Mercurial > sat_docs

diff docker/base/Dockerfile @ 105:b69056368901

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
docker: images optimisation: - reduced the number of layers by grouping many instructions - moved stuff which don't change a lot at the beginning, and hg/apt at the end - scripts are not now in scripts/ subdirectories - prosody.cfg.lua is added using ADD instead of getting it online - .hg/dirstate is copied in base (backend) and libervia, so mercurial revision is known - removed lot of useless WORKDIR instruction, they are replaced by "cd" inside RUN instructions - cleaning (apt-clean, rm) is done on the same instruction as the one than generate the data, to avoid useless data in layers
author Goffi <goffi@goffi.org>
date Sun, 28 Feb 2016 02:01:20 +0100
parents 6e6274aa3916
children 8b228fd053bc
line wrap: on
line diff
--- a/docker/base/Dockerfile	Sat Feb 27 00:45:58 2016 +0100
+++ b/docker/base/Dockerfile	Sun Feb 28 02:01:20 2016 +0100
@@ -16,156 +16,76 @@
 
 ENV DEBIAN_FRONTEND noninteractive
 
-RUN apt-get update
-RUN apt-get upgrade -y
-RUN apt-get install -y --no-install-recommends locales dbus-x11 python python-gobject-2 python-dbus python-lxml python-mutagen python-pil python-crypto python-feed python-potr python-twisted-core python-twisted-mail python-twisted-web python-twisted-words python-wokkel python-xdg python-xe python-zope.interface python-gi python-urwid python-markdown python-html2text mercurial python-pip
-RUN apt-get clean
+## Helping scripts ##
+# Following scripts make the configuration as automatic and easy as possible
+COPY scripts/set_account_domain scripts/sat scripts/add_host scripts/dbus_wrap scripts/prosodyctl /usr/local/bin/
+
+RUN chown root:root /usr/local/bin/set_account_domain && \
+chmod 0555 /usr/local/bin/set_account_domain && \
+chown root:root /usr/local/bin/sat && \
+chmod 0500 /usr/local/bin/sat && \
+chown root:root /usr/local/bin/add_host && \
+chmod 0555 /usr/local/bin/add_host && \
+chown root:root /usr/local/bin/prosodyctl && \
+chmod 0555 /usr/local/bin/prosodyctl && \
+chown root:root /usr/local/bin/dbus_wrap && \
+chmod 0555 /usr/local/bin/dbus_wrap && \
+
+# it's better to have a dedicated user
+useradd -m sat && \
+
+# will be used to put many SàT specific data
+mkdir -p /usr/share/sat && \
+mkdir /usr/share/sat/certificates && \
+addgroup tls-cert --gid 9999 && \
+chown :tls-cert /usr/share/sat/certificates && \
+chmod 2770 /usr/share/sat/certificates && \
+adduser sat tls-cert
+
+RUN apt-get update && apt-get upgrade -y && apt-get install -y --no-install-recommends locales dbus-x11 python python-gobject-2 python-dbus python-lxml python-mutagen python-pil python-crypto python-feed python-potr python-twisted-core python-twisted-mail python-twisted-web python-twisted-words python-wokkel python-xdg python-xe python-zope.interface python-gi python-urwid python-markdown python-html2text mercurial python-pip && apt-get clean && \
 
 # dokuwiki module is needed for the blog importer
-RUN pip install dokuwiki
+
+pip install dokuwiki && \
+
+# we need a TCP socket for D-Bus
+sed -i "s&<listen>unix:tmpdir=/tmp</listen>&\0\n  <listen>tcp:host=localhost,bind=*,port=55555,family=ipv4</listen>\n  <auth>ANONYMOUS</auth>\n  <allow_anonymous/>&" /etc/dbus-1/session.conf && \
 
 # we need UTF-8 locale
-RUN sed -i "s/# en_US.UTF-8/en_US.UTF-8/" /etc/locale.gen
-RUN locale-gen
-ENV LC_ALL en_US.UTF-8
+sed -i "s/# en_US.UTF-8/en_US.UTF-8/" /etc/locale.gen && locale-gen
 
-# it's better to have a dedicated user
-RUN useradd -m sat
-
-# will be used to put many SàT specific data
-RUN mkdir -p /usr/share/sat
-RUN mkdir /usr/share/sat/certificates
-RUN addgroup tls-cert --gid 9999 && chown :tls-cert /usr/share/sat/certificates && chmod 2770 /usr/share/sat/certificates
-RUN adduser sat tls-cert
+ENV LC_ALL en_US.UTF-8
 
 ################
 # URWID SÀTEXT #
 ################
 
-WORKDIR /tmp
-
-RUN hg clone https://repos.goffi.org/urwid-satext
-
-WORKDIR urwid-satext
+RUN cd /tmp && \
 
-RUN python setup.py install --prefix /usr --install-lib /usr/lib/python2.7/dist-packages
-
-WORKDIR /tmp
-
-RUN rm -rf urwid-satext
+hg clone https://repos.goffi.org/urwid-satext && cd urwid-satext && \
+python setup.py install --prefix /usr --install-lib /usr/lib/python2.7/dist-packages && \
+rm -rf urwid-satext && \
 
 #####################
 # CORE INSTALLATION #
 #####################
 
-WORKDIR /tmp
-
-RUN hg clone https://repos.goffi.org/sat
-
-WORKDIR sat
-
-RUN python setup.py install --prefix /usr --install-lib /usr/lib/python2.7/dist-packages
-
-WORKDIR /tmp
-
-RUN rm -rf sat
+hg clone https://repos.goffi.org/sat && cd sat && \
+python setup.py install --prefix /usr --install-lib /usr/lib/python2.7/dist-packages && \
+# we copy .hg/dirstate so SàT can get repository version
+# TODO: should be done in setup.py in the future
+cp --parents .hg/dirstate /usr/lib/python2.7/dist-packages/sat && \
+cd /tmp && rm -rf sat && \
 
