/
Dockerfile
127 lines (98 loc) · 5.15 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
# Copyright (c) 2001-2019 Convertigo SA.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU Affero General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program; if not, see<http://www.gnu.org/licenses/>.
FROM tomcat:7-jdk8-openjdk-slim
MAINTAINER Nicolas Albert nicolasa@convertigo.com
## force SWT to use GTK2 instead of GTK3 (no Xulrunner support)
ENV SWT_GTK3 0
ENV CATALINA_HOME /usr/local/tomcat
RUN mkdir -p "$CATALINA_HOME"
WORKDIR $CATALINA_HOME
RUN apt-get update -y \
&& apt-get install -y --no-install-recommends \
ca-certificates \
curl \
dirmngr \
gnupg \
unzip \
&& rm -rf /var/lib/apt/lists/*
## grab gosu for easy step-down from root and tini for signal handling
ENV GOSU_VERSION 1.11
ENV GOSU_GPG_KEYS B42F6819007F00F88E364FD4036A9C25BF357DD4
ENV TINI_VERSION 0.18.0
ENV TINI_GPG_KEYS 6380DC428747F6C393FEACA59A84159D7001A4E5
RUN export GNUPGHOME="$(mktemp -d)" \
&& ( gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$GOSU_GPG_KEYS" \
|| gpg --batch --keyserver pgp.mit.edu --recv-keys "$GOSU_GPG_KEYS" \
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$GOSU_GPG_KEYS" \
|| gpg --batch --keyserver keyserver.pgp.com --recv-keys "$GOSU_GPG_KEYS" ) \
&& curl -o /usr/local/bin/gosu -fSL "https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-$(dpkg --print-architecture)" \
&& curl -o /usr/local/bin/gosu.asc -fSL "https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-$(dpkg --print-architecture).asc" \
&& gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \
&& rm /usr/local/bin/gosu.asc \
&& chmod +x /usr/local/bin/gosu \
&& ( gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$TINI_GPG_KEYS" \
|| gpg --batch --keyserver pgp.mit.edu --recv-keys "$TINI_GPG_KEYS" \
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$TINI_GPG_KEYS" \
|| gpg --batch --keyserver keyserver.pgp.com --recv-keys "$TINI_GPG_KEYS" ) \
&& curl -o /usr/local/bin/tini -fSL "https://github.com/krallin/tini/releases/download/v${TINI_VERSION}/tini-$(dpkg --print-architecture)" \
&& curl -o /usr/local/bin/tini.asc -fSL "https://github.com/krallin/tini/releases/download/v${TINI_VERSION}/tini-$(dpkg --print-architecture).asc" \
&& gpg --batch --verify /usr/local/bin/tini.asc /usr/local/bin/tini \
&& rm /usr/local/bin/tini.asc \
&& chmod +x /usr/local/bin/tini \
&& rm -rf /tmp/*
## create a 'convertigo' user and fix some rights
RUN useradd -s /bin/false -m convertigo \
&& mkdir -p /workspace/lib /workspace/classes \
&& chown -R convertigo:convertigo /workspace
## disable unused AJP, APR and Jasper features
## change HTTP port the historic Convertigo port 28080
RUN sed -i.bak \
-e '/protocol="AJP/d' \
-e '/AprLifecycleListener/d' \
-e '/JasperListener/d' \
-e 's/port="8080"/port="28080" maxThreads="64000" relaxedQueryChars="{}[]|"/' \
conf/server.xml \
&& sed -i.bak \
-e 's,<Context>,<Context sessionCookiePath="/">,' \
conf/context.xml \
&& rm -rf webapps/* bin/*.bat conf/server.xml.bak /tmp/* \
&& mkdir webapps/ROOT \
&& chown -R convertigo:convertigo conf temp work logs \
&& chmod -w conf/*
ENV CONVERTIGO_VERSION 7.6.1
ENV CONVERTIGO_WAR_URL https://github.com/convertigo/convertigo/releases/download/$CONVERTIGO_VERSION/convertigo-$CONVERTIGO_VERSION.war
ENV CONVERTIGO_GPG_KEYS 6A7779BB78FE368DF74B708FD4DA8FBEB64BF75F
## download and extract the convertigo webapps
## and remove unnecessary components for the mbaas version
RUN export GNUPGHOME="$(mktemp -d)" \
&& ( gpg --batch --keyserver ha.pool.sks-keyservers.net --recv-keys "$CONVERTIGO_GPG_KEYS" \
|| gpg --batch --keyserver pgp.mit.edu --recv-keys "$CONVERTIGO_GPG_KEYS" \
|| gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$CONVERTIGO_GPG_KEYS" \
|| gpg --batch --keyserver keyserver.pgp.com --recv-keys "$CONVERTIGO_GPG_KEYS" ) \
&& curl -fSL -o /tmp/convertigo.war $CONVERTIGO_WAR_URL \
&& curl -fSL -o /tmp/convertigo.war.asc $CONVERTIGO_WAR_URL.asc \
&& gpg --batch --verify /tmp/convertigo.war.asc /tmp/convertigo.war \
&& mkdir -p webapps/ROOT webapps/convertigo \
&& (cd webapps/convertigo \
&& unzip -q /tmp/convertigo.war \
&& (chmod -f a+x WEB-INF/xvnc/* || true) \
&& (test "$(dpkg --print-architecture)" != "i386" && rm -rf WEB-INF/xulrunner WEB-INF/xvnc WEB-INF/lib/swt_* || true) \
&& rm -rf /tmp/*)
## copy the ROOT index that redirect to the 'convertigo' webapp
COPY ./root-index.html webapps/ROOT/index.html
COPY ./docker-entrypoint.sh /
WORKDIR /workspace
VOLUME ["/workspace"]
EXPOSE 28080
ENTRYPOINT ["tini", "--", "/docker-entrypoint.sh"]
CMD ["convertigo"]