###############################################################
#                                                             #
#                     Salut à Toi/Prosody                     #
#  This Dockerfile build a Prosody version prepared for SàT   #
# Salut à Toi is a multi-frontends multi-purposes XMPP client #
#                                                             #
###############################################################

FROM salutatoi/sat_pubsub:latest

MAINTAINER Goffi <goffi@goffi.org>

############################
# AUTOMATIC CONFIGURATION  #
############################


COPY scripts/container_server scripts/prosody /usr/local/bin/
RUN chown root:root /usr/local/bin/container_server && \
chmod 0555 /usr/local/bin/container_server && \
chown root:root /usr/local/bin/prosody && \
chmod 0555 /usr/local/bin/prosody

########
# BASE #
########

RUN apt-get install -y --no-install-recommends lsb-release && \

# we add prosody repository and key
echo deb http://packages.prosody.im/debian $(lsb_release -sc) main > /etc/apt/sources.list.d/prosody.list && \
python -c 'import urllib2;import subprocess as s;s.Popen(["apt-key","add","-"], stdin=s.PIPE).communicate(urllib2.urlopen("https://prosody.im/files/prosody-debian-packages.key").read())' && \
apt-get update && \

# and install prosody and apg (to generate passwords)
apt-get install -y apg prosody-trunk && \
apt-get clean && \

# prosody user need to access (and write) certificates
adduser prosody tls-cert && \

# prosody need to access /var/run to write it's pid
mkdir -p /var/run/prosody; chown prosody:adm /var/run/prosody

###################
# PROSODY MODULES #
###################

RUN cd /tmp && \
hg clone https://hg.prosody.im/prosody-modules/ prosody-modules && \
cd prosody-modules && \
for mod in privilege delegation ipcheck http_upload;do cp mod_$mod/mod_$mod.lua /usr/lib/prosody/modules;done && \
cd /tmp && rm -rf prosody-modules

#################
# CONFIGURATION #
#################

ADD prosody.cfg.lua /etc/prosody/prosody_sat_cfg/
RUN cd /etc/prosody && chown -R prosody:prosody prosody_sat_cfg && \
ln -fs prosody_sat_cfg/prosody.cfg.lua prosody.cfg.lua && \

###############
# CERTIFICATE #
###############

# We want to use the certificates in /usr/share/sat/certificates
# and we don't want any certificate in the image,
# they'll be generated at launch or mounted in container
rm -rf /etc/localhost.key /etc/prosody/certs/*

#########
# PORTS #
#########

# client to server (C2S),
# server to server (S2S),
# HTTP upload,
# and HTTP upload (HTTPS)
EXPOSE 5222 5269 5280 5281

##########
# LAUNCH #
##########

USER prosody

ENTRYPOINT ["prosody"]