view docker/base/Dockerfile @ 117:834bedf42332

docker (base): create sat.conf in ~sat/.config/sat with right permissions so it is not created by set_account_domain
author Goffi <goffi@goffi.org>
date Tue, 08 Mar 2016 13:52:11 +0100
parents 8b228fd053bc
children 5d2eb2f61dc8
line wrap: on
line source

###############################################################
#                                                             #
#                      Salut à Toi/base                       #
#     This Dockerfile build a « Salut à Toi » base image      #
# Salut à Toi is a multi-frontends multi-purposes XMPP client #
#                                                             #
###############################################################

FROM debian:jessie

MAINTAINER Goffi <goffi@goffi.org>

########
# BASE #
########

ENV DEBIAN_FRONTEND noninteractive

## Helping scripts ##
# Following scripts make the configuration as automatic and easy as possible
COPY scripts/set_account_domain scripts/sat scripts/add_host scripts/dbus_wrap scripts/prosodyctl /usr/local/bin/

RUN chown root:root /usr/local/bin/set_account_domain && \
chmod 0555 /usr/local/bin/set_account_domain && \
chown root:root /usr/local/bin/sat && \
chmod 0500 /usr/local/bin/sat && \
chown root:root /usr/local/bin/add_host && \
chmod 0555 /usr/local/bin/add_host && \
chown root:root /usr/local/bin/prosodyctl && \
chmod 0555 /usr/local/bin/prosodyctl && \
chown root:root /usr/local/bin/dbus_wrap && \
chmod 0555 /usr/local/bin/dbus_wrap && \

# it's better to have a dedicated user
useradd -m sat && \

# will be used to put many SàT specific data
mkdir -p /usr/share/sat && \
mkdir /usr/share/sat/certificates && \
addgroup tls-cert --gid 9999 && \
chown :tls-cert /usr/share/sat/certificates && \
chmod 2770 /usr/share/sat/certificates && \
adduser sat tls-cert

RUN apt-get update && apt-get upgrade -y && apt-get install -y --no-install-recommends locales dbus-x11 python python-gobject-2 python-dbus python-lxml python-mutagen python-pil python-crypto python-feed python-potr python-twisted-core python-twisted-mail python-twisted-web python-twisted-words python-wokkel python-xdg python-xe python-zope.interface python-gi python-urwid python-markdown python-html2text mercurial python-pip && apt-get clean && \

# dokuwiki module is needed for the blog importer

pip install dokuwiki && \

# we need a TCP socket for D-Bus
sed -i "s&<listen>unix:tmpdir=/tmp</listen>&\0\n  <listen>tcp:host=localhost,bind=*,port=55555,family=ipv4</listen>\n  <auth>ANONYMOUS</auth>\n  <allow_anonymous/>&" /etc/dbus-1/session.conf && \

# we need UTF-8 locale
sed -i "s/# en_US.UTF-8/en_US.UTF-8/" /etc/locale.gen && locale-gen

ENV LC_ALL en_US.UTF-8

################
# URWID SÀTEXT #
################

RUN cd /tmp && \

hg clone https://repos.goffi.org/urwid-satext && cd urwid-satext && \
python setup.py install --prefix /usr --install-lib /usr/lib/python2.7/dist-packages && \
cd /tmp && rm -rf urwid-satext && \

#####################
# CORE INSTALLATION #
#####################

hg clone https://repos.goffi.org/sat && cd sat && \
python setup.py install --prefix /usr --install-lib /usr/lib/python2.7/dist-packages && \
# we save repository data so SàT can get repository version
# TODO: should be done in setup.py in the future
python -c 'from sat.tools import utils;utils.getRepositoryData("/tmp/sat", is_path=True, save_dir_path="/usr/lib/python2.7/dist-packages/sat")' && \
cd /tmp && rm -rf sat && \

######################
# SàT CONFIGURATION  #
######################

# we want .pid files in /tmp so they are removed if container are deleted
echo '[DEFAULT]\npid_dir=/tmp\n\n\
# we auto-create libervia account if it doesn't exists in Libervia container
# so we remove it from reserved_list in plugin account
[plugin account]\nreserved_list=' >> /etc/sat.conf && \

# we create a sat.conf in sat user's XDG directory
# else it would be created by set_account_domain with root only permissions
mkdir -p /home/sat/.config/sat && touch /home/sat/.config/sat/sat.conf && \
chown -R sat:sat /home/sat/.config && chmod 0700 /home/sat/.config/sat && \
chmod 0600 /home/sat/.config/sat/sat.conf

##########
# LAUNCH #
##########

WORKDIR /home/sat

ENTRYPOINT ["/bin/bash"]