1+ FROM debian:stretch-slim
2+
3+ LABEL authors="Julien Neuhart <j.neuhart@thecodingmachine.com>, David Négrier <d.negrier@thecodingmachine.com>"
4+
5+ # |--------------------------------------------------------------------------
6+ # | Required libraries
7+ # |--------------------------------------------------------------------------
8+ # |
9+ # | Installs required libraries.
10+ # |
11+
12+ RUN apt-get update &&\
13+ apt-get install -y --no-install-recommends curl git nano sudo ca-certificates procps libfontconfig --no-install-recommends
14+
15+ # |--------------------------------------------------------------------------
16+ # | Supercronic
17+ # |--------------------------------------------------------------------------
18+ # |
19+ # | Supercronic is a drop-in replacement for cron (for containers).
20+ # |
21+
22+ RUN SUPERCRONIC_URL=https://github.com/aptible/supercronic/releases/download/v0.1.5/supercronic-linux-amd64 \
23+ && SUPERCRONIC=supercronic-linux-amd64 \
24+ && SUPERCRONIC_SHA1SUM=9aeb41e00cc7b71d30d33c57a2333f2c2581a201 \
25+ && curl -fsSLO "$SUPERCRONIC_URL" \
26+ && echo "${SUPERCRONIC_SHA1SUM} ${SUPERCRONIC}" | sha1sum -c - \
27+ && chmod +x "$SUPERCRONIC" \
28+ && mv "$SUPERCRONIC" "/usr/local/bin/${SUPERCRONIC}" \
29+ && ln -s "/usr/local/bin/${SUPERCRONIC}" /usr/local/bin/supercronic
30+
31+ # |--------------------------------------------------------------------------
32+ # | User
33+ # |--------------------------------------------------------------------------
34+ # |
35+ # | Define a default user with sudo rights.
36+ # |
37+
38+ RUN useradd -ms /bin/bash docker && adduser docker sudo
39+ # Users in the sudoers group can sudo as root without password.
40+ RUN echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
41+
42+
43+
44+ # |--------------------------------------------------------------------------
45+ # | Apache
46+ # |--------------------------------------------------------------------------
47+ # |
48+ # | Installs Apache.
49+ # |
50+
51+ RUN apt-get update \
52+ && apt-get install -y --no-install-recommends \
53+ apache2 \
54+ && rm -rf /var/lib/apt/lists/*
55+
56+ ENV APACHE_CONFDIR /etc/apache2
57+ ENV APACHE_ENVVARS $APACHE_CONFDIR/envvars
58+
59+ RUN set -ex \
60+ \
61+ # generically convert lines like
62+ # export APACHE_RUN_USER=www-data
63+ # into
64+ # : ${APACHE_RUN_USER:=www-data}
65+ # export APACHE_RUN_USER
66+ # so that they can be overridden at runtime ("-e APACHE_RUN_USER=...")
67+ && sed -ri 's/^export ([^=]+)=(.*)$/: ${\1:=\2}\nexport \1/' "$APACHE_ENVVARS" \
68+ \
69+ # setup directories and permissions
70+ && . "$APACHE_ENVVARS" \
71+ && for dir in \
72+ "$APACHE_LOCK_DIR" \
73+ "$APACHE_RUN_DIR" \
74+ "$APACHE_LOG_DIR" \
75+ /var/www/html \
76+ ; do \
77+ rm -rvf "$dir" \
78+ && mkdir -p "$dir" \
79+ && chown -R "$APACHE_RUN_USER:$APACHE_RUN_GROUP" "$dir"; \
80+ done
81+
82+ # logs should go to stdout / stderr
83+ RUN set -ex \
84+ && . "$APACHE_ENVVARS" \
85+ && ln -sfT /dev/stderr "$APACHE_LOG_DIR/error.log" \
86+ && ln -sfT /dev/stdout "$APACHE_LOG_DIR/access.log" \
87+ && ln -sfT /dev/stdout "$APACHE_LOG_DIR/other_vhosts_access.log"
88+
89+ ENV APACHE_DOCUMENT_ROOT /
90+
91+ RUN { \
92+ echo 'DirectoryIndex disabled'; \
93+ echo 'DirectoryIndex index.html'; \
94+ echo; \
95+ echo '<Directory /var/www/>'; \
96+ echo '\tOptions -Indexes'; \
97+ echo '\tAllowOverride All'; \
98+ echo '</Directory>'; \
99+ } | tee "$APACHE_CONFDIR/conf-available/nodejs.conf" \
100+ && a2enconf nodejs
101+
102+ RUN sed -ri -e 's!/var/www/html!/var/www/html/${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/sites-available/*.conf
103+ RUN sed -ri -e 's!/var/www/!/var/www/html/${APACHE_DOCUMENT_ROOT}!g' /etc/apache2/apache2.conf /etc/apache2/conf-available/*.conf
104+
105+ # |--------------------------------------------------------------------------
106+ # | Apache mod_rewrite
107+ # |--------------------------------------------------------------------------
108+ # |
109+ # | Enables Apache mod_rewrite.
