FROM java
MAINTAINER Disassembler <disassembler@dasm.cz>

RUN \
 # Install NodeJS runtime
 apk --no-cache add nodejs paxctl \
 # Fix grsec attributes to loosen memory protection restrictions
 && paxctl -cm /usr/bin/node \
 # Cleanup
 && apk --no-cache del paxctl

RUN \
 # Install Python2 runtime
 apk --no-cache add python2

RUN \
 # Install build dependencies
 apk --no-cache add --virtual .deps build-base git py2-pip \
 # Clone OpenMapKit
 && git clone --depth 1 https://github.com/posm/OpenMapKitServer /srv/openmapkit \
 && cd /srv/openmapkit \
 && git submodule update --init \
 # Install OpenMapKit dependencies
 && pip install -r requirements.txt \
 && npm install libxmljs \
 && npm install \
 # Create OS user
 && addgroup -S -g 8007 omk \
 && adduser -S -u 8007 -h /srv/openmapkit -s /bin/false -g omk -G omk omk \
 && chown -R omk:omk /srv/openmapkit \
 # Cleanup
 && apk --no-cache del .deps \
 && find /srv/openmapkit -name '.git*' -exec rm -rf {} + \
 && rm -rf /usr/local/share/.cache \
 && rm -rf /root/.cache /root/.config /root/.node-gyp /root/.npm

VOLUME ["/srv/openmapkit/data"]
EXPOSE 8080

USER omk
ENV NODE_ENV production
CMD ["node", "/srv/openmapkit/server.js"]