forked from kiwitcms/Kiwi
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
51 lines (43 loc) · 2.08 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
FROM registry.access.redhat.com/ubi8/ubi-minimal
RUN microdnf --nodocs install python38 mariadb-connector-c libpq \
httpd python38-mod_wsgi mod_ssl sscg tar && \
microdnf --nodocs update && \
microdnf clean all
# Apache configuration for non-root users
EXPOSE 8080
EXPOSE 8443
COPY ./httpd-foreground /httpd-foreground
CMD /httpd-foreground
RUN sed -i 's/Listen 80/Listen 8080/' /etc/httpd/conf/httpd.conf && \
sed -i 's/Listen 443/Listen 8443/' /etc/httpd/conf.d/ssl.conf && \
sed -i 's!ErrorLog "logs/error_log"!ErrorLog "/dev/stderr"!' /etc/httpd/conf/httpd.conf && \
sed -i 's!CustomLog "logs/access_log"!CustomLog "/dev/stdout"!' /etc/httpd/conf/httpd.conf && \
sed -i 's!ErrorLog logs/ssl_error_log!ErrorLog "/dev/stderr"!' /etc/httpd/conf.d/ssl.conf && \
sed -i 's!TransferLog logs/ssl_access_log!TransferLog "/dev/stdout"!' /etc/httpd/conf.d/ssl.conf && \
sed -i 's!CustomLog logs/ssl_request_log!CustomLog "/dev/stdout"!' /etc/httpd/conf.d/ssl.conf && \
chmod -R a+rwx /run/httpd
COPY ./etc/kiwi-httpd.conf /etc/httpd/conf.d/
ENV PATH /venv/bin:${PATH} \
VIRTUAL_ENV /venv
# copy virtualenv dir which has been built inside the kiwitcms/buildroot container
# this helps keep -devel dependencies outside of this image
COPY ./dist/venv/ /venv
COPY ./manage.py /Kiwi/
# create directories so we can properly set ownership for them
RUN mkdir /Kiwi/ssl /Kiwi/static /Kiwi/uploads
# generate self-signed SSL certificate
RUN /usr/bin/sscg -v -f \
--country BG --locality Sofia \
--organization "Kiwi TCMS" \
--organizational-unit "Quality Engineering" \
--ca-file /Kiwi/static/ca.crt \
--cert-file /Kiwi/ssl/localhost.crt \
--cert-key-file /Kiwi/ssl/localhost.key
RUN sed -i "s/tcms.settings.devel/tcms.settings.product/" /Kiwi/manage.py && \
ln -s /Kiwi/ssl/localhost.crt /etc/pki/tls/certs/localhost.crt && \
ln -s /Kiwi/ssl/localhost.key /etc/pki/tls/private/localhost.key
# collect static files
RUN /Kiwi/manage.py collectstatic --noinput --link
# from now on execute as non-root
RUN chown -R 1001 /Kiwi/ /venv/
USER 1001