Parcourir la source

Construct container with based images compatible with ARM

Fixes: https://github.com/lesspass/lesspass/issues/371
pull/410/head
Guillaume Vincent il y a 5 ans
Parent
révision
fe9ce4f252
6 fichiers modifiés avec 23 ajouts et 50 suppressions
  1. +3
    -1
      containers/.env
  2. +2
    -11
      containers/backend/Dockerfile
  3. +4
    -8
      containers/docker-compose.yml
  4. +6
    -21
      containers/webserver/Dockerfile
  5. +7
    -8
      containers/webserver/entrypoint.sh
  6. +1
    -1
      containers/webserver/generate_apache_conf.py

+ 3
- 1
containers/.env Voir le fichier

@@ -4,4 +4,6 @@ DATABASE_NAME=postgres
DATABASE_USER=postgres
DATABASE_PASSWORD=
DATABASE_HOST=db
DATABASE_PORT=5432
DATABASE_PORT=5432
FQDN=localhost
DEBUG=1

+ 2
- 11
containers/backend/Dockerfile Voir le fichier

@@ -1,20 +1,11 @@
FROM centos:7
FROM python:3.6

LABEL name="LessPass Backend"
LABEL maintainer="LessPass <contact@lesspass.com>"

ENV LANG en_US.UTF-8

RUN yum -y install centos-release-scl && \
yum -y install rh-python36 && \
yum clean all

RUN mkdir /opt/app
WORKDIR /opt/app

RUN source scl_source enable rh-python36 && \
python -m venv /opt/app/venv

RUN python -m venv /opt/app/venv
COPY requirements.txt /opt/app/
RUN /opt/app/venv/bin/python -m pip install --upgrade pip && \
/opt/app/venv/bin/python -m pip install -r requirements.txt


+ 4
- 8
containers/docker-compose.yml Voir le fichier

@@ -17,13 +17,9 @@ services:
ports:
- 80:80
- 443:443
environment:
FQDN: localhost
DEBUG: 1
env_file:
- .env
volumes:
- ./webserver/ssl:/ssl
- ./webserver:/webserver
- ./webserver/ssl:/opt/app/ssl
volumes:
postgresql:
www:
profiles:
postgresql:

+ 6
- 21
containers/webserver/Dockerfile Voir le fichier

@@ -1,27 +1,12 @@
FROM centos:7
FROM httpd:2.4

LABEL name="LessPass Web Server"
LABEL maintainer="LessPass <contact@lesspass.com>"

ENV LANG en_US.UTF-8
RUN apt-get update && apt-get install -y \
python3 \
python3-jinja2

RUN yum -y install centos-release-scl && \
yum -y install httpd openssl mod_ssl proxy_http rh-python36 && \
yum clean all
COPY . /opt/app/

RUN mkdir /opt/app
WORKDIR /opt/app

RUN source scl_source enable rh-python36 && \
python -m venv /opt/app/venv

RUN /opt/app/venv/bin/python -m pip install --upgrade pip && \
/opt/app/venv/bin/python -m pip install jinja2

COPY entrypoint.sh /opt/app/

EXPOSE 80 443

ENTRYPOINT ["/opt/app/entrypoint.sh"]

CMD ["/usr/sbin/httpd", "-D", "FOREGROUND"]
ENTRYPOINT ["/opt/app/entrypoint.sh"]

+ 7
- 8
containers/webserver/entrypoint.sh Voir le fichier

@@ -4,24 +4,23 @@ create_wildcard_certificate () {
openssl req -x509 -newkey rsa:4096 -nodes -keyout ${1}.key -out ${1}.crt -days 365 -subj "/C=FR/ST=Gironde/L=Bordeaux/O=LessPass/OU=LessPass/CN=*.${1}"
}

if [[ ! -f /ssl/${FQDN}.crt || ! -f /ssl/${FQDN}.key ]]; then
if [[ ! -f /opt/app/ssl/${FQDN}.crt || ! -f /opt/app/ssl/${FQDN}.key ]]; then
echo "${FQDN}.crt or ${FQDN}.key not found! Generate wildcard certificate"
cd /ssl
cd /opt/app/ssl
create_wildcard_certificate ${FQDN}
fi

mkdir -p /etc/httpd/ssl
mkdir -p /etc/httpd/ssl/private
chmod 755 /etc/httpd/ssl
chmod 710 /etc/httpd/ssl/private

cp /ssl/${FQDN}.crt /etc/httpd/ssl/
cp /opt/app/ssl/${FQDN}.crt /etc/httpd/ssl/
chmod 644 /etc/httpd/ssl/${FQDN}.crt

cp /ssl/${FQDN}.key /etc/httpd/ssl/private/
mkdir -p /etc/httpd/ssl/private
chmod 710 /etc/httpd/ssl/private
cp /opt/app/ssl/${FQDN}.key /etc/httpd/ssl/private/
chmod 640 /etc/httpd/ssl/private/${FQDN}.key

/opt/app/venv/bin/python /webserver/generate_apache_conf.py
/opt/app/venv/bin/python /opt/app/generate_apache_conf.py

cat /etc/httpd/conf.d/lesspass.conf


+ 1
- 1
containers/webserver/generate_apache_conf.py Voir le fichier

@@ -12,6 +12,6 @@ if __name__ == "__main__":
"DEBUG": os.environ.get("DEBUG", "0") == "1",
}
print(context)
jinja_template = Template(open("/webserver/lesspass.conf.j2").read())
jinja_template = Template(open("/opt/app/lesspass.conf.j2").read())
with open("/etc/httpd/conf.d/lesspass.conf", "w") as f:
f.write(jinja_template.render(context))

Chargement…
Annuler
Enregistrer