Spotter-VM/ccleanup/Dockerfile

FROM ruby
MAINTAINER Disassembler <disassembler@dasm.cz>

RUN \
 # Install NodeJS runtime
 apk --no-cache add nodejs paxctl \
 # Fix grsec attributes to loosen memory protection restrictions
 && paxctl -cm /usr/bin/node \
 # Cleanup
 && apk --no-cache del paxctl

RUN \
 # Install runtime dependencies
 apk --no-cache add libpq libxml2 libxslt tzdata

ENV RAILS_ENV production

RUN \
 # Install build dependencies
 apk --no-cache add --virtual .deps build-base git libxml2-dev libxslt-dev linux-headers postgresql-dev yarn zlib-dev \
 # Clone CrisisCleanup
 && git clone --depth 1 https://github.com/CrisisCleanup/crisiscleanup /srv/ccleanup \
 # Hackfix ruby dependency versions
 && sed -i 's/2\.2\.5/2.3.6/' /srv/ccleanup/Gemfile \
 && sed -i 's/rdoc (4\.2\.0)/rdoc (4.3.0)/' /srv/ccleanup/Gemfile.lock \
 # Install Ruby and NodeJS dependencies
 && cd /srv/ccleanup \
 && bundle config build.nokogiri --use-system-libraries \
 && bundle install \
 && npm install \
 && yarn \
 # Create CrisisCleanup secret
 && echo -e "production:\n  secret_key_base: $(rake secret)" >/srv/ccleanup/config/secrets.yml \
 # Generate static resources
 && rake assets:precompile \
 # Create OS user
 && addgroup -S -g 8005 ccleanup \
 && adduser -S -u 8005 -h /srv/ccleanup -s /bin/false -g ccleanup -G ccleanup ccleanup \
 && chown -R ccleanup:ccleanup /srv/ccleanup \
 # Cleanup
 && apk --no-cache del .deps \
 && find /srv/ccleanup -name '.git*' -exec rm -rf {} + \
 && rm -rf /usr/local/share/.cache \
 && rm -rf /root/.bundle /root/.config /root/.npm

VOLUME ["/srv/ccleanup/config"]
EXPOSE 8080

USER ccleanup
WORKDIR /srv/ccleanup
CMD ["rails", "server"]
Use ruby image as base for CrisisCleanup 2018-03-16 17:30:11 +01:00			`FROM ruby`
Alpinize + Dockerize Crisis Cleanup 2017-12-25 11:43:06 +01:00			`MAINTAINER Disassembler <disassembler@dasm.cz>`

Reorganize Dockerfiles 2018-01-08 21:04:35 +01:00			`RUN \`
			`# Install NodeJS runtime`
			`apk --no-cache add nodejs paxctl \`
			`# Fix grsec attributes to loosen memory protection restrictions`
			`&& paxctl -cm /usr/bin/node \`
			`# Cleanup`
Set --no-cache even for apk del as @tags confuse cache 2018-01-29 16:47:27 +01:00			`&& apk --no-cache del paxctl`
Reorganize Dockerfiles 2018-01-08 21:04:35 +01:00
Alpinize + Dockerize Crisis Cleanup 2017-12-25 11:43:06 +01:00			`RUN \`
			`# Install runtime dependencies`
Reorganize Dockerfiles 2018-01-08 21:04:35 +01:00			`apk --no-cache add libpq libxml2 libxslt tzdata`

Use ruby image as base for CrisisCleanup 2018-03-16 17:30:11 +01:00			`ENV RAILS_ENV production`

Reorganize Dockerfiles 2018-01-08 21:04:35 +01:00			`RUN \`
Alpinize + Dockerize Crisis Cleanup 2017-12-25 11:43:06 +01:00			`# Install build dependencies`
Reorganize Dockerfiles 2018-01-08 21:04:35 +01:00			`apk --no-cache add --virtual .deps build-base git libxml2-dev libxslt-dev linux-headers postgresql-dev yarn zlib-dev \`
Alpinize + Dockerize Crisis Cleanup 2017-12-25 11:43:06 +01:00			`# Clone CrisisCleanup`
Shorten CrisisClenup handle 2018-03-25 14:07:25 +02:00			`&& git clone --depth 1 https://github.com/CrisisCleanup/crisiscleanup /srv/ccleanup \`
Alpinize + Dockerize Crisis Cleanup 2017-12-25 11:43:06 +01:00			`# Hackfix ruby dependency versions`
Shorten CrisisClenup handle 2018-03-25 14:07:25 +02:00			`&& sed -i 's/2\.2\.5/2.3.6/' /srv/ccleanup/Gemfile \`
			`&& sed -i 's/rdoc (4\.2\.0)/rdoc (4.3.0)/' /srv/ccleanup/Gemfile.lock \`
Alpinize + Dockerize Crisis Cleanup 2017-12-25 11:43:06 +01:00			`# Install Ruby and NodeJS dependencies`
Shorten CrisisClenup handle 2018-03-25 14:07:25 +02:00			`&& cd /srv/ccleanup \`
Alpinize + Dockerize Crisis Cleanup 2017-12-25 11:43:06 +01:00			`&& bundle config build.nokogiri --use-system-libraries \`
			`&& bundle install \`
			`&& npm install \`
			`&& yarn \`
			`# Create CrisisCleanup secret`
Shorten CrisisClenup handle 2018-03-25 14:07:25 +02:00			`&& echo -e "production:\n secret_key_base: $(rake secret)" >/srv/ccleanup/config/secrets.yml \`
Alpinize + Dockerize Crisis Cleanup 2017-12-25 11:43:06 +01:00			`# Generate static resources`
			`&& rake assets:precompile \`
			`# Create OS user`
Shorten CrisisClenup handle 2018-03-25 14:07:25 +02:00			`&& addgroup -S -g 8005 ccleanup \`
			`&& adduser -S -u 8005 -h /srv/ccleanup -s /bin/false -g ccleanup -G ccleanup ccleanup \`
			`&& chown -R ccleanup:ccleanup /srv/ccleanup \`
Alpinize + Dockerize Crisis Cleanup 2017-12-25 11:43:06 +01:00			`# Cleanup`
Set --no-cache even for apk del as @tags confuse cache 2018-01-29 16:47:27 +01:00			`&& apk --no-cache del .deps \`
Shorten CrisisClenup handle 2018-03-25 14:07:25 +02:00			`&& find /srv/ccleanup -name '.git*' -exec rm -rf {} + \`
Alpinize + Dockerize Crisis Cleanup 2017-12-25 11:43:06 +01:00			`&& rm -rf /usr/local/share/.cache \`
Cleanup root directory without recreating it 2018-01-24 16:28:41 +01:00			`&& rm -rf /root/.bundle /root/.config /root/.npm`
Alpinize + Dockerize Crisis Cleanup 2017-12-25 11:43:06 +01:00
Shorten CrisisClenup handle 2018-03-25 14:07:25 +02:00			`VOLUME ["/srv/ccleanup/config"]`
Unify CrisisCleanup naming and nginx configuration for spotter-appmgr 2018-03-25 22:59:42 +02:00			`EXPOSE 8080`
Alpinize + Dockerize Crisis Cleanup 2017-12-25 11:43:06 +01:00
Shorten CrisisClenup handle 2018-03-25 14:07:25 +02:00			`USER ccleanup`
			`WORKDIR /srv/ccleanup`
Alpinize + Dockerize Crisis Cleanup 2017-12-25 11:43:06 +01:00			`CMD ["rails", "server"]`