/
Dockerfile
219 lines (178 loc) · 6.55 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
#
# Dockerfile of coturn/coturn:debian Docker image.
#
ARG debian_ver=bookworm
#
# Stage 'dist-libprom' creates prometheus-client-c distribution.
#
# We compile prometheus-client-c from sources, because Debian doesn't provide
# it as its package yet.
#
# TODO: Re-check this to be present in packages on next Debian major version update.
# https://hub.docker.com/_/debian
FROM debian:${debian_ver}-slim AS dist-libprom
# Install tools for building.
RUN apt-get update \
&& apt-get install -y --no-install-recommends --no-install-suggests \
ca-certificates cmake g++ git make \
&& update-ca-certificates
# Install prometheus-client-c build dependencies.
RUN apt-get install -y --no-install-recommends --no-install-suggests \
libmicrohttpd-dev
# Prepare prometheus-client-c sources for building.
ARG prom_ver=0.1.3
RUN mkdir -p /build/ && cd /build/ \
&& git init \
&& git remote add origin https://github.com/digitalocean/prometheus-client-c \
&& git fetch --depth=1 origin "v${prom_ver}" \
&& git checkout FETCH_HEAD
# Build libprom.so from sources.
RUN mkdir -p /build/prom/build/ && cd /build/prom/build/ \
&& TEST=0 cmake -G "Unix Makefiles" \
-DCMAKE_INSTALL_PREFIX=/usr \
-DCMAKE_SKIP_BUILD_RPATH=TRUE \
-DCMAKE_C_FLAGS="-DPROM_LOG_ENABLE -g -O3" \
.. \
&& make
# Build libpromhttp.so from sources.
RUN mkdir -p /build/promhttp/build/ && cd /build/promhttp/build/ \
# Fix compiler warning: -Werror=incompatible-pointer-types
&& sed -i 's/\&promhttp_handler/(MHD_AccessHandlerCallback)\&promhttp_handler/' \
