Mercurial > sat_docs
comparison docker/data/Dockerfile @ 85:bcba1966e6db
docker: certificate generation + various improvments:
- certificate is now auto-generated on first prosody launch is there is not already one
- certificate generated on build is removed to avoid image-wide certificate
- generated certificates are stored in sat_data
- data image is now based on prosody which is itslef based on sat_pubsub
- prosody configuration is moved to /etc/prosody/prosody_sat_cfg, and stored in sat_data
- building order changed to adapt to new images hierarchy
- libervia default configuration set to both without redirection (and with a security warning)
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Thu, 18 Feb 2016 17:31:09 +0100 |
| parents | 686a8c982c3f |
| children |
comparison
equal
deleted
inserted
replaced
| 84:8dc445c967e2 | 85:bcba1966e6db |
|---|---|
| 4 # This Dockerfile build a « Salut à Toi » data image # | 4 # This Dockerfile build a « Salut à Toi » data image # |
| 5 # Salut à Toi is a multi-frontends multi-purposes XMPP client # | 5 # Salut à Toi is a multi-frontends multi-purposes XMPP client # |
| 6 # # | 6 # # |
| 7 ############################################################### | 7 ############################################################### |
| 8 | 8 |
| 9 FROM salutatoi/sat_pubsub:latest | 9 FROM salutatoi/prosody:latest |
| 10 | 10 |
| 11 MAINTAINER Goffi <goffi@goffi.org> | 11 MAINTAINER Goffi <goffi@goffi.org> |
| 12 | 12 |
| 13 ########### | 13 ########### |
| 14 # VOLUMES # | 14 # VOLUMES # |
| 15 ########### | 15 ########### |
| 16 | 16 |
| 17 USER root | |
| 18 | |
| 17 # sat user home, where most of config files and databases are located | 19 # sat user home, where most of config files and databases are located |
| 18 VOLUME ["/home/sat"] | 20 VOLUME ["/home/sat"] |
| 19 | 21 |
| 20 # Prosody | 22 # Prosody |
| 21 # we need to use number instead of name as data doesn't known prosody user | |
| 22 RUN mkdir -p /var/lib/prosody && chown 105:108 /var/lib/prosody && chmod 0750 /var/lib/prosody | |
| 23 VOLUME ["/var/lib/prosody"] | 23 VOLUME ["/var/lib/prosody"] |
| 24 VOLUME ["/etc/prosody/prosody_sat_cfg"] | |
| 24 | 25 |
| 25 # Postgres database, used in SàT PubSub | 26 # Postgres database, used in SàT PubSub |
| 26 VOLUME ["/var/lib/postgresql"] | 27 VOLUME ["/var/lib/postgresql"] |
| 28 | |
| 29 # TLS certificates | |
| 30 VOLUME ["/usr/share/sat/certificates"] | |
| 27 | 31 |
| 28 # Logs not shown directly with docker logs | 32 # Logs not shown directly with docker logs |
| 29 VOLUME ["/var/log"] | 33 VOLUME ["/var/log"] |
| 30 | 34 |
| 31 ########## | 35 ########## |
| 32 # BACKUP # | 36 # BACKUP # |
| 33 ########## | 37 ########## |
| 34 | 38 |
| 35 WORKDIR /volumes | 39 WORKDIR /volumes |
| 36 RUN ln -s /home/sat sat | 40 RUN ln -s /home/sat sat && \ |
| 37 RUN ln -s /var/lib/prosody prosody | 41 ln -s /usr/share/sat/certificates certificates && \ |
| 38 RUN ln -s /var/lib/postgresql postgresql | 42 ln -s /var/lib/prosody prosody && \ |
| 39 RUN ln -s /var/log log | 43 ln -s /etc/prosody/prosody_sat_cfg prosody_sat_cfg && \ |
| 44 ln -s /var/lib/postgresql postgresql && \ | |
| 45 ln -s /var/log log | |
| 40 VOLUME ["/volumes"] | 46 VOLUME ["/volumes"] |
| 41 | 47 |
| 42 ENTRYPOINT ["/bin/true"] | 48 ENTRYPOINT ["/bin/true"] |