 ######################
 # SàT CONFIGURATION  #
 ######################
 
-# Following scripts make the configuration as automatic and easy as possible
-
 # we want .pid files in /tmp so they are removed if container are deleted
-RUN echo '[DEFAULT]\npid_dir=/tmp' >> /etc/sat.conf
-
+echo '[DEFAULT]\npid_dir=/tmp\n\n\
 # we auto-create libervia account if it doesn't exists in Libervia container
 # so we remove it from reserved_list in plugin account
-RUN echo '\n[plugin account]\nreserved_list=' >> /etc/sat.conf
-
-# This script set account domain in sat.conf if not already set
-# if not set, domain is got from prosody container or DOMAIN environment variable
-RUN echo '#!/usr/bin/env python2\n\
-import os, os.path, xmlrpclib, ConfigParser, socket, subprocess\n\
-from sat.core.constants import Const as C\n\
-from sat.tools import config as sat_config\n\
-SECTION = "plugin account"\n\
-OPTION = "new_account_domain"\n\
-CONFIG_PATH = "/home/sat/.config/sat/sat.conf"\n\
-try:\n\
-    os.makedirs(os.path.dirname(CONFIG_PATH))\n\
-except OSError:\n\
-    pass\n\
-config = ConfigParser.SafeConfigParser()\n\
-config.read(C.CONFIG_FILES)\n\
-domain = sat_config.getConfig(config, SECTION, OPTION)\n\
-if domain is None:\n\
-    os.getenv("DOMAIN")\n\
-    if domain is None:\n\
-        proxy = xmlrpclib.ServerProxy("http://prosody:9999/")\n\
-        try:\n\
-            if "prosody" not in open("/etc/hosts").read():\n\
-                raise socket.gaierror # this avoid waiting for timeout if prosody is not linked\n\
-            domain = proxy.getenv("DOMAIN")\n\
-        except socket.gaierror:\n\
-            print "No prosody container connected or known domain, using \"localhost\" for new domains"\n\
-            domain = "localhost"\n\
-    config = ConfigParser.SafeConfigParser()\n\
-    config.readfp(open(CONFIG_PATH, "a+"))\n\
-    try:\n\
-        config.add_section(SECTION)\n\
-    except ConfigParser.DuplicateSectionError:\n\
-        pass\n\
-    config.set(SECTION, OPTION, domain)\n\
-    config.write(open(CONFIG_PATH, "w"))\n\
-subprocess.call(["add_host", domain, "prosody"])\n\
-for subdomain in ("chat", "proxy", "upload", "pubsub", "salut"):\n\
-    subprocess.call(["add_host", "{}.{}".format(subdomain, domain), "prosody"])\n\
-' > /usr/local/bin/set_account_domain && chmod 0555 /usr/local/bin/set_account_domain
-
-# account domain is set, then sat is launched with D-Bus activated
-RUN echo '#!/bin/sh\n\
-chmod a+w /etc/hosts\n\
-su -c "set_account_domain && dbus-launch /usr/bin/sat $@" sat\n\
-'> /usr/local/bin/sat && chmod 0500 /usr/local/bin/sat
-
-# this script add aliases to /etc/hosts
-RUN echo '#!/usr/bin/env python2\n\
-import sys, re\n\
-if len(sys.argv) < 2 or len(sys.argv) > 3:\n\
-    sys.exit(1)\n\
-host = sys.argv[1]\n\
-alias = sys.argv[2] if len(sys.argv) == 3 else "localhost"\n\
-if host == "localhost" or host == alias:\n\
-    sys.exit(0)\n\
-print "Adding host {} as an alias of {}".format(host, alias)\n\
-with open("/etc/hosts", "r+") as f:\n\
-    buf = re.sub(r"\\b{}\\b".format(alias), "{}\\t{}".format(alias, host), f.read(), 1)\n\
-    f.seek(0)\n\
-    f.write(buf)\
-' > /usr/local/bin/add_host && chmod 0555 /usr/local/bin/add_host
-
-# This script simulate prosodyctl adduser/passwd/deluser and call it on the prosody container
-RUN echo '#!/usr/bin/env python2\n\
-import sys, xmlrpclib\n\
-proxy = xmlrpclib.ServerProxy("http://prosody:9999/")\n\
-def pwd():\n\
-    pwd1=raw_input(); pwd2=raw_input(); assert pwd1==pwd2\n\
-    return pwd1\n\
-password = pwd() if sys.argv[1] in ["adduser", "passwd"] else ""\n\
-sys.exit(proxy.prosodyctl(sys.argv[1], sys.argv[2], password))\n\
-' > /usr/local/bin/prosodyctl
-
-#########
-# D-Bus #
-#########
-
-# we need a TCP socket
-RUN sed -i "s&<listen>unix:tmpdir=/tmp</listen>&\0\n  <listen>tcp:host=localhost,bind=*,port=55555,family=ipv4</listen>\n  <auth>ANONYMOUS</auth>\n  <allow_anonymous/>&" /etc/dbus-1/session.conf
-
-# this script will launch the command with good D-BUS parameters
-# it needs to be copied and made executable by frontends
-RUN echo '#!/bin/sh\nexport DBUS_SESSION_BUS_ADDRESS=tcp:host=sat,port=55555,family=ipv4\nexec /usr/bin/$(basename "$0") "$@"' > /usr/local/bin/dbus_wrap
+[plugin account]\nreserved_list=' >> /etc/sat.conf
 
 ##########
 # LAUNCH #