108 displaying logs of a specific user by specifying time and date

.env.sample

@@ -42,4 +42,10 @@ OCSERV_DNS=8.8.8.8
 LANGUAGES=en:English,zh:中文,ru:Русский,fa:فارسی,ar:العربية
 
 # Supported Origin Requests
-ALLOW_ORIGINS="https://${HOST}:3443,http://${HOST}:3000"
+ALLOW_ORIGINS="https://${HOST}:3443,http://${HOST}:3000"
+
+POSTGRES_HOST=ocserv
+POSTGRES_PORT=5432
+POSTGRES_DB=ocserv
+POSTGRES_USER=ocserv
+POSTGRES_PASSWORD=ocserv

Dockerfile-Ocserv

@@ -9,6 +9,7 @@ ENV OCSERV_VERSION="${OCSERV_VERSION}"
 ENV CGO_ENABLED=1
 ENV GOOS=linux
 ENV GOARCH=amd64
+ENV DEBIAN_FRONTEND=noninteractive
 
 RUN mkdir /common
 
@@ -48,26 +49,32 @@ ENV PATH="/usr/local/sbin:$PATH"
 
 COPY scripts/ocserv_setup_docker.sh /setup.sh
 
-
 # Install dependencies
 # Install dependencies, run setup, cleanup
 RUN apt-get update && \
     apt-get install -y --no-install-recommends \
-        sudo \
-        ca-certificates \
-        procps \
-        gnutls-bin \
-        iptables \
-        openssl \
-        less \
-        dnsutils \
-        jq \
-        curl
-
-RUN chmod +x /setup.sh && \
-    bash /setup.sh && \
-    rm -f /setup.sh && \
-    apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+        # runtime deps
+        sudo ca-certificates procps gnutls-bin iptables \
+        openssl less dnsutils jq curl \
+        \
+        # build deps (needed for ocserv build)
+        build-essential meson ninja-build pkg-config git \
+        libgnutls28-dev libev-dev libreadline-dev libtasn1-bin \
+        libpam0g-dev liblz4-dev libseccomp-dev \
+        libnl-route-3-dev libkrb5-dev libradcli-dev \
+        libcurl4-gnutls-dev libcjose-dev libjansson-dev liboath-dev \
+        libprotobuf-c-dev libtalloc-dev libllhttp-dev protobuf-c-compiler \
+        gperf ipcalc
+
+# build ocserv service
+RUN chmod +x /setup.sh && bash /setup.sh
+
+# 🔥 remove build deps after install (important)
+RUN apt-get purge -y \
+        build-essential meson ninja-build pkg-config git protobuf-c-compiler gperf \
+    && apt-get autoremove -y \
+    \
+    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /setup.sh
 
 # Set working directory
 WORKDIR /usr/local/bin

docker-compose.yml

@@ -1,8 +1,27 @@
-networks:
-  shared-app:
-
-
 services:
+  postgres:
+    image: postgres:17
+    container_name: ocserv-postgres
+    restart: always
+    environment:
+      POSTGRES_USER: ${POSTGRES_USER:-postgres}
+      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-postgres}
+      POSTGRES_DB: ${POSTGRES_DB:-postgres}
+    volumes:
+      - /opt/ocserv_dashboard/docker_volumes/pg_db:/var/lib/postgresql/data
+    networks:
+      - shared-app
+    env_file:
+      - ./.env
+    ports:
+      - "127.0.0.1:5435:5432" # develop expose port
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"]
+      interval: 5s
+      timeout: 5s
+      retries: 10
+      start_period: 10s
+
   ocserv:
     build:
       context: .
@@ -19,13 +38,16 @@ services:
     devices:
       - /dev/net/tun:/dev/net/tun
     volumes:
+      - /opt/ocserv_dashboard/docker_volumes/db:/usr/local/bin/db  # deprecated
       - /opt/ocserv_dashboard/docker_volumes/ocserv:/etc/ocserv
-      - /opt/ocserv_dashboard/docker_volumes/db:/usr/local/bin/db
     ports:
       - ${OCSERV_PORT:-443}:443/tcp
       - ${OCSERV_PORT:-443}:443/udp
     networks:
       - shared-app
+    depends_on:
+      postgres:
+        condition: service_healthy
     restart: unless-stopped
     healthcheck:
       test: ["CMD", "curl", "-fsS", "http://127.0.0.1:8080/health"]
@@ -41,7 +63,6 @@ services:
       dockerfile: Dockerfile-Stream-Log
     container_name: log_stream
     volumes:
-      - /opt/ocserv_dashboard/docker_volumes/db:/app/db
       - /var/run/docker.sock:/var/run/docker.sock
     env_file:
       - ./.env
@@ -50,6 +71,8 @@ services:
     depends_on:
       ocserv:
         condition: service_healthy
+      postgres:
+        condition: service_healthy
     restart: unless-stopped
 
