Merge branch 'master' of gitlab.brainfood.com:brainfood/docker-image-recipes
Showing
33 changed files
with
412 additions
and
27 deletions
LICENSE
0 → 100644
1 | The MIT License (MIT) | ||
2 | |||
3 | Copyright (c) 2017 brainfood.com | ||
4 | |||
5 | Permission is hereby granted, free of charge, to any person obtaining a copy | ||
6 | of this software and associated documentation files (the "Software"), to deal | ||
7 | in the Software without restriction, including without limitation the rights | ||
8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell | ||
9 | copies of the Software, and to permit persons to whom the Software is | ||
10 | furnished to do so, subject to the following conditions: | ||
11 | |||
12 | The above copyright notice and this permission notice shall be included in all | ||
13 | copies or substantial portions of the Software. | ||
14 | |||
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | ||
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | ||
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE | ||
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | ||
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, | ||
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE | ||
21 | SOFTWARE. |
README
0 → 100644
1 | This repository contains a series of simple docker image recipes. These are | ||
2 | meant to be referenced via docker-compose, and built for each project | ||
3 | separately. No sharing of images. This provides sanity for each project, as | ||
4 | you don't have to worry about an image changing underneath you. It also means | ||
5 | that you can be certain you can rebuild on your own whenever the situation | ||
6 | calls for it. | ||
7 | |||
8 | Here are the best practices in these files: | ||
9 | |||
10 | * Generally, any image listed here should run without any external | ||
11 | dependencies. No includes from other images, etc. This makes it easier to | ||
12 | understand and extend. | ||
13 | |||
14 | * Each Dockerfile is designed to have minimal layers. This makes rebuilds | ||
15 | faster, as there are less docker-runs. It also makes many things easier to | ||
16 | accomplish, as there is a real shell script that can do sophisticated | ||
17 | things. | ||
18 | |||
19 | * Images also tend to make use of standard, unmodified debian packages. Let | ||
20 | someone else do the hard-work of system integration, while these recipes | ||
21 | then just do slight tweaks. | ||
22 | |||
23 | * Any files that need to be shared between a host and a container should make | ||
24 | use of UID/GID being sent in from the host. The daemon in the container | ||
25 | should run as the UID/GID, and it's files changed to have that ownership. | ||
26 | |||
27 | During entrypoint, the target container user is then modified to have the | ||
28 | correct uid/gid setting. If there is no target user, then one should be | ||
29 | added during the image build, generally calling it hostuser/hostgroup. | ||
30 | |||
31 | * Daemons that have complex binary file setups should have those files created | ||
32 | during image build, then the entire structure placed in a tarball. The | ||
33 | entrypoint can then extract this seed tarball, but only if the target | ||
34 | directory is empty. This allows for the volume mounting of these | ||
35 | directories from the host. Make certain the uid/gid mapping is sane when | ||
36 | this occurs. |
... | @@ -4,12 +4,12 @@ set -ex | ... | @@ -4,12 +4,12 @@ set -ex |
4 | 4 | ||
5 | hostuser_home="$(getent passwd hostuser | cut -f 6 -d :)" | 5 | hostuser_home="$(getent passwd hostuser | cut -f 6 -d :)" |
6 | 6 | ||
7 | if [[ $GID ]]; then | 7 | if [[ $GID && $GID -ne 0 ]]; then |
8 | old_gid=$(getent group hostgroup | cut -f 3 -d :) | 8 | old_gid=$(getent group hostgroup | cut -f 3 -d :) |
9 | groupmod -g $GID hostgroup | 9 | groupmod -g $GID hostgroup |
10 | find "$hostuser_home" -gid $old_gid -print0 | xargs -0r chgrp hostgroup | 10 | find "$hostuser_home" -gid $old_gid -print0 | xargs -0r chgrp hostgroup |
11 | fi | 11 | fi |
12 | if [[ $UID ]]; then | 12 | if [[ $UID && $UID -ne 0 ]]; then |
13 | usermod -u $UID hostuser | 13 | usermod -u $UID hostuser |
14 | fi | 14 | fi |
15 | 15 | ... | ... |
java/Dockerfile
0 → 100644
java/files/configure
0 → 100755
1 | #!/bin/sh | ||
2 | |||
3 | set -e | ||
4 | apt-get update | ||
5 | mkdir -p /usr/share/man/man1 | ||
6 | apt-get install -y ssmtp sudo openjdk-8-jdk $JAVA_EXTRA_PACKAGES | ||
7 | |||
8 | cp /tmp/files/entrypoint /sbin/entrypoint | ||
9 | |||
10 | addgroup hostgroup | ||
11 | adduser --gecos 'Host User' --ingroup hostgroup --disabled-password hostuser | ||
12 | |||
13 | rm -rf /tmp/files |
java/files/entrypoint
0 → 100755
1 | #!/bin/bash | ||
2 | |||
3 | set -ex | ||
4 | |||
5 | TARGET_USER=hostuser | ||
6 | TARGET_GROUP=hostgroup | ||
7 | |||
8 | target_home="$(getent passwd "$TARGET_USER" | cut -f 6 -d :)" | ||
9 | |||
10 | if [[ $GID && $GID -ne 0 ]]; then | ||
11 | groupmod -g $GID "$TARGET_GROUP" | ||
12 | fi | ||
13 | if [[ $UID && $UID -ne 0 ]]; then | ||
14 | usermod -u $UID "$TARGET_USER" | ||
15 | fi | ||
16 | |||
17 | find "$target_home" \ | ||
18 | '(' -not -user "$TARGET_USER" -a -not -group "$TARGET_GROUP" -exec chown "$TARGET_USER:$TARGET_GROUP" '{}' + ')' -o \ | ||
19 | '(' -not -user "$TARGET_USER" -exec chown "$TARGET_USER" '{}' + ')' -o \ | ||
20 | '(' -not -group "$TARGET_GROUP" -exec chgrp "$TARGET_GROUP" '{}' + ')' -o \ | ||
21 | -true | ||
22 | |||
23 | if [[ $http_proxy =~ ^([^:]+)://([^/:]*)(:([0-9]+?))?(/.*)?$ ]]; then | ||
24 | http_proxy_protocol="${BASH_REMATCH[1]}" | ||
25 | http_proxy_domain="${BASH_REMATCH[2]}" | ||
26 | http_proxy_port="${BASH_REMATCH[4]}" | ||
27 | fi | ||
28 | |||
29 | if [[ $http_proxy ]]; then | ||
30 | mkdir -p "$target_home/.m2" | ||
31 | cat > "$target_home/.m2/settings.xml" << _EOF_ | ||
32 | <settings> | ||
33 | <proxies> | ||
34 | <proxy> | ||
35 | <id>app-build-proxy</id> | ||
36 | <active>true</active> | ||
37 | <protocol>${http_proxy_protocol}</protocol> | ||
38 | <host>${http_proxy_domain}</host> | ||
39 | <port>${http_proxy_port}</port> | ||
40 | </proxy> | ||
41 | </proxies> | ||
42 | </settings> | ||
43 | _EOF_ | ||
44 | fi | ||
45 | |||
46 | exec "$@" |
mongodb/Dockerfile
0 → 100644
mongodb/files/configure
0 → 100755
mongodb/files/entrypoint
0 → 100755
1 | #!/bin/bash | ||
2 | |||
3 | set -ex | ||
4 | |||
5 | TARGET_USER=mongodb | ||
6 | TARGET_GROUP=mongodb | ||
7 | |||
8 | target_home="$(getent passwd "$TARGET_USER" | cut -f 6 -d :)" | ||
9 | |||
10 | if [[ $GID && $GID -ne 0 ]]; then | ||
11 | groupmod -g $GID "$TARGET_GROUP" | ||
12 | fi | ||
13 | if [[ $UID && $UID -ne 0 ]]; then | ||
14 | usermod -u $UID "$TARGET_USER" | ||
15 | fi | ||
16 | |||
17 | find "$target_home" \ | ||
18 | '(' -not -user "$TARGET_USER" -a -not -group "$TARGET_GROUP" -exec chown "$TARGET_USER:$TARGET_GROUP" '{}' + ')' -o \ | ||
19 | '(' -not -user "$TARGET_USER" -exec chown "$TARGET_USER" '{}' + ')' -o \ | ||
20 | '(' -not -group "$TARGET_GROUP" -exec chgrp "$TARGET_GROUP" '{}' + ')' -o \ | ||
21 | -true | ||
22 | |||
23 | exec "$@" |
mysql/Dockerfile
0 → 100644
mysql/files/configure
0 → 100755
1 | #!/bin/sh | ||
2 | |||
3 | set -e | ||
4 | apt-get update | ||
5 | apt-get install -y ssmtp mysql-server | ||
6 | |||
7 | mkdir /var/lib/container | ||
8 | tar -cC /var/lib/mysql/ . | gzip -9v > /var/lib/container/var_lib_mysql.tar.gz | ||
9 | rm -rf /var/lib/mysql | ||
10 | mkdir /var/lib/mysql | ||
11 | |||
12 | cp -a /tmp/files/entrypoint /sbin | ||
13 | |||
14 | rm -rf /tmp/files |
mysql/files/entrypoint
0 → 100755
1 | #!/bin/bash | ||
2 | |||
3 | set -ex | ||
4 | |||
5 | _mysql() { | ||
6 | mysqld_safe "$@" | ||
7 | } | ||
8 | |||
9 | if [[ $GID && $GID -ne 0 ]]; then | ||
10 | old_gid=$(getent group mysql | cut -f 3 -d :) | ||
11 | groupmod -g $GID mysql | ||
12 | fi | ||
13 | |||
14 | if [[ $UID && $UID -ne 0 ]]; then | ||
15 | usermod -u $UID mysql | ||
16 | fi | ||
17 | |||
18 | if [[ $(find /var/lib/mysql -maxdepth 1 -mindepth 1|wc -l) = 0 ]]; then | ||
19 | mkdir -p /var/lib/mysql | ||
20 | zcat /var/lib/container/var_lib_mysql.tar.gz | tar -C /var/lib/mysql -xf - | ||
21 | fi | ||
22 | |||
23 | declare -i i=0 | ||
24 | mysqld_safe --skip-networking & | ||
25 | while eval [[ \$DB_INFO_$i ]]; do | ||
26 | IFS=: eval declare -a DB_INFO=\(\$DB_INFO_$i\) | ||
27 | echo "database=${DB_INFO[0]} user=${DB_INFO[1]} password=${DB_INFO[2]}" 1>&2 | ||
28 | mysql --defaults-extra-file=/etc/mysql/debian.cnf -e "CREATE DATABASE IF NOT EXISTS \`${DB_INFO[0]}\` DEFAULT CHARACTER SET \`utf8mb4\` COLLATE \`utf8mb4_ci\`;" | ||
29 | mysql --defaults-extra-file=/etc/mysql/debian.cnf -e "GRANT ALL PRIVILEGES ON \`${DB_INFO[0]}\`.* TO '${DB_INFO[1]}' IDENTIFIED BY '${DB_INFO[2]}';" | ||
30 | i=$(($i + 1)) | ||
31 | done | ||
32 | mysql --defaults-extra-file=/etc/mysql/debian.cnf -e "shutdown;" | ||
33 | wait | ||
34 | |||
35 | exec "$@" |
1 | FROM debian:stretch | 1 | FROM debian:stretch-slim |
2 | 2 | ||
3 | ARG NGINX_EXTRA_PACKAGES | 3 | ARG NGINX_EXTRA_PACKAGES |
4 | 4 | ||
5 | COPY files/ /tmp/files/ | 5 | COPY files/ /tmp/files/ |
6 | RUN /tmp/files/configure | 6 | RUN /tmp/files/configure |
7 | 7 | ||
8 | ENTRYPOINT ["/sbin/entrypoint.sh"] | 8 | ENTRYPOINT ["/sbin/entrypoint"] |
9 | CMD ["nginx", "-g", "daemon off;"] | 9 | CMD ["nginx", "-g", "daemon off;"] | ... | ... |
... | @@ -4,6 +4,6 @@ set -e | ... | @@ -4,6 +4,6 @@ set -e |
4 | apt-get update | 4 | apt-get update |
5 | apt-get install -y ssmtp nginx libnginx-mod-http-subs-filter $NGINX_EXTRA_PACKAGES | 5 | apt-get install -y ssmtp nginx libnginx-mod-http-subs-filter $NGINX_EXTRA_PACKAGES |
6 | rm /etc/nginx/sites-enabled/default | 6 | rm /etc/nginx/sites-enabled/default |
7 | cp -a /tmp/files/entrypoint.sh /sbin | 7 | cp -a /tmp/files/entrypoint /sbin |
8 | 8 | ||
9 | rm -rf /tmp/files | 9 | rm -rf /tmp/files | ... | ... |
1 | FROM node | 1 | FROM debian:stretch-slim |
2 | 2 | ||
3 | ARG NODE_EXTRA_PACKAGES | 3 | ARG NODE_EXTRA_PACKAGES |
4 | 4 | ||
5 | COPY files/ /tmp/files/ | 5 | COPY files/ /tmp/files/ |
6 | RUN /tmp/files/configure | 6 | RUN /tmp/files/configure |
7 | 7 | ||
8 | #ADD https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar /usr/local/bin/wp | 8 | ENTRYPOINT ["/sbin/entrypoint"] |
9 | #RUN ["chmod", "755", "/usr/local/bin/wp"] | ||
10 | |||
11 | ENTRYPOINT ["/root/entrypoint"] | ||
12 | #CMD ["/usr/sbin/php5-fpm", "--nodaemonize", "--force-stderr", "--fpm-config", "/etc/php5/fpm/php-fpm.conf"] | ... | ... |
node/files/app-defaults.conf
deleted
100644 → 0
This diff is collapsed.
Click to expand it.
... | @@ -2,9 +2,20 @@ | ... | @@ -2,9 +2,20 @@ |
2 | 2 | ||
3 | set -e | 3 | set -e |
4 | apt-get update | 4 | apt-get update |
5 | apt-get install -y ssmtp sudo $NODE_EXTRA_PACKAGES | 5 | apt-get install -y apt-transport-https gnupg |
6 | #npm install -g gulp grunt | 6 | cp /tmp/files/nodesource.list /etc/apt/sources.list.d |
7 | cp /tmp/files/nodesource.gpg.key /etc/apt/trusted.gpg.d/nodesource.asc | ||
8 | apt-get update | ||
9 | |||
10 | apt-get install -y ssmtp sudo nodejs npm $NODE_EXTRA_PACKAGES | ||
11 | |||
12 | if ! [ "z$NPM_GLOBAL_INSTALL" = "z" ]; then | ||
13 | npm install -g $NPM_GLOBAL_INSTALL | ||
14 | fi | ||
15 | |||
16 | addgroup node | ||
17 | adduser --gecos 'node' --ingroup node --disabled-password node | ||
7 | 18 | ||
8 | cp /tmp/files/entrypoint /root/entrypoint | 19 | cp /tmp/files/entrypoint /sbin/entrypoint |
9 | 20 | ||
10 | rm -rf /tmp/files | 21 | rm -rf /tmp/files | ... | ... |
... | @@ -4,14 +4,24 @@ set -ex | ... | @@ -4,14 +4,24 @@ set -ex |
4 | 4 | ||
5 | node_home="$(getent passwd node | cut -f 6 -d :)" | 5 | node_home="$(getent passwd node | cut -f 6 -d :)" |
6 | 6 | ||
7 | if [[ $GID ]]; then | 7 | if [[ $GID && $GID -ne 0 ]]; then |
8 | old_gid=$(getent group node | cut -f 3 -d :) | ||
9 | groupmod -g $GID node | 8 | groupmod -g $GID node |
10 | find "$node_home" -gid $old_gid -print0 | xargs -0r chgrp node | ||
11 | fi | 9 | fi |
12 | if [[ $UID ]]; then | 10 | if [[ $UID && $UID -ne 0 ]]; then |
13 | usermod -u $UID node | 11 | usermod -u $UID node |
14 | fi | 12 | fi |
13 | |||
14 | find "$node_home" \ | ||
15 | '(' -not -user node -a -not -group node -exec chown node:node '{}' + ')' -o \ | ||
16 | '(' -not -user node -exec chown node '{}' + ')' -o \ | ||
17 | '(' -not -group node -exec chgrp node '{}' + ')' -o \ | ||
18 | -true | ||
19 | |||
20 | npm -g config set http_proxy "$http_proxy" | ||
21 | npm -g config set https_proxy "$http_proxy" | ||
22 | sudo -u node npm config set http_proxy "$http_proxy" | ||
23 | sudo -u node npm config set https_proxy "$http_proxy" | ||
24 | |||
15 | if [[ -e package.json ]]; then | 25 | if [[ -e package.json ]]; then |
16 | sudo -u node npm install | 26 | sudo -u node npm install |
17 | fi | 27 | fi | ... | ... |
node/files/nodesource.gpg.key
0 → 100644
1 | -----BEGIN PGP PUBLIC KEY BLOCK----- | ||
2 | Version: GnuPG v1 | ||
3 | Comment: GPGTools - https://gpgtools.org | ||
4 | |||
5 | mQINBFObJLYBEADkFW8HMjsoYRJQ4nCYC/6Eh0yLWHWfCh+/9ZSIj4w/pOe2V6V+ | ||
6 | W6DHY3kK3a+2bxrax9EqKe7uxkSKf95gfns+I9+R+RJfRpb1qvljURr54y35IZgs | ||
7 | fMG22Np+TmM2RLgdFCZa18h0+RbH9i0b+ZrB9XPZmLb/h9ou7SowGqQ3wwOtT3Vy | ||
8 | qmif0A2GCcjFTqWW6TXaY8eZJ9BCEqW3k/0Cjw7K/mSy/utxYiUIvZNKgaG/P8U7 | ||
9 | 89QyvxeRxAf93YFAVzMXhoKxu12IuH4VnSwAfb8gQyxKRyiGOUwk0YoBPpqRnMmD | ||
10 | Dl7SdmY3oQHEJzBelTMjTM8AjbB9mWoPBX5G8t4u47/FZ6PgdfmRg9hsKXhkLJc7 | ||
11 | C1btblOHNgDx19fzASWX+xOjZiKpP6MkEEzq1bilUFul6RDtxkTWsTa5TGixgCB/ | ||
12 | G2fK8I9JL/yQhDc6OGY9mjPOxMb5PgUlT8ox3v8wt25erWj9z30QoEBwfSg4tzLc | ||
13 | Jq6N/iepQemNfo6Is+TG+JzI6vhXjlsBm/Xmz0ZiFPPObAH/vGCY5I6886vXQ7ft | ||
14 | qWHYHT8jz/R4tigMGC+tvZ/kcmYBsLCCI5uSEP6JJRQQhHrCvOX0UaytItfsQfLm | ||
15 | EYRd2F72o1yGh3yvWWfDIBXRmaBuIGXGpajC0JyBGSOWb9UxMNZY/2LJEwARAQAB | ||
16 | tB9Ob2RlU291cmNlIDxncGdAbm9kZXNvdXJjZS5jb20+iQI4BBMBAgAiBQJTmyS2 | ||
17 | AhsDBgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAWVaCraFdigHTmD/9OKhUy | ||
18 | jJ+h8gMRg6ri5EQxOExccSRU0i7UHktecSs0DVC4lZG9AOzBe+Q36cym5Z1di6JQ | ||
19 | kHl69q3zBdV3KTW+H1pdmnZlebYGz8paG9iQ/wS9gpnSeEyx0Enyi167Bzm0O4A1 | ||
20 | GK0prkLnz/yROHHEfHjsTgMvFwAnf9uaxwWgE1d1RitIWgJpAnp1DZ5O0uVlsPPm | ||
21 | XAhuBJ32mU8S5BezPTuJJICwBlLYECGb1Y65Cil4OALU7T7sbUqfLCuaRKxuPtcU | ||
22 | VnJ6/qiyPygvKZWhV6Od0Yxlyed1kftMJyYoL8kPHfeHJ+vIyt0s7cropfiwXoka | ||
23 | 1iJB5nKyt/eqMnPQ9aRpqkm9ABS/r7AauMA/9RALudQRHBdWIzfIg0Mlqb52yyTI | ||
24 | IgQJHNGNX1T3z1XgZhI+Vi8SLFFSh8x9FeUZC6YJu0VXXj5iz+eZmk/nYjUt4Mtc | ||
25 | pVsVYIB7oIDIbImODm8ggsgrIzqxOzQVP1zsCGek5U6QFc9GYrQ+Wv3/fG8hfkDn | ||
26 | xXLww0OGaEQxfodm8cLFZ5b8JaG3+Yxfe7JkNclwvRimvlAjqIiW5OK0vvfHco+Y | ||
27 | gANhQrlMnTx//IdZssaxvYytSHpPZTYw+qPEjbBJOLpoLrz8ZafN1uekpAqQjffI | ||
28 | AOqW9SdIzq/kSHgl0bzWbPJPw86XzzftewjKNbkCDQRTmyS2ARAAxSSdQi+WpPQZ | ||
29 | fOflkx9sYJa0cWzLl2w++FQnZ1Pn5F09D/kPMNh4qOsyvXWlekaV/SseDZtVziHJ | ||
30 | Km6V8TBG3flmFlC3DWQfNNFwn5+pWSB8WHG4bTA5RyYEEYfpbekMtdoWW/Ro8Kmh | ||
31 | 41nuxZDSuBJhDeFIp0ccnN2Lp1o6XfIeDYPegyEPSSZqrudfqLrSZhStDlJgXjea | ||
32 | JjW6UP6txPtYaaila9/Hn6vF87AQ5bR2dEWB/xRJzgNwRiax7KSU0xca6xAuf+TD | ||
33 | xCjZ5pp2JwdCjquXLTmUnbIZ9LGV54UZ/MeiG8yVu6pxbiGnXo4Ekbk6xgi1ewLi | ||
34 | vGmz4QRfVklV0dba3Zj0fRozfZ22qUHxCfDM7ad0eBXMFmHiN8hg3IUHTO+UdlX/ | ||
35 | aH3gADFAvSVDv0v8t6dGc6XE9Dr7mGEFnQMHO4zhM1HaS2Nh0TiL2tFLttLbfG5o | ||
36 | QlxCfXX9/nasj3K9qnlEg9G3+4T7lpdPmZRRe1O8cHCI5imVg6cLIiBLPO16e0fK | ||
37 | yHIgYswLdrJFfaHNYM/SWJxHpX795zn+iCwyvZSlLfH9mlegOeVmj9cyhN/VOmS3 | ||
38 | QRhlYXoA2z7WZTNoC6iAIlyIpMTcZr+ntaGVtFOLS6fwdBqDXjmSQu66mDKwU5Ek | ||
39 | fNlbyrpzZMyFCDWEYo4AIR/18aGZBYUAEQEAAYkCHwQYAQIACQUCU5sktgIbDAAK | ||
40 | CRAWVaCraFdigIPQEACcYh8rR19wMZZ/hgYv5so6Y1HcJNARuzmffQKozS/rxqec | ||
41 | 0xM3wceL1AIMuGhlXFeGd0wRv/RVzeZjnTGwhN1DnCDy1I66hUTgehONsfVanuