Mercurial > sat_docs

view docker/sat_pubsub/Dockerfile @ 85:bcba1966e6db

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
docker: certificate generation + various improvments: - certificate is now auto-generated on first prosody launch is there is not already one - certificate generated on build is removed to avoid image-wide certificate - generated certificates are stored in sat_data - data image is now based on prosody which is itslef based on sat_pubsub - prosody configuration is moved to /etc/prosody/prosody_sat_cfg, and stored in sat_data - building order changed to adapt to new images hierarchy - libervia default configuration set to both without redirection (and with a security warning)
author Goffi <goffi@goffi.org>
date Thu, 18 Feb 2016 17:31:09 +0100
parents 8dd32aa49614
children b69056368901
line wrap: on
line source

###############################################################
#                                                             #
#                   Salut à Toi/sat_pubsub                    #
#     This Dockerfile build a SàT Pubsub service for SàT      #
# Salut à Toi is a multi-frontends multi-purposes XMPP client #
#                                                             #
###############################################################

FROM salutatoi/base:latest

MAINTAINER Goffi <goffi@goffi.org>

########
# BASE #
########

RUN apt-get install -y --no-install-recommends postgresql
RUN apt-get install -y --no-install-recommends python-psycopg2
RUN apt-get clean

# This script launch SàT PubSub with domain and secret gotten from prosody container
# it make the configuration more easy
RUN echo '#!/usr/bin/env python2\n\
import os, xmlrpclib\n\
os.chdir("/usr/share/sat_pubsub")\n\
proxy = xmlrpclib.ServerProxy("http://prosody:9999/")\n\
domain = proxy.getenv("DOMAIN")\n\
secret = proxy.getenv("SAT_PUBSUB_SECRET")\n\
os.execlp("twistd", "twistd", "-n", "--pidfile", "/tmp/sat_pubsub.pid", "sat_pubsub", "--rhost", "prosody",\
 "--jid", "pubsub.%s" % domain, "--secret", secret)\n\
' > /usr/local/bin/sat_pubsub && chmod 0555 /usr/local/bin/sat_pubsub

WORKDIR /usr/share

RUN hg clone https://repos.goffi.org/sat_pubsub && chown -R sat:sat sat_pubsub

############
# DATABASE #
############

WORKDIR sat_pubsub/db

# To simplify installation, we integrate our own PostgreSQL
# future alternate version may use an external PostgreSQL container

USER root

RUN service postgresql start; su -c "createuser -d -w sat" postgres; su -c "createdb pubsub" postgres; su -c "psql pubsub < pubsub.sql" sat; service postgresql stop

##########
# LAUNCH #
##########

# we need to launch PostgreSQL, so we launch as root then switch to sat user
ENTRYPOINT ["/bin/sh","-c", "service postgresql start && su -c sat_pubsub sat"]