   user_expiry:
@@ -59,15 +82,16 @@ services:
       dockerfile: Dockerfile-User-Expiry
     container_name: user_expiry
     volumes:
-      - /opt/ocserv_dashboard/docker_volumes/db:/app/db
-      - /opt/ocserv_dashboard/docker_volumes/cron_journal:/app/cron_journal
+      - /opt/ocserv_dashboard/docker_volumes/cron_journal:/app/cron_journal # journal of user expiry .txt file
     env_file:
       - ./.env
     networks:
       - shared-app
     depends_on:
       ocserv:
         condition: service_healthy
+      postgres:
+        condition: service_healthy
     restart: unless-stopped
 
   web:
@@ -92,3 +116,5 @@ services:
         condition: service_healthy
     restart: unless-stopped
 
+networks:
+  shared-app:

scripts/ocserv_server.sh

@@ -9,6 +9,13 @@ DEBUG=${DEBUG:-0}  # Default to 0 if not set
 # shellcheck disable=SC2064
 trap "echo '[INFO] Caught SIGTERM, stopping...'; kill -TERM \$OCSERV_PID \$API_PID \$WEBHOOK_PID 2>/dev/null" SIGTERM SIGINT
 
+# -----------------------------
+# migrating database
+# -----------------------------
+echo "[INFO] Starting migrating database schemas..."
+api migrate
+
+
 # -----------------------------
 # Start API service as non-root user
 # -----------------------------

