From 79ef352369f08c71a700f6cc7bd03dc932e1e4d8 Mon Sep 17 00:00:00 2001 From: gitclonebrian <235774926+gitclonebrian@users.noreply.github.com> Date: Mon, 15 Dec 2025 14:36:03 -0500 Subject: [PATCH] [BRE-1009] Update Docker image purge logic to be more thorough (#440) * removed logic for excluding the setup image from being purged. all BW images will be removed when purging. * added certbot image cleanup logic to run.sh * added certbot image cleanup logic to run.ps1 * added missing rebuild line to parameter block --- run.ps1 | 36 +++++++++++++++++++++++++++--------- run.sh | 27 +++++++++++++++++++++++++-- 2 files changed, 52 insertions(+), 11 deletions(-) diff --git a/run.ps1 b/run.ps1 index a332f62..46b0e3d 100644 --- a/run.ps1 +++ b/run.ps1 @@ -12,7 +12,8 @@ param ( [switch] $uninstall, [switch] $renewcert, [switch] $updatedb, - [switch] $update + [switch] $update, + [switch] $rebuild ) # Setup @@ -69,6 +70,8 @@ function Install() { "certonly{0} --standalone --noninteractive --agree-tos --preferred-challenges http " + ` "--email ${email} -d ${domain} --logs-dir /etc/letsencrypt/logs" Invoke-Expression ($certbotExp -f $qFlag) + + Cleanup-Certbot } } @@ -141,8 +144,7 @@ function Create-Dir($str) { } function Docker-Prune { - docker image prune --all --force --filter="label=com.bitwarden.product=bitwarden" ` - --filter="label!=com.bitwarden.project=setup" + docker image prune --all --force --filter="label=com.bitwarden.product=bitwarden" } function Update-Lets-Encrypt { @@ -152,6 +154,8 @@ function Update-Lets-Encrypt { "-v ${outputDir}/letsencrypt:/etc/letsencrypt/ certbot/certbot " + ` "renew{0} --logs-dir /etc/letsencrypt/logs" -f $qFlag Invoke-Expression $certbotExp + + Cleanup-Certbot } } @@ -162,6 +166,8 @@ function Force-Update-Lets-Encrypt { "-v ${outputDir}/letsencrypt:/etc/letsencrypt/ certbot/certbot " + ` "renew{0} --logs-dir /etc/letsencrypt/logs --force-renew" -f $qFlag Invoke-Expression $certbotExp + + Cleanup-Certbot } } @@ -204,7 +210,6 @@ function Uninstall() { $uninstallAction = $( Read-Host "Are you sure you want to uninstall Bitwarden? (y/n)" ) } - if ($uninstallAction -eq "y") { Write-Host "uninstalling Bitwarden..." Docker-Compose-Down @@ -217,11 +222,13 @@ function Uninstall() { } Write-Host "(!) " -f red -nonewline - $purgeAction = $( Read-Host "Would you like to purge all local Bitwarden container images? (y/n)" ) + $purgeAction = $( Read-Host "Would you like to purge all local Bitwarden container images? (y/n)" ) - if ($purgeAction -eq "y") { - Docker-Prune - } + if ($purgeAction -eq "y") { + Docker-Prune + } + + Cleanup-Certbot } function Print-Environment { @@ -247,7 +254,6 @@ function Cert-Restart { Print-Environment } - function Pull-Setup { Invoke-Expression ("docker pull{0} ghcr.io/bitwarden/setup:${coreVersion}" -f "") #TODO: qFlag } @@ -258,6 +264,18 @@ function Write-Line($str) { } } +function Cleanup-Certbot { + # Check if the certbot image is being used by any containers + if ([string]::IsNullOrEmpty((docker ps -a --filter ancestor=certbot/certbot --quiet))) { + Write-Host "(!) " -f red -nonewline + $response = $( Read-Host "The [certbot/certbot] container image used by this script is no longer associated with any containers. Would you like to purge it? (y/N)" ) + + if ($response.ToLower() -eq 'y') { + docker image rm certbot/certbot + } + } +} + # Commands if ($install) { diff --git a/run.sh b/run.sh index 0fcc79f..7f41e87 100755 --- a/run.sh +++ b/run.sh @@ -85,10 +85,13 @@ function install() { echo "" mkdir -p $OUTPUT_DIR/letsencrypt + docker pull certbot/certbot docker run -it --rm --name certbot -p 80:80 -v $OUTPUT_DIR/letsencrypt:/etc/letsencrypt/ certbot/certbot \ certonly --standalone --noninteractive --agree-tos --preferred-challenges http \ --email $EMAIL -d $DOMAIN --logs-dir /etc/letsencrypt/logs + + certbotCleanup fi fi @@ -163,8 +166,7 @@ function createDir() { } function dockerPrune() { - docker image prune --all --force --filter="label=com.bitwarden.product=bitwarden" \ - --filter="label!=com.bitwarden.project=setup" + docker image prune --all --force --filter="label=com.bitwarden.product=bitwarden" } function updateLetsEncrypt() { @@ -174,6 +176,8 @@ function updateLetsEncrypt() { docker run -i --rm --name certbot -p 443:443 -p 80:80 \ -v $OUTPUT_DIR/letsencrypt:/etc/letsencrypt/ certbot/certbot \ renew --logs-dir /etc/letsencrypt/logs + + certbotCleanup fi } @@ -184,6 +188,8 @@ function forceUpdateLetsEncrypt() { docker run -i --rm --name certbot -p 443:443 -p 80:80 \ -v $OUTPUT_DIR/letsencrypt:/etc/letsencrypt/ certbot/certbot \ renew --logs-dir /etc/letsencrypt/logs --force-renew + + certbotCleanup fi } @@ -281,6 +287,8 @@ function uninstall() { dockerPrune echo -e -n "${CYAN}Bitwarden uninstall complete! ${NC}" fi + + certbotCleanup } function printEnvironment() { @@ -310,6 +318,21 @@ function pullSetup() { docker pull ghcr.io/bitwarden/setup:$COREVERSION } +function certbotCleanup() { + # Check if the certbot image is being used by any containers + if [[ -z $(docker ps -a --filter ancestor=certbot/certbot --quiet) ]] + then + echo -e -n "${RED}(!) The [certbot/certbot] container image used by this script is no longer associated with any containers. Would you like to purge it? (y/N): ${NC}" + read RESPONSE + RESPONSE=$(echo "$RESPONSE" | tr '[:upper:]' '[:lower:]') + + if [[ $RESPONSE == 'y' ]] + then + docker image rm certbot/certbot + fi + fi +} + # Commands case $1 in