61 lines
2 KiB
Docker
61 lines
2 KiB
Docker
FROM nginx:alpine
|
|
|
|
# Metadata
|
|
LABEL base.image="docker.mimirdb.info/alpine_oraclejdk8_nginx"
|
|
LABEL version="0.4"
|
|
LABEL software="Vizier"
|
|
LABEL software.version="0.2.20191001"
|
|
|
|
ARG VIZIER_CONFIG="vizier_ecs.conf"
|
|
ENV VIZIER_CONFIG=$VIZIER_CONFIG
|
|
ENV VIZIER_DOMAIN="vizier.app"
|
|
ENV VIZIER_API_APP_PATH="/vizier-db/api/v1/"
|
|
ENV VIZIER_API_PROXY_PATH=""
|
|
ARG ACME_HOSTS="demo.vizier.app api.vizier.app vizier.vizier.app mimir.vizier.app spark.vizier.app hdfs.vizier.app proxy.vizier.app analytics.vizier.app"
|
|
ENV ACME_HOSTS=$ACME_HOSTS
|
|
ENV API_BASIC_AUTH=false
|
|
|
|
EXPOSE 80
|
|
EXPOSE 443
|
|
EXPOSE 22
|
|
EXPOSE 9001
|
|
|
|
COPY nginx.conf /etc/nginx/nginx.conf
|
|
COPY mime.types /etc/nginx/mime.types
|
|
COPY acme-client /etc/periodic/weekly/acme-client
|
|
|
|
RUN wget https://dl.eff.org/certbot-auto \
|
|
&& mv certbot-auto /usr/local/bin/certbot-auto \
|
|
&& chown root /usr/local/bin/certbot-auto \
|
|
&& chmod 0755 /usr/local/bin/certbot-auto
|
|
|
|
RUN apk add nginx nginx-mod-http-headers-more libressl openssh yarn supervisor git bash \
|
|
&& chmod +x /etc/periodic/weekly/acme-client \
|
|
&& rm /etc/nginx/conf.d/default.conf
|
|
|
|
#setup ssh
|
|
RUN echo 'root:odinlab' |chpasswd
|
|
RUN sed -ri 's/^#?PermitRootLogin\s+.*/PermitRootLogin yes/' /etc/ssh/sshd_config \
|
|
&& sed -ri 's/UsePAM yes/#UsePAM yes/g' /etc/ssh/sshd_config \
|
|
&& ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa \
|
|
&& ssh-keygen -f /etc/ssh/ssh_host_dsa_key -N '' -t dsa \
|
|
&& ssh-keygen -f /etc/ssh/ssh_host_ecdsa_key -N '' -t ecdsa \
|
|
&& ssh-keygen -f /etc/ssh/ssh_host_ed25519_key -N '' -t ed25519
|
|
|
|
COPY fullchain-ui.pem /usr/local/fullchain.pem
|
|
COPY ui.pem /usr/local/privkey.pem
|
|
COPY copy-certs.sh /usr/local/copy-certs.sh
|
|
RUN chmod +x /usr/local/copy-certs.sh \
|
|
&& /bin/bash -c /usr/local/copy-certs.sh
|
|
|
|
|
|
COPY $VIZIER_CONFIG /usr/local/$VIZIER_CONFIG
|
|
COPY entrypoint.sh /usr/local/entrypoint.sh
|
|
COPY supervisord.conf /etc/supervisord.conf
|
|
COPY .htpasswd /etc/nginx/.htpasswd
|
|
COPY .htpasswd /etc/nginx/.htpasswd_api
|
|
|
|
RUN chmod +x /usr/local/entrypoint.sh
|
|
|
|
ENTRYPOINT ["\/bin\/sh", "-c", "/usr/local/entrypoint.sh"]
|