view docker/sat_pubsub/Dockerfile @ 34:db9316a75306

XEP: updated privileged entity according to discussions following the council's veto (see http://mail.jabber.org/pipermail/standards/2014-December/029378.html): - Big simplification and restriction following council's veto and standard@ discussions - Configuration is not done only on server own configuration - No more client mode - Permissions are adverised using <message/> - The only <iq/> privilege still available is jabber:iq:roster
author Goffi <goffi@goffi.org>
date Thu, 18 Dec 2014 17:48:26 +0100
parents 0e78c8a4626e
children 686a8c982c3f
line wrap: on
line source

###############################################################
#                                                             #
#                   Salut à Toi/sat_pubsub                    #
#     This Dockerfile build a SàT Pubsub service for SàT      #
# Salut à Toi is a multi-frontends multi-purposes XMPP client #
#                                                             #
###############################################################

FROM salutatoi/base:latest

MAINTAINER Goffi <goffi@goffi.org>

########
# BASE #
########

RUN apt-get install -y --no-install-recommends postgresql
RUN apt-get install -y --no-install-recommends python-psycopg2
RUN apt-get clean

# This script launch SàT PubSub with domain and secret gotten from prosody container
# it make the configuration more easy
RUN echo '#!/usr/bin/env python2\n\
import os, xmlrpclib\n\
os.chdir("/usr/share/sat_pubsub")\n\
proxy = xmlrpclib.ServerProxy("http://prosody:9999/")\n\
domain = proxy.getenv("DOMAIN")\n\
secret = proxy.getenv("SAT_PUBSUB_SECRET")\n\
os.execlp("twistd", "twistd", "-n", "sat_pubsub", "--rhost", "prosody",\
 "--jid", "sat-pubsub.%s" % domain, "--secret", secret)\n\
' > /usr/local/bin/sat_pubsub && chmod 0555 /usr/local/bin/sat_pubsub

WORKDIR /usr/share

RUN hg clone http://repos.goffi.org/sat_pubsub && chown -R sat:sat sat_pubsub

############
# DATABASE #
############

WORKDIR sat_pubsub/db

# To simplify installation, we integrate our own PostgreSQL
# future alternate version may use an external PostgreSQL container

USER root

RUN service postgresql start; su -c "createuser -d -w sat" postgres; su -c "createdb pubsub" postgres; su -c "psql pubsub < pubsub.sql" sat; service postgresql stop

##########
# LAUNCH #
##########

# we need to launch PostgreSQL, so we launch as root then switch to sat user
ENTRYPOINT ["/bin/sh","-c", "service postgresql start && su -c sat_pubsub sat"]