view docker/base/Dockerfile @ 99:15e317bb602f

docker (libervia_cont): removed instructions about commiting sat_data, as a volume container will not commit data (see https://github.com/docker/docker/issues/7583)
author Goffi <goffi@goffi.org>
date Fri, 26 Feb 2016 17:29:34 +0100
parents 6e6274aa3916
children b69056368901
line wrap: on
line source

###############################################################
#                                                             #
#                      Salut à Toi/base                       #
#     This Dockerfile build a « Salut à Toi » base image      #
# Salut à Toi is a multi-frontends multi-purposes XMPP client #
#                                                             #
###############################################################

FROM debian:jessie

MAINTAINER Goffi <goffi@goffi.org>

########
# BASE #
########

ENV DEBIAN_FRONTEND noninteractive

RUN apt-get update
RUN apt-get upgrade -y
RUN apt-get install -y --no-install-recommends locales dbus-x11 python python-gobject-2 python-dbus python-lxml python-mutagen python-pil python-crypto python-feed python-potr python-twisted-core python-twisted-mail python-twisted-web python-twisted-words python-wokkel python-xdg python-xe python-zope.interface python-gi python-urwid python-markdown python-html2text mercurial python-pip
RUN apt-get clean

# dokuwiki module is needed for the blog importer
RUN pip install dokuwiki

# we need UTF-8 locale
RUN sed -i "s/# en_US.UTF-8/en_US.UTF-8/" /etc/locale.gen
RUN locale-gen
ENV LC_ALL en_US.UTF-8

# it's better to have a dedicated user
RUN useradd -m sat

# will be used to put many SàT specific data
RUN mkdir -p /usr/share/sat
RUN mkdir /usr/share/sat/certificates
RUN addgroup tls-cert --gid 9999 && chown :tls-cert /usr/share/sat/certificates && chmod 2770 /usr/share/sat/certificates
RUN adduser sat tls-cert

################
# URWID SÀTEXT #
################

WORKDIR /tmp

RUN hg clone https://repos.goffi.org/urwid-satext

WORKDIR urwid-satext

RUN python setup.py install --prefix /usr --install-lib /usr/lib/python2.7/dist-packages

WORKDIR /tmp

RUN rm -rf urwid-satext

#####################
# CORE INSTALLATION #
#####################

WORKDIR /tmp

RUN hg clone https://repos.goffi.org/sat

WORKDIR sat

RUN python setup.py install --prefix /usr --install-lib /usr/lib/python2.7/dist-packages

WORKDIR /tmp

RUN rm -rf sat

######################
# SàT CONFIGURATION  #
######################

# Following scripts make the configuration as automatic and easy as possible

# we want .pid files in /tmp so they are removed if container are deleted
RUN echo '[DEFAULT]\npid_dir=/tmp' >> /etc/sat.conf

# we auto-create libervia account if it doesn't exists in Libervia container
# so we remove it from reserved_list in plugin account
RUN echo '\n[plugin account]\nreserved_list=' >> /etc/sat.conf

# This script set account domain in sat.conf if not already set
# if not set, domain is got from prosody container or DOMAIN environment variable
RUN echo '#!/usr/bin/env python2\n\
import os, os.path, xmlrpclib, ConfigParser, socket, subprocess\n\
from sat.core.constants import Const as C\n\
from sat.tools import config as sat_config\n\
SECTION = "plugin account"\n\
OPTION = "new_account_domain"\n\
CONFIG_PATH = "/home/sat/.config/sat/sat.conf"\n\
try:\n\
    os.makedirs(os.path.dirname(CONFIG_PATH))\n\
except OSError:\n\
    pass\n\
config = ConfigParser.SafeConfigParser()\n\
config.read(C.CONFIG_FILES)\n\
domain = sat_config.getConfig(config, SECTION, OPTION)\n\
if domain is None:\n\
    os.getenv("DOMAIN")\n\
    if domain is None:\n\
        proxy = xmlrpclib.ServerProxy("http://prosody:9999/")\n\
        try:\n\
            if "prosody" not in open("/etc/hosts").read():\n\
                raise socket.gaierror # this avoid waiting for timeout if prosody is not linked\n\
            domain = proxy.getenv("DOMAIN")\n\
        except socket.gaierror:\n\
            print "No prosody container connected or known domain, using \"localhost\" for new domains"\n\
            domain = "localhost"\n\
    config = ConfigParser.SafeConfigParser()\n\
    config.readfp(open(CONFIG_PATH, "a+"))\n\
    try:\n\
        config.add_section(SECTION)\n\
    except ConfigParser.DuplicateSectionError:\n\
        pass\n\
    config.set(SECTION, OPTION, domain)\n\
    config.write(open(CONFIG_PATH, "w"))\n\
subprocess.call(["add_host", domain, "prosody"])\n\
for subdomain in ("chat", "proxy", "upload", "pubsub", "salut"):\n\
    subprocess.call(["add_host", "{}.{}".format(subdomain, domain), "prosody"])\n\
' > /usr/local/bin/set_account_domain && chmod 0555 /usr/local/bin/set_account_domain

# account domain is set, then sat is launched with D-Bus activated
RUN echo '#!/bin/sh\n\
chmod a+w /etc/hosts\n\
su -c "set_account_domain && dbus-launch /usr/bin/sat $@" sat\n\
'> /usr/local/bin/sat && chmod 0500 /usr/local/bin/sat

# this script add aliases to /etc/hosts
RUN echo '#!/usr/bin/env python2\n\
import sys, re\n\
if len(sys.argv) < 2 or len(sys.argv) > 3:\n\
    sys.exit(1)\n\
host = sys.argv[1]\n\
alias = sys.argv[2] if len(sys.argv) == 3 else "localhost"\n\
if host == "localhost" or host == alias:\n\
    sys.exit(0)\n\
print "Adding host {} as an alias of {}".format(host, alias)\n\
with open("/etc/hosts", "r+") as f:\n\
    buf = re.sub(r"\\b{}\\b".format(alias), "{}\\t{}".format(alias, host), f.read(), 1)\n\
    f.seek(0)\n\
    f.write(buf)\
' > /usr/local/bin/add_host && chmod 0555 /usr/local/bin/add_host

# This script simulate prosodyctl adduser/passwd/deluser and call it on the prosody container
RUN echo '#!/usr/bin/env python2\n\
import sys, xmlrpclib\n\
proxy = xmlrpclib.ServerProxy("http://prosody:9999/")\n\
def pwd():\n\
    pwd1=raw_input(); pwd2=raw_input(); assert pwd1==pwd2\n\
    return pwd1\n\
password = pwd() if sys.argv[1] in ["adduser", "passwd"] else ""\n\
sys.exit(proxy.prosodyctl(sys.argv[1], sys.argv[2], password))\n\
' > /usr/local/bin/prosodyctl

#########
# D-Bus #
#########

# we need a TCP socket
RUN sed -i "s&<listen>unix:tmpdir=/tmp</listen>&\0\n  <listen>tcp:host=localhost,bind=*,port=55555,family=ipv4</listen>\n  <auth>ANONYMOUS</auth>\n  <allow_anonymous/>&" /etc/dbus-1/session.conf

# this script will launch the command with good D-BUS parameters
# it needs to be copied and made executable by frontends
RUN echo '#!/bin/sh\nexport DBUS_SESSION_BUS_ADDRESS=tcp:host=sat,port=55555,family=ipv4\nexec /usr/bin/$(basename "$0") "$@"' > /usr/local/bin/dbus_wrap

##########
# LAUNCH #
##########

WORKDIR /home/sat

ENTRYPOINT ["/bin/bash"]