scripts/ocserv_setup_docker-make.sh

@@ -0,0 +1,92 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+export PATH="/usr/sbin:$PATH"
+
+PROJECT_ID=473862
+API_URL="https://gitlab.com/api/v4/projects/${PROJECT_ID}/releases"
+
+# Repo URL for downloading tarball
+REPO_URL="https://gitlab.com/openconnect/ocserv"
+
+# -------------------------
+# Get requested version
+# -------------------------
+OCSERV_VERSION="${1:-}"
+
+if [ -z "$OCSERV_VERSION" ]; then
+    echo "[INFO] No version specified. Fetching latest release..."
+    OCSERV_VERSION=$(curl -fsSL "$API_URL" \
+        | grep '"tag_name"' | head -n1 | cut -d'"' -f4)
+    if [ -z "$OCSERV_VERSION" ]; then
+        echo "[ERROR] Failed to fetch latest version from GitLab API"
+        exit 1
+    fi
+fi
+
+echo "[INFO] Installing ocserv version: $OCSERV_VERSION"
+
+# -------------------------
+# Install dependencies
+# -------------------------
+echo "[INFO] Installing build dependencies..."
+
+#apt-get update --allow-releaseinfo-change -y
+#apt-get update --allow-releaseinfo-change -y
+
+apt install -y \
+  build-essential autoconf automake libtool pkg-config \
+  libgnutls28-dev libev-dev libseccomp-dev \
+  libnl-3-dev libnl-route-3-dev gperf ipcalc \
+  libpam0g-dev liblz4-dev libprotobuf-c-dev protobuf-c-compiler \
+  libreadline-dev libtalloc-dev libhttp-parser-dev \
+  liboath-dev \
+  || { echo "[ERROR] Dependency installation failed"; exit 1; }
+
+echo "[INFO] Dependencies installed"
+
+# -------------------------
+# Download source using curl
+# -------------------------
+TARBALL="ocserv-${OCSERV_VERSION}.tar.gz"
+DOWNLOAD_URL="${REPO_URL}/-/archive/${OCSERV_VERSION}/${TARBALL}"
+
+echo "[INFO] Downloading ${DOWNLOAD_URL}..."
+curl -fSL --retry 3 --retry-delay 2 -o "${TARBALL}" "${DOWNLOAD_URL}" || { echo "[ERROR] Download failed"; exit 1; }
+
+echo "[INFO] Extracting source..."
+tar xf "${TARBALL}" || { echo "[ERROR] Extraction failed"; exit 1; }
+
+cd "ocserv-${OCSERV_VERSION}" || { echo "[ERROR] Source directory not found"; exit 1; }
+
+# -------------------------
+# Build
+# -------------------------
+echo "[INFO] Preparing build system..."
+autoreconf -fi || { echo "[ERROR] autoreconf failed"; exit 1; }
+
+echo "[INFO] Configuring build system..."
+./configure --prefix=/usr --bindir=/usr/bin || { echo "[ERROR] configure failed"; exit 1; }
+
+echo "[INFO] Compiling..."
+make -j"$(nproc)" || { echo "[ERROR] Build failed"; exit 1; }
+
+echo "[INFO] Installing..."
+make install || { echo "[ERROR] Install failed"; exit 1; }
+
+echo "[INFO] Build and installation complete"
+
+# -------------------------
+# Setup directories
+# -------------------------
+echo "[INFO] Creating required directories..."
+mkdir -p /etc/ocserv /var/lib/ocserv
+
+# -------------------------
+# Enable service (if systemd present)
+# -------------------------
+echo "[WARN] Systemd not detected. Skipping service enable/start. You can run ocserv manually."
+echo "[OK] ocserv ${OCSERV_VERSION} installed successfully (manual start mode)"
+echo "[INFO] Binary: /usr/local/sbin/ocserv"
+echo "[INFO] Config: /etc/ocserv/ocserv.conf"
+

scripts/ocserv_setup_docker.sh

@@ -1,91 +1,53 @@
 #!/usr/bin/env bash
-set -euo pipefail
+set -e
 
-export PATH="/usr/sbin:$PATH"
+INSTALL_PREFIX="/usr"
+SRC_DIR="/tmp/ocserv"
 
-PROJECT_ID=473862
-API_URL="https://gitlab.com/api/v4/projects/${PROJECT_ID}/releases"
+echo "[INFO] Preparing source directory..."
+rm -rf "$SRC_DIR"
+git clone --depth=1 https://gitlab.com/openconnect/ocserv.git "$SRC_DIR"
 
-# Repo URL for downloading tarball
-REPO_URL="https://gitlab.com/openconnect/ocserv"
+cd "$SRC_DIR"
 
-# -------------------------
-# Get requested version
-# -------------------------
-OCSERV_VERSION="${1:-}"
+echo "[INFO] Configuring build (Meson)..."
+meson setup build \
+    --prefix="$INSTALL_PREFIX" \
+    --sysconfdir=/etc
 
-if [ -z "$OCSERV_VERSION" ]; then
-    echo "[INFO] No version specified. Fetching latest release..."
-    OCSERV_VERSION=$(curl -fsSL "$API_URL" \
-        | grep '"tag_name"' | head -n1 | cut -d'"' -f4)
-    if [ -z "$OCSERV_VERSION" ]; then
-        echo "[ERROR] Failed to fetch latest version from GitLab API"
-        exit 1
-    fi
-fi
+echo "[INFO] Compiling..."
+meson compile -C build -j"$(nproc)"
 
