# HG changeset patch # User Chris Cannam # Date 1501764175 -3600 # Node ID ae2f71010562e2ce2de5f00bf615f830f86871d8 # Parent 26a4f99ec6794f22f29fa47d46c028fd26580894 More poking around with Docker diff -r 26a4f99ec679 -r ae2f71010562 extra/soundsoftware/dockertest/Dockerfile --- a/extra/soundsoftware/dockertest/Dockerfile Wed Aug 02 18:59:22 2017 +0100 +++ b/extra/soundsoftware/dockertest/Dockerfile Thu Aug 03 13:42:55 2017 +0100 @@ -1,37 +1,93 @@ + +# For documentation and experimental purposes only. As a +# reconstruction of the machine image that runs this application, +# there are lots of things missing here; meanwhile as a good Docker +# configuration, it fails in mixing together rather a lot of concerns. + FROM ubuntu:16.04 MAINTAINER Chris Cannam + RUN apt-get update && \ apt-get install -y \ + apache2 \ + apache2-dev \ + apt-utils \ build-essential \ - git mercurial \ - curl wget rsync libcurl4-openssl-dev \ - logrotate cron \ - apache2 apache2-dev libapr1-dev libaprutil1-dev \ - ruby ruby-dev \ - postgresql libpq-dev \ + cron \ + curl \ + doxygen \ + exim4 \ + git \ + graphviz \ + imagemagick \ + libapache-dbi-perl \ + libapache2-mod-perl2 \ + libapr1-dev \ + libaprutil1-dev \ + libauthen-simple-ldap-perl \ + libcurl4-openssl-dev \ + libdbd-pg-perl \ + libpq-dev \ + libmagickwand-dev \ + libio-socket-ssl-perl \ + logrotate \ + mercurial \ openjdk-9-jdk-headless \ - libapache2-mod-perl2 \ - imagemagick libmagickwand-dev graphviz \ - doxygen \ - exim4 + postgresql \ + rsync \ + ruby \ + ruby-dev \ + sudo \ + supervisor + + +# Passenger gets installed through gem, not apt + +RUN gem install passenger -v 4.0.60 --no-rdoc --no-ri +RUN passenger-install-apache2-module --languages=ruby + + +# Copy across webapp, set up ownership + +COPY . /var/www/code + RUN groupadd code RUN useradd -g code -G www-data code -RUN gem install passenger -v 4.0.60 --no-rdoc --no-ri -RUN passenger-install-apache2-module --languages=ruby -COPY . /var/www/code RUN chown -R code.www-data /var/www/code -RUN find /var/www/code -type d -exec chmod g+x \{\} \; +RUN find /var/www/code -type d -exec chmod g+s \{\} \; + + +# We're based in the code webapp directory from here on + WORKDIR /var/www/code -RUN echo \ -'production:\n\ - adapter: postgresql\n\ - database: code\n\ - host: localhost\n\ - username: code\n\ - password: "example"\n' | sed 's/\\n/\n/g' > config/database.yml + + +# Set up Apache config and webapp database config (todo: insert variables) + +RUN cp extra/soundsoftware/dockertest/code.conf /etc/apache2/sites-available/ +RUN cp extra/soundsoftware/dockertest/database.yml config/database.yml + + +# Install Rails dependencies (database.yml must be populated before this) + RUN gem install bundler RUN bundle install -RUN ps auxw|grep postgres -RUN apt-get install sudo + + +# Import Postgres database from postgres-dumpall file + RUN chown postgres postgres-dumpall -RUN /etc/init.d/postgresql start && sudo -u postgres psql -f postgres-dumpall postgres +RUN /etc/init.d/postgresql start && \ + sudo -u postgres psql -f postgres-dumpall postgres + + +# Install Perl auth module for Hg access + +RUN mkdir -p /usr/local/lib/site_perl/Apache/Authn/ +RUN cp extra/soundsoftware/SoundSoftware.pm /usr/local/lib/site_perl/Apache/Authn/ + + +# Enable site for Apache + +RUN ln -s ../sites-available/code.conf /etc/apache2/sites-enabled/10-code.conf +RUN apache2ctl configtest diff -r 26a4f99ec679 -r ae2f71010562 extra/soundsoftware/dockertest/code.conf --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/extra/soundsoftware/dockertest/code.conf Thu Aug 03 13:42:55 2017 +0100 @@ -0,0 +1,93 @@ + +# A test Apache config. Lacks SSL, lacks a desirable extra layer of +# authentication for admin interface paths. Do not deploy this. + +PerlLoadModule Apache::Authn::SoundSoftware + + + ServerName code.soundsoftware.ac.uk + ServerAdmin chris.cannam@soundsoftware.ac.uk + + DocumentRoot /var/www/code/public + PassengerRestartDir restart_files + PassengerHighPerformance on + PassengerMaxRequests 50000 + PassengerStatThrottleRate 5 + PassengerStartTimeout 60 + PassengerFriendlyErrorPages off + RailsSpawnMethod smart + ExpiresDefault "access plus 1 minute" + + + Order allow,deny + Deny from all + Satisfy All + + + + Order allow,deny + Deny from all + Satisfy All + + + + Order allow,deny + Deny from all + Satisfy All + + + + Options -MultiViews + + + + # Avoid other sites embedding our fonts + RewriteEngine on + RewriteCond %{HTTP_REFERER} !^$ + RewriteCond %{HTTP_REFERER} !^http(s)?://code.soundsoftware.ac.uk/.*$ [NC] + RewriteRule \.(ttf|woff|eot|otf|svg|zip|gz|html|txt)$ - [F] + + + ScriptAlias /hg "/var/hg/index.cgi" + + + AuthName "Mercurial" + AuthType Basic + Require valid-user + PerlAccessHandler Apache::Authn::SoundSoftware::access_handler + PerlAuthenHandler Apache::Authn::SoundSoftware::authen_handler + PerlSetVar HTTPS "on" + SoundSoftwareDSN "dbi:Pg:database=code;host=localhost" + SoundSoftwareDbUser "code" + SoundSoftwareDbPass "INSERT_POSTGRES_PASSWORD_HERE" + SoundSoftwareRepoPrefix "/var/hg/" + SoundSoftwareSslRequired "on" + Options +ExecCGI + AddHandler cgi-script .cgi + ExpiresDefault now + + + Alias /git "/var/files/git-mirror" + + + Options -Indexes +FollowSymLinks + Order allow,deny + Allow from all + + + Order allow,deny + Deny from all + + + Order allow,deny + Deny from all + + + ErrorLog /var/log/apache2/code-error.log + CustomLog /var/log/apache2/code-access.log vhost_combined + + LogLevel warn + ServerSignature Off + + + diff -r 26a4f99ec679 -r ae2f71010562 extra/soundsoftware/dockertest/database.yml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/extra/soundsoftware/dockertest/database.yml Thu Aug 03 13:42:55 2017 +0100 @@ -0,0 +1,7 @@ +production: + adapter: postgresql + database: code + host: localhost + username: code + password: "INSERT_POSTGRES_PASSWORD_HERE" +