Mercurial > sat_docs
view docker/prosody/Dockerfile @ 103:e69883c1ec30
docker (libervia_cont): added a "status" command:
- if libervia container is not running, it exits with error code 1
- if libervia container is running but no server is launched, it exits with error code 2
- if libervia container is running and server is launcher, it exits with error code 0 (success)
server detection is done by doing a simple grep on logs, that's not perfectly reliable (ports can be changed in configuration, even if that doesn't really make sense in Docker context) but should be good enough for this purpose.
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Sat, 27 Feb 2016 00:45:40 +0100 |
| parents | 30f3f83d6959 |
| children | b69056368901 |
line wrap: on
line source
############################################################### # # # Salut à Toi/Prosody # # This Dockerfile build a Prosody version prepared for SàT # # Salut à Toi is a multi-frontends multi-purposes XMPP client # # # ############################################################### FROM salutatoi/sat_pubsub:latest MAINTAINER Goffi <goffi@goffi.org> ######## # BASE # ######## RUN apt-get install -y --no-install-recommends lsb-release # we add prosody repository and key RUN echo deb http://packages.prosody.im/debian $(lsb_release -sc) main > /etc/apt/sources.list.d/prosody.list RUN python -c 'import urllib2;import subprocess as s;s.Popen(["apt-key","add","-"], stdin=s.PIPE).communicate(urllib2.urlopen("https://prosody.im/files/prosody-debian-packages.key").read())' RUN apt-get update # and install prosody and apg (to generate passwords) RUN apt-get install -y apg prosody-0.10 RUN apt-get clean # prosody use need to access (and write) certificates RUN adduser prosody tls-cert ################### # PROSODY MODULES # ################### WORKDIR /tmp RUN hg clone https://hg.prosody.im/prosody-modules/ prosody-modules WORKDIR prosody-modules RUN for mod in privilege delegation ipcheck http_upload;do cp mod_$mod/mod_$mod.lua /usr/lib/prosody/modules;done WORKDIR /tmp RUN rm -rf prosody-modules ################# # CONFIGURATION # ################# WORKDIR /etc/prosody RUN mkdir prosody_sat_cfg # we keep up-to-date configuration for this image on the repository RUN python -c 'import urllib2;f=open("prosody_sat_cfg/prosody.cfg.lua","w");f.write(urllib2.urlopen("https://repos.goffi.org/sat_docs/raw-file/tip/docker/prosody/prosody.cfg.lua").read())' RUN ln -fs prosody_sat_cfg/prosody.cfg.lua prosody.cfg.lua ############### # CERTIFICATE # ############### # We want to use the certificates in /usr/share/sat/certificates # and we don't want any certificate in the image, # they'll be generated at launch or mounted in container RUN rm -rf /etc/localhost.key /etc/prosody/certs/* ############################ # AUTOMATIC CONFIGURATION # ############################ # this script allow to call prosodyctl and get configuration variables from linked containers RUN echo '#!/usr/bin/env python2\n\ import subprocess, SimpleXMLRPCServer, os\n\ def prosodyctl(command, profile, pwd):\n\ process = subprocess.Popen(["prosodyctl", command, profile], stdin=subprocess.PIPE)\n\ if pwd:\n\ process.communicate("%s\\n%s"%(pwd,pwd))\n\ return process.wait()\n\ def getenv(variable):\n\ assert variable in ("SAT_PUBSUB_SECRET","SAT_SALUT_SECRET","DOMAIN")\n\ return os.getenv(variable)\n\ server = SimpleXMLRPCServer.SimpleXMLRPCServer(("0.0.0.0", 9999))\n\ server.register_function(prosodyctl, "prosodyctl")\n\ server.register_function(getenv, "getenv")\n\ server.serve_forever()' > /usr/local/bin/container_server && chmod 0555 /usr/local/bin/container_server # the following script is used to automatically generate passwords for components and certificate RUN echo '#!/bin/sh\n\ export SAT_PUBSUB_SECRET=$(apg -n 1)\n\ export SAT_SALUT_SECRET=$(apg -n 1)\n\ if [ -z $DOMAIN ]; then\n\ export DOMAIN="libervia.int"\n\ fi\n\ container_server&\n\ echo "domain used: $DOMAIN\n"\n\ if [ ! -f "/usr/share/sat/certificates/libervia.key" -o ! -f "/usr/share/sat/certificates/libervia.crt" ]; then\n\ echo "No certificate found, we generate one"\n\ openssl req -new -x509 -days 1825 -nodes -out "/usr/share/sat/certificates/libervia.crt"\ -newkey rsa:4096 -keyout "/usr/share/sat/certificates/libervia.key" -subj "/C=AU/CN=$DOMAIN"\n\ fi\n\ /usr/bin/prosody $@' > /usr/local/bin/prosody && chmod +x /usr/local/bin/prosody ######### # PORTS # ######### # client to server (C2S) EXPOSE 5222 # server to server (S2S) EXPOSE 5269 # HTTP upload EXPOSE 5280 # HTTP upload (HTTPS) EXPOSE 5281 ########## # LAUNCH # ########## # prosody need to access /var/run to write it's pid RUN mkdir -p /var/run/prosody; chown prosody:adm /var/run/prosody USER prosody ENTRYPOINT ["prosody"]