view docker/backend-dev/Dockerfile @ 3950:8f87ff449a34

doc: new doc giving an overview on how e2ee is working in Libervia/XMPP: the doc explain pubsub e2ee for now rel 380
author Goffi <goffi@goffi.org>
date Sat, 15 Oct 2022 20:38:33 +0200
parents 512487ce3579
children 5a835b320726
line wrap: on
line source

FROM debian:bullseye-slim

LABEL maintainer="Goffi <tmp_dockerfiles@goffi.org>"

ARG REVISION
ARG DEBIAN_FRONTEND=noninteractive

RUN echo "Building image for Libervia ${REVISION:-dev}" && \
    apt-get update && apt-get upgrade -y && \
    apt-get install -y --no-install-recommends locales python3-dev python3-venv python3-wheel mercurial libxml2-dev libxslt-dev libcairo2-dev libjpeg-dev libgirepository1.0-dev libdbus-1-dev libdbus-glib-1-dev dbus-x11 cmake python3-gpg git && \
    \
    # will be used to put many Libervia specific data
    mkdir -p /usr/share/libervia/certificates && \
    addgroup tls-cert --gid 9999 && \
    chown :tls-cert /usr/share/libervia/certificates && \
    chmod 2770 /usr/share/libervia/certificates && \
    # it's better to have a dedicated user
    useradd -m libervia && adduser libervia tls-cert && \
    # we'll put all source there to have an easy mount point
    mkdir /src && chown libervia:libervia /src && \
    \
    # we need UTF-8 locale
    sed -i "s/# en_US.UTF-8/en_US.UTF-8/" /etc/locale.gen && locale-gen

ENV LC_ALL en_US.UTF-8
ENV DOCKER_LIBERVIA_REV=${REVISION:-dev}

COPY --chown=root:root session.conf /usr/share/dbus-1/session.conf

WORKDIR /home/libervia

RUN apt-get install -y --no-install-recommends libsodium-dev
USER libervia
RUN python3 -m venv --system-site-packages libervia_env && libervia_env/bin/pip install -U pip wheel

# temporary needed for new OMEMO
RUN libervia_env/bin/pip install protobuf==3.20 && \
    libervia_env/bin/pip install git+https://github.com/Syndace/python-xeddsa.git@stable && \
    libervia_env/bin/pip install git+https://github.com/Syndace/python-x3dh.git@stable && \
    libervia_env/bin/pip install git+https://github.com/Syndace/python-doubleratchet.git@stable && \
    libervia_env/bin/pip install git+https://github.com/Syndace/python-omemo.git@stable && \
    libervia_env/bin/pip install git+https://github.com/Syndace/python-oldmemo.git && \
    libervia_env/bin/pip install git+https://github.com/Syndace/python-twomemo.git

RUN cd /src && \
    # We install thoses packages in editable mode, so we can replace them easily with volumes.
    # We need to move *.egg-info (generated by pip) out of src dirs, otherwise mounting
    # local repos without it them cause troubles
    hg clone https://repos.goffi.org/urwid-satext && ~/libervia_env/bin/pip install -e urwid-satext && \
    hg clone https://repos.goffi.org/sat_tmp -u "${REVISION:-@}" && ~/libervia_env/bin/pip install -e sat_tmp && \
    hg clone https://repos.goffi.org/libervia-templates && ~/libervia_env/bin/pip install -e libervia-templates && \
    hg clone https://repos.goffi.org/libervia-media && \
    hg clone https://repos.goffi.org/libervia-backend -u "${REVISION:-@}" && ~/libervia_env/bin/pip install -e 'libervia-backend[SVG]' && \
    mkdir -p /home/libervia/.local/share/libervia

ENV DBUS_SESSION_BUS_ADDRESS="tcp:host=backend,port=55555,family=ipv4;unix:path=/home/libervia/.local/share/dbus_socket"
ENV PATH=/home/libervia/libervia_env/bin:$PATH

COPY --chown=root:root libervia.conf /etc/_libervia.conf
COPY --chown=libervia:libervia scripts/entrypoint.sh /home/libervia/

ENTRYPOINT ["/home/libervia/entrypoint.sh"]