-echo "[INFO] Installing ocserv version: $OCSERV_VERSION"
+echo "[INFO] Installing..."
+meson install -C build
 
 # -------------------------
-# Install dependencies
+# Cleanup build artifacts (IMPORTANT for Docker)
 # -------------------------
-echo "[INFO] Installing build dependencies..."
-
-apt-get update --allow-releaseinfo-change -y
-
-apt install -y \
-  build-essential autoconf automake libtool pkg-config \
-  libgnutls28-dev libev-dev libseccomp-dev \
-  libnl-3-dev libnl-route-3-dev gperf ipcalc \
-  libpam0g-dev liblz4-dev libprotobuf-c-dev protobuf-c-compiler \
-  libreadline-dev libtalloc-dev libhttp-parser-dev \
-  liboath-dev \
-  || { echo "[ERROR] Dependency installation failed"; exit 1; }
-
-echo "[INFO] Dependencies installed"
+echo "[INFO] Cleaning build files..."
+cd /
+rm -rf "$SRC_DIR"
 
 # -------------------------
-# Download source using curl
+# Minimal runtime setup
 # -------------------------
-TARBALL="ocserv-${OCSERV_VERSION}.tar.gz"
-DOWNLOAD_URL="${REPO_URL}/-/archive/${OCSERV_VERSION}/${TARBALL}"
-
-echo "[INFO] Downloading ${DOWNLOAD_URL}..."
-curl -fSL --retry 3 --retry-delay 2 -o "${TARBALL}" "${DOWNLOAD_URL}" || { echo "[ERROR] Download failed"; exit 1; }
+echo "[INFO] Creating runtime dirs..."
+mkdir -p /etc/ocserv /var/run/ocserv
 
-echo "[INFO] Extracting source..."
-tar xf "${TARBALL}" || { echo "[ERROR] Extraction failed"; exit 1; }
+echo "[INFO] Adding ocserv user..."
+id -u ocserv &>/dev/null || useradd -r -s /usr/sbin/nologin ocserv
 
-cd "ocserv-${OCSERV_VERSION}" || { echo "[ERROR] Source directory not found"; exit 1; }
-
-# -------------------------
-# Build
-# -------------------------
-echo "[INFO] Preparing build system..."
-autoreconf -fi || { echo "[ERROR] autoreconf failed"; exit 1; }
-
-echo "[INFO] Configuring build system..."
-./configure --prefix=/usr --bindir=/usr/bin || { echo "[ERROR] configure failed"; exit 1; }
-
-echo "[INFO] Compiling..."
-make -j"$(nproc)" || { echo "[ERROR] Build failed"; exit 1; }
-
-echo "[INFO] Installing..."
-make install || { echo "[ERROR] Install failed"; exit 1; }
-
-echo "[INFO] Build and installation complete"
-
-# -------------------------
-# Setup directories
-# -------------------------
-echo "[INFO] Creating required directories..."
-mkdir -p /etc/ocserv /var/lib/ocserv
+echo "[INFO] Copying default config..."
+if [ -f /usr/share/doc/ocserv/examples/sample.config ] || [ -f doc/sample.config ]; then
+    cp doc/sample.config /etc/ocserv/ocserv.conf 2>/dev/null || true
+fi
 
 # -------------------------
-# Enable service (if systemd present)
+# Optional: shrink binary
 # -------------------------
-echo "[WARN] Systemd not detected. Skipping service enable/start. You can run ocserv manually."
-echo "[OK] ocserv ${OCSERV_VERSION} installed successfully (manual start mode)"
-echo "[INFO] Binary: /usr/local/sbin/ocserv"
-echo "[INFO] Config: /etc/ocserv/ocserv.conf"
+if command -v strip &>/dev/null; then
+    echo "[INFO] Stripping binary..."
+    strip /usr/sbin/ocserv || true
+fi
 
+echo "[INFO] Done."