
docker container rm datafed-repo-$local_DOCKER_TAG
EOF

cat << EOF > "$RUN_GCS_SCRIPT"
#!/bin/bash
CONFIG_FILE_PATH="\$DATAFED_INSTALL_PATH/config/datafed.sh"
source "\${CONFIG_FILE_PATH}"
USER_ID=\$(id -u)
docker run -d \\
--restart=always \\
--name "datafed-gcs-$local_DOCKER_TAG" \\
-e DATAFED_GLOBUS_APP_SECRET="\$DATAFED_GLOBUS_APP_SECRET" \\
-e DATAFED_GLOBUS_APP_ID="\$DATAFED_GLOBUS_APP_ID" \\
-e DATAFED_ZEROMQ_SESSION_SECRET="\$DATAFED_ZEROMQ_SESSION_SECRET" \\
-e DATAFED_ZEROMQ_SYSTEM_SECRET="\$DATAFED_ZEROMQ_SYSTEM_SECRET" \\
-e DATAFED_HTTPS_SERVER_PORT="443" \\
-e DATAFED_DOMAIN="\$DATAFED_DOMAIN" \\
-e DATAFED_CORE_ADDRESS_PORT_INTERNAL="\$DATAFED_DOMAIN:7513" \\
-e DATAFED_DEFAULT_LOG_PATH="\$DATAFED_DEFAULT_LOG_PATH" \\
-e DATAFED_GCS_COLLECTION_BASE_PATH="\$DATAFED_GCS_COLLECTION_BASE_PATH" \\
-e DATAFED_GCS_COLLECTION_ROOT_PATH="\$DATAFED_GCS_COLLECTION_ROOT_PATH" \\
-e DATAFED_GCS_ROOT_NAME="\$DATAFED_GCS_ROOT_NAME" \\
-e DATAFED_GLOBUS_SUBSCRIPTION="\$DATAFED_GLOBUS_SUBSCRIPTION" \\
-e DATAFED_GLOBUS_CONTROL_PORT="\$DATAFED_GLOBUS_CONTROL_PORT" \\
-e DATAFED_REPO_USER="datafed" \\
-e DATAFED_AUTHZ_USER="datafed" \\
-e BUILD_WITH_METADATA_SERVICES="FALSE" \\
-e DATAFED_REPO_ID_AND_DIR="\$DATAFED_REPO_ID_AND_DIR" \\
-e DATAFED_GCS_IP="$local_IP_ADDRESS" \\
-e DATAFED_REPO_DOMAIN="$local_REPO_DOMAIN" \\
-e UID="\$USER_ID" \\
--network=host \\
-v "\$DATAFED_INSTALL_PATH/logs:/datafed/logs" \\
$local_REPO_VOLUME_MOUNTS_EXPANDED \\
-v "\$DATAFED_INSTALL_PATH/globus:/opt/datafed/globus" \\
-v "\$DATAFED_INSTALL_PATH/keys/datafed-repo-key.pub:/opt/datafed/keys/datafed-repo-key.pub" \\
-v "\$DATAFED_INSTALL_PATH/keys/datafed-repo-key.priv:/opt/datafed/keys/datafed-repo-key.priv" \\
-t "datafed/gcs:$local_DOCKER_TAG"
EOF

cat << EOF > "$STOP_GCS_SCRIPT"
#!/bin/bash
docker container stop datafed-gcs-$local_DOCKER_TAG
EOF

cat << EOF > "$REMOVE_GCS_SCRIPT"
#!/bin/bash
docker container stop datafed-gcs-$local_DOCKER_TAG
docker container rm datafed-gcs-$local_DOCKER_TAG
EOF

chmod +x "$RUN_REPO_SCRIPT"
chmod +x "$STOP_REPO_SCRIPT"
chmod +x "$REMOVE_REPO_SCRIPT"

chmod +x "$RUN_GCS_SCRIPT"
chmod +x "$STOP_GCS_SCRIPT"
chmod +x "$REMOVE_GCS_SCRIPT"