110+ # |
111+
112+ RUN a2enmod rewrite
113+
114+
115+ # |--------------------------------------------------------------------------
116+ # | NodeJS
117+ # |--------------------------------------------------------------------------
118+ # |
119+ # | Installs NodeJS and npm.
120+ # |
121+
122+ RUN apt-get update &&\
123+ apt-get install -y --no-install-recommends gnupg &&\
124+ curl -sL https://deb.nodesource.com/setup_18.x | bash - &&\
125+ apt-get update &&\
126+ apt-get install -y --no-install-recommends nodejs
127+
128+ # |--------------------------------------------------------------------------
129+ # | yarn
130+ # |--------------------------------------------------------------------------
131+ # |
132+ # | Installs yarn. It provides some nice improvements over npm.
133+ # |
134+
135+ RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - &&\
136+ echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list &&\
137+ apt-get update &&\
138+ apt-get install -y --no-install-recommends yarn
139+
140+ # |--------------------------------------------------------------------------
141+ # | PATH updating
142+ # |--------------------------------------------------------------------------
143+ # |
144+ # | Let's add ./node_modules/.bin to the PATH (utility function to use NPM bin easily)
145+ # |
146+
147+ ENV PATH="$PATH:./node_modules/.bin"
148+ RUN sed -i 's#/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin#/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:./node_modules/.bin#g' /etc/sudoers
149+
150+ USER docker
151+ # |--------------------------------------------------------------------------
152+ # | SSH client
153+ # |--------------------------------------------------------------------------
154+ # |
155+ # | Let's set-up the SSH client (for connections to private git repositories)
156+ # | We create an empty known_host file and we launch the ssh-agent
157+ # |
158+
159+ RUN mkdir ~/.ssh && touch ~/.ssh/known_hosts && chmod 644 ~/.ssh/known_hosts && eval $(ssh-agent -s)
160+
161+ # |--------------------------------------------------------------------------
162+ # | .bashrc updating
163+ # |--------------------------------------------------------------------------
164+ # |
165+ # | Let's update the .bashrc to add nice aliases
166+ # |
167+ RUN { \
168+ echo "alias ls='ls --color=auto'"; \
169+ echo "alias ll='ls --color=auto -alF'"; \
170+ echo "alias la='ls --color=auto -A'"; \
171+ echo "alias l='ls --color=auto -CF'"; \
172+ } >> ~/.bashrc
173+
174+ USER root
175+
176+
177+ # |--------------------------------------------------------------------------
178+ # | Entrypoint
179+ # |--------------------------------------------------------------------------
180+ # |
181+ # | Defines the entrypoint.
182+ # |
183+
184+ ENV NODE_VERSION=18.x
185+
186+
187+ RUN mkdir -p /var/www/html && chown docker:docker /var/www/html
188+ WORKDIR /var/www/html
189+
190+
191+ # Add Tini (to be able to stop the container with ctrl-c.
192+ # See: https://github.com/krallin/tini
193+ ENV TINI_VERSION v0.16.1
194+ ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini
195+ RUN chmod +x /tini
196+
197+ COPY utils/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
198+ COPY utils/docker-entrypoint-as-root.sh /usr/local/bin/docker-entrypoint-as-root.sh
199+ COPY utils/startup_commands.js /usr/local/bin/startup_commands.js
200+ COPY utils/generate_cron.js /usr/local/bin/generate_cron.js
201+
202+
203+ COPY utils/enable_apache_mods.js /usr/local/bin/enable_apache_mods.js
204+ COPY utils/apache-expose-envvars.sh /usr/local/bin/apache-expose-envvars.sh
205+
206+ # Let's register a servername to remove the message "apache2: Could not reliably determine the server's fully qualified domain name, using 172.17.0.2. Set the 'ServerName' directive globally to suppress this message"
207+ RUN echo "ServerName localhost" > /etc/apache2/conf-available/servername.conf
208+ RUN a2enconf servername
209+
210+ EXPOSE 80
211+
212+ # |--------------------------------------------------------------------------
213+ # | Apache user
214+ # |--------------------------------------------------------------------------
215+ # |
216+ # | Defines Apache user. By default, we switch this to "docker" user.
217+ # | This way, no problem to write from Apache in the current working directory.
218+ # | Important! This should be changed back to www-data in production.
219+ # |
220+
221+ ENV APACHE_RUN_USER=docker \
222+ APACHE_RUN_GROUP=docker
223+
224+ COPY utils/apache2-foreground /usr/local/bin/
225+ CMD ["apache2-foreground"]
226+
227+
228+
229+
230+ ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
231+
232+ USER docker
0 commit comments