/build/promhttp/src/promhttp.c \
&& TEST=0 cmake -G "Unix Makefiles" \
-DCMAKE_INSTALL_PREFIX=/usr \
-DCMAKE_SKIP_BUILD_RPATH=TRUE \
-DCMAKE_C_FLAGS="-g -O3" \
.. \
&& make VERBOSE=1
# Install prometheus-client-c.
RUN LIBS_DIR=/out/$(dirname $(find /usr/ -name libc.so)) \
&& mkdir -p $LIBS_DIR/ \
&& cp -rf /build/prom/build/libprom.so \
/build/promhttp/build/libpromhttp.so \
$LIBS_DIR/ \
&& mkdir -p /out/usr/include/ \
&& cp -rf /build/prom/include/* \
/build/promhttp/include/* \
/out/usr/include/ \
# Preserve license file.
&& mkdir -p /out/usr/share/licenses/prometheus-client-c/ \
&& cp /build/LICENSE /out/usr/share/licenses/prometheus-client-c/
#
# Stage 'dist-coturn' creates Coturn distribution.
#
# https://hub.docker.com/_/debian
FROM debian:${debian_ver}-slim AS dist-coturn
# Install tools for building.
RUN apt-get update \
&& apt-get install -y --no-install-recommends --no-install-suggests \
autoconf ca-certificates coreutils g++ git libtool make pkg-config \
&& update-ca-certificates
# Install Coturn build dependencies.
RUN apt-get install -y --no-install-recommends --no-install-suggests \
libevent-dev \
libssl-dev \
libpq-dev libmariadb-dev libsqlite3-dev \
libhiredis-dev \
libmongoc-dev \
libmicrohttpd-dev
# Install prometheus-client-c distribution.
COPY --from=dist-libprom /out/ /
# Prepare local Coturn sources for building.
COPY CMakeLists.txt \
configure \
INSTALL \
LICENSE \
make-man.sh Makefile.in \
postinstall.txt \
README.turn* \
/app/
COPY cmake/ /app/cmake/
COPY examples/ /app/examples/
COPY man/ /app/man/
COPY src/ /app/src/
COPY turndb/ /app/turndb/
WORKDIR /app/
# Use Coturn sources from Git if `coturn_git_ref` is specified.
ARG coturn_git_ref=HEAD
ARG coturn_github_url=https://github.com
ARG coturn_github_repo=coturn/coturn
RUN if [ "${coturn_git_ref}" != 'HEAD' ]; then true \
&& rm -rf /app/* \
&& git init \
&& git remote add origin ${coturn_github_url}/${coturn_github_repo} \
&& git fetch --depth=1 origin "${coturn_git_ref}" \
&& git checkout FETCH_HEAD \
&& true; fi
# Build Coturn from sources.
RUN ./configure --prefix=/usr \
--turndbdir=/var/lib/coturn \
--disable-rpath \
--sysconfdir=/etc/coturn \
# No documentation included to keep image size smaller.
--mandir=/tmp/coturn/man \
--docsdir=/tmp/coturn/docs \
--examplesdir=/tmp/coturn/examples \
&& make
# Install and configure Coturn.
RUN mkdir -p /out/ \
&& DESTDIR=/out make install \
# Remove redundant files.
&& rm -rf /out/tmp/ \
# Preserve license file.
&& mkdir -p /out/usr/share/licenses/coturn/ \
&& cp LICENSE /out/usr/share/licenses/coturn/ \
# Remove default config file.
&& rm -f /out/etc/coturn/turnserver.conf.default
# Install helper tools of Docker image.
COPY docker/coturn/rootfs/ /out/
RUN chmod +x /out/usr/local/bin/docker-entrypoint.sh \
/out/usr/local/bin/detect-external-ip.sh
RUN ln -s /usr/local/bin/detect-external-ip.sh \
/out/usr/local/bin/detect-external-ip
RUN chown -R nobody:nogroup /out/var/lib/coturn/
# Re-export prometheus-client-c distribution.
COPY --from=dist-libprom /out/ /out/
#
# Stage 'runtime' creates final Docker image to use in runtime.
#
# https://hub.docker.com/_/debian
FROM debian:${debian_ver}-slim AS runtime
# Update system packages.
RUN apt-get update \
&& apt-get upgrade -y \
&& apt-get install -y --no-install-recommends --no-install-suggests \
ca-certificates \
&& update-ca-certificates \
# Install Coturn dependencies.
&& apt-get install -y --no-install-recommends --no-install-suggests \
libatomic1 \
libevent-2.1-7 libevent-core-2.1-7 libevent-extra-2.1-7 \
libevent-openssl-2.1-7 libevent-pthreads-2.1-7 \
libssl3 \
libpq5 libmariadb3 libsqlite3-0 \
libhiredis0.14 \
libmongoc-1.0-0 \
libmicrohttpd12 \
# Install `dig` tool for `detect-external-ip.sh`.
&& apt-get install -y --no-install-recommends --no-install-suggests \
dnsutils \
# Cleanup unnecessary stuff.
&& rm -rf /var/lib/apt/lists/*
# Install Coturn distribution.
COPY --from=dist-coturn /out/ /
# Allow non-root using privileged ports.
RUN apt-get update \
&& apt-get install -y --no-install-recommends --no-install-suggests \
libcap2-bin \
&& setcap CAP_NET_BIND_SERVICE=+ep /usr/bin/turnserver \
# Cleanup unnecessary stuff.
&& apt-get purge -y --auto-remove \
-o APT::AutoRemove::RecommendsImportant=false \
libcap2-bin \
&& rm -rf /var/lib/apt/lists/*
USER nobody:nogroup
EXPOSE 3478 3478/udp 5349 5349/udp
VOLUME ["/var/lib/coturn"]
ENTRYPOINT ["docker-entrypoint.sh"]
CMD ["--log-file=stdout", "--external-ip=$(detect-external-ip)"]