FROM nginx:alpine

# Metadata
LABEL base.image="docker.mimirdb.info/alpine_oraclejdk8_nginx"
LABEL version="0.4"
LABEL software="Vizier"
LABEL software.version="0.2.20191001"

ARG VIZIER_CONFIG="vizier_ecs.conf"
ENV VIZIER_CONFIG=$VIZIER_CONFIG
ENV VIZIER_DOMAIN="vizier.app"
ENV VIZIER_API_APP_PATH="/vizier-db/api/v1/"
ENV VIZIER_API_PROXY_PATH=""
ARG ACME_HOSTS="demo.vizier.app api.vizier.app vizier.vizier.app mimir.vizier.app spark.vizier.app hdfs.vizier.app proxy.vizier.app analytics.vizier.app"
ENV ACME_HOSTS=$ACME_HOSTS
ENV API_BASIC_AUTH=false

EXPOSE 80
EXPOSE 443
EXPOSE 22
EXPOSE 9001

COPY nginx.conf /etc/nginx/nginx.conf
COPY mime.types /etc/nginx/mime.types
COPY acme-client /etc/periodic/weekly/acme-client

RUN wget https://dl.eff.org/certbot-auto \
 && mv certbot-auto /usr/local/bin/certbot-auto \
 && chown root /usr/local/bin/certbot-auto \
 && chmod 0755 /usr/local/bin/certbot-auto 

RUN apk add nginx nginx-mod-http-headers-more libressl openssh yarn supervisor git bash \
  && chmod +x /etc/periodic/weekly/acme-client \
  && rm /etc/nginx/conf.d/default.conf

#setup ssh
RUN echo 'root:odinlab' |chpasswd
RUN sed -ri 's/^#?PermitRootLogin\s+.*/PermitRootLogin yes/' /etc/ssh/sshd_config \
 && sed -ri 's/UsePAM yes/#UsePAM yes/g' /etc/ssh/sshd_config \
 && ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa \
 && ssh-keygen -f /etc/ssh/ssh_host_dsa_key -N '' -t dsa \
 && ssh-keygen -f /etc/ssh/ssh_host_ecdsa_key -N '' -t ecdsa \
 && ssh-keygen -f /etc/ssh/ssh_host_ed25519_key -N '' -t ed25519

COPY fullchain-ui.pem /usr/local/fullchain.pem
COPY ui.pem /usr/local/privkey.pem
COPY copy-certs.sh /usr/local/copy-certs.sh
RUN chmod +x /usr/local/copy-certs.sh \
 && /bin/bash -c /usr/local/copy-certs.sh


COPY $VIZIER_CONFIG /usr/local/$VIZIER_CONFIG
COPY entrypoint.sh /usr/local/entrypoint.sh
COPY supervisord.conf /etc/supervisord.conf
COPY .htpasswd /etc/nginx/.htpasswd
COPY .htpasswd /etc/nginx/.htpasswd_api

RUN chmod +x /usr/local/entrypoint.sh

ENTRYPOINT ["\/bin\/sh", "-c", "/usr/local/entrypoint.sh"]