This repository has been archived by the owner on Sep 18, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 9
/
Dockerfile
174 lines (149 loc) · 6.58 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
FROM tomcat:9.0
LABEL maintainer="Jahia Devops team <paas@jahia.com>"
# Image components
ARG BASE_URL="https://downloads.jahia.com/downloads/jahia/jahia8.0.0/Jahia-EnterpriseDistribution-8.0.0.0-r60557.4681.jar"
ARG DBMS_TYPE="mariadb"
ARG INSTALL_FILE_SUFFIX="_v8"
ARG DEBUG_TOOLS="false"
ARG FFMPEG="false"
ARG HEALTHCHECK_VER="2.3.1"
ARG LIBREOFFICE="false"
ARG MAVEN_VER="3.6.3"
ARG MAVEN_BASE_URL="https://mirrors.ircam.fr/pub/apache/maven/maven-3"
ARG MODULES_BASE_URL="https://store.jahia.com/cms/mavenproxy/private-app-store/org/jahia/modules"
ARG IMAGEMAGICK_BINARIES_DOWNLOAD_URL="https://imagemagick.org/archive/binaries/magick"
ARG LOG_MAX_DAYS="5"
# Jahia's properties
ARG DS_IN_DB="true"
ARG DS_PATH="/datastore/jahia"
ARG JMANAGER_PASS="fakepassword"
ARG JMANAGER_USER="jahia"
ARG MAX_UPLOAD="268435456"
ARG OPERATING_MODE="development"
ARG PROCESSING_SERVER="false"
ARG SUPER_USER_PASSWORD="fakepassword"
ARG MAX_RAM_PERCENTAGE=25
ARG MAVEN_XMX="256m"
# Database's properties
ARG DB_HOST="mariadb"
ARG DB_NAME="jahia"
ARG DB_USER="jahia"
ARG DB_PASS="fakepassword"
# Container user
ARG C_USER="tomcat"
ARG C_GROUP="tomcat"
ENV RESTORE_MODULE_STATES="true"
ENV RESTORE_PERSISTED_CONFIGURATION="true"
ENV INITIAL_FACTORY_DATA="/usr/local/tomcat/digital-factory-data"
ENV FACTORY_DATA="/data/digital-factory-data"
ENV FACTORY_CONFIG="/usr/local/tomcat/conf/digital-factory-config"
ENV PROCESSING_SERVER="$PROCESSING_SERVER"
ENV OPERATING_MODE="$OPERATING_MODE"
ENV MAX_UPLOAD="$MAX_UPLOAD"
ENV MAX_RAM_PERCENTAGE="$MAX_RAM_PERCENTAGE"
ENV MAVEN_OPTS="-Xmx$MAVEN_XMX"
ENV CATALINA_BASE="/usr/local/tomcat" CATALINA_HOME="/usr/local/tomcat" CATALINA_TMPDIR="/usr/local/tomcat/temp" LOG_MAX_DAYS="$LOG_MAX_DAYS"
ENV DBMS_TYPE="$DBMS_TYPE" DB_HOST="$DB_HOST" DB_NAME="$DB_NAME" DB_USER="$DB_USER" DB_PASS="$DB_PASS"
ENV JMANAGER_USER="$JMANAGER_USER" JMANAGER_PASS="$JMANAGER_PASS" SUPER_USER_PASSWORD="$SUPER_USER_PASSWORD"
ENV DS_IN_DB="$DS_IN_DB" DS_PATH="$DS_PATH"
COPY config_mariadb$INSTALL_FILE_SUFFIX.xml /tmp
COPY config_postgresql$INSTALL_FILE_SUFFIX.xml /tmp
COPY entrypoint.sh /
WORKDIR /tmp
# these two files need to be copied on the same line since we want to copy installer.jar IF it exists, and copy doesn't support conditional copy (only copy if file exists)
COPY entrypoint.sh installer.jar* ./
COPY reset-jahia-tools-manager-password.py /usr/local/bin
RUN apt-get update \
&& packages="unzip wget python3 jq ncat libx11-6 libharfbuzz0b libfribidi0" \
&& case "$DBMS_TYPE" in \
"mariadb") packages="$packages mariadb-client";; \
"postgresql") packages="$packages postgresql-client";; \
esac \
&& if $DEBUG_TOOLS; then \
packages="$packages vim binutils"; \
fi \
&& if $LIBREOFFICE; then \
packages="$packages libreoffice"; \
fi \
&& if $FFMPEG; then \
packages="$packages ffmpeg"; \
fi \
&& apt-get install -y --no-install-recommends \
$packages \
&& rm -rf /var/lib/apt/lists/*
RUN printf "Start Jahia's installation...\n" \
&& ls -l \
&& if [ ! -f "installer.jar" ]; then \
wget --progress=dot:giga -O installer.jar $BASE_URL; \
fi \
&& wget --progress=dot:giga -O maven.zip $MAVEN_BASE_URL/$MAVEN_VER/binaries/apache-maven-$MAVEN_VER-bin.zip \
&& sed -e "s/\${MAVEN_VER}/$MAVEN_VER/" \
-e "s/\${DS_IN_DB}/$DS_IN_DB/" \
-i /tmp/config_$DBMS_TYPE$INSTALL_FILE_SUFFIX.xml \
&& java -jar installer.jar config_$DBMS_TYPE$INSTALL_FILE_SUFFIX.xml \
&& unzip -q maven.zip -d /opt \
&& rm -f installer.jar config_*.xml maven.zip \
&& mv /data/jahia/tomcat/webapps/* /usr/local/tomcat/webapps \
&& mv /data/jahia/tomcat/lib/* /usr/local/tomcat/lib/ \
&& mv ${FACTORY_DATA} ${INITIAL_FACTORY_DATA} \
&& chmod +x /entrypoint.sh \
&& sed -e "s#common.loader=\"\\\$#common.loader=\"/usr/local/tomcat/conf/digital-factory-config\",\"\$#g" \
-i /usr/local/tomcat/conf/catalina.properties \
&& echo
## fix hadolint DL4006
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN unzip -aap /usr/local/tomcat/webapps/ROOT/WEB-INF/lib/jahia-impl-*.jar META-INF/MANIFEST.MF \
| awk '$1~/^Implementation-Version/ {split($2,a,"-");print a[1]}' > /usr/local/tomcat/jahia-version.txt \
&& echo Current Jahia Version : "$(cat /usr/local/tomcat/jahia-version.txt)"
ADD $MODULES_BASE_URL/healthcheck/$HEALTHCHECK_VER/healthcheck-$HEALTHCHECK_VER.jar \
${INITIAL_FACTORY_DATA}/modules/healthcheck-$HEALTHCHECK_VER.jar
COPY optional_modules* /tmp
## allows the Docker build to continue if no modules were provided
RUN mv /tmp/*.jar ${FACTORY_DATA}/modules || true
# Add CORS filter for GraphQL queries
COPY filter_graphql_update.xml /tmp
RUN line=$(awk '/<listener>/ {print NR-1; exit}' /usr/local/tomcat/webapps/ROOT/WEB-INF/web.xml) \
&& sed "$line r /tmp/filter_graphql_update.xml" -i /usr/local/tomcat/webapps/ROOT/WEB-INF/web.xml \
&& rm /tmp/filter_graphql_update.xml
# logs retention
RUN sed 's/^\([^#].*\.maxDays\s*=\s*\).*$/\1'$LOG_MAX_DAYS'/' -i /usr/local/tomcat/conf/logging.properties \
&& sed '/name="ROLL"/,+2 s/debug/warn/' -i /usr/local/tomcat/webapps/ROOT/WEB-INF/etc/config/log4j.xml
# Retrieve latest ImageMagick binaries
RUN echo "Retrieve latest ImageMagick binaries..." \
&& wget --progress=dot:mega -O magick $IMAGEMAGICK_BINARIES_DOWNLOAD_URL \
&& chmod +x magick \
&& ./magick --appimage-extract \
&& mkdir /opt/magick \
&& mv squashfs-root/usr/* /opt/magick \
&& rm -rf /opt/magick/share/ squashfs-root/ ./magick
# add container user and grant permissions
RUN groupadd -g 999 $C_GROUP
RUN useradd -r -u 999 -g $C_GROUP $C_USER -d $CATALINA_BASE/temp -m
RUN mkdir -p $FACTORY_DATA \
&& chown -R $C_USER: $CATALINA_BASE /data \
&& chown $C_USER: /entrypoint.sh
RUN $DS_IN_DB || ( mkdir -p $DS_PATH \
&& chown -R $C_USER:$C_GROUP $DS_PATH )
USER $C_USER
STOPSIGNAL SIGINT
EXPOSE 8080
EXPOSE 7860
EXPOSE 7870
HEALTHCHECK --interval=30s \
--timeout=5s \
--start-period=600s \
--retries=3 \
CMD cookie="/var/tmp/healthcheck.cookie" \
jsonhealth=$(curl http://localhost:8080/healthcheck -s -u root:$SUPER_USER_PASSWORD -c $cookie -b $cookie); \
exitcode=$?; \
if (test $exitcode -ne 0); then \
echo "cURL's exit code: $exitcode"; \
exit 1; \
fi; \
echo $jsonhealth; \
if (test "$(echo $jsonhealth | jq -r '.status')" = "GREEN"); then \
exit 0; \
else \
exit 1; \
fi
CMD ["/entrypoint.sh"]