view docker/libervia/Dockerfile @ 85:bcba1966e6db

docker: certificate generation + various improvments: - certificate is now auto-generated on first prosody launch is there is not already one - certificate generated on build is removed to avoid image-wide certificate - generated certificates are stored in sat_data - data image is now based on prosody which is itslef based on sat_pubsub - prosody configuration is moved to /etc/prosody/prosody_sat_cfg, and stored in sat_data - building order changed to adapt to new images hierarchy - libervia default configuration set to both without redirection (and with a security warning)
author Goffi <goffi@goffi.org>
date Thu, 18 Feb 2016 17:31:09 +0100
parents 686a8c982c3f
children b69056368901
line wrap: on
line source

####################################################################
#                                                                  #
#                       Salut à Toi/Libervia                       #
# This Dockerfile build Libervia, the web frontend for Salut à Toi #
#   Salut à Toi is a multi-frontends multi-purposes XMPP client    #
#                                                                  #
####################################################################

FROM salutatoi/media:latest

MAINTAINER Goffi <goffi@goffi.org>

##############
# txJSON-RPC #
##############

RUN pip install txJSON-RPC

###########
# PYJAMAS #
###########

WORKDIR /usr/share

# as the situation with pyjamas is complicated, we get the archive from our own ftp
RUN python -c 'import urllib2,tarfile,cStringIO;tar=tarfile.open(fileobj=cStringIO.StringIO(urllib2.urlopen("https://ftp.goffi.org/pyjamas/pyjamas.tar.bz2").read()));tar.extractall()'

WORKDIR pyjamas

RUN python bootstrap.py

RUN ln -s /usr/share/pyjamas/bin/pyjsbuild /usr/local/bin/pyjsbuild

############
# LIBERVIA #
############

WORKDIR /tmp

RUN apt-get install -y --no-install-recommends python-jinja2

RUN hg clone https://repos.goffi.org/libervia

WORKDIR libervia

RUN python setup.py install

WORKDIR /tmp

RUN rm -rf libervia

#################
# CONFIGURATION #
#################

# we want to use certificates in /usr/share/sat/certificates
RUN echo "\n[libervia]\n\
tls_private_key = /usr/share/sat/certificates/libervia.key\n\
tls_certificate = /usr/share/sat/certificates/libervia.crt\n\
connection_type = both\n\
redirect_to_https = 0" >> /etc/sat.conf

#####################
# FIRST LAUNCH TEST #
#####################

# this script check if libervia and admin accounts exist, and create them if necessary
# then it launch libervia
RUN echo '#!/usr/bin/env python2\n\
import os, sys, subprocess, string, random\n\
from sat.plugins import plugin_misc_account as account\n\
from sat.tools import config\n\
from sat_frontends.bridge import DBus\n\
def generate_pwd():\n\
    chars = string.letters + string.digits\n\
    length = 12\n\
    return "".join(random.choice(chars) for _ in range(length))\n\
sat=DBus.DBusBridgeFrontend()\n\
sat.getReady()\n\
admin_email = sat.getConfig(account.CONFIG_SECTION, "admin_email") or account.default_conf["admin_email"]\n\
for profile in ["libervia", "admin"]:\n\
    try:\n\
        sat.getProfileName(profile)\n\
    except Exception as e:\n\
        print "{} profile doesn'\''t exists, creating it".format(profile)\n\
        print "registering {}@{}".format(profile, sat.getNewAccountDomain())\n\
        pwd = generate_pwd()\n\
        if profile == "libervia":\n\
            config.fixConfigOption("libervia", "passphrase", pwd)\n\
        elif profile == "admin":\n\
            with open("/home/sat/ADMIN_PWD", "w") as f:\n\
                f.write("%s\\n" % pwd)\n\
        sat.registerSatAccount(admin_email, pwd, profile)\n\
os.execvp("libervia", ["libervia"] + sys.argv[1:])\n\
' > /usr/bin/libervia_cont_launch && chmod 555 /usr/bin/libervia_cont_launch

#########
# D-Bus #
#########

RUN cp /usr/local/bin/dbus_wrap /usr/local/bin/libervia_cont_launch && chmod 555 /usr/local/bin/libervia_cont_launch

#########
# Ports #
#########

# HTTP
EXPOSE 8080

# HTTPS
EXPOSE 8443

##########
# LAUNCH #
##########

USER sat

ENTRYPOINT ["libervia_cont_launch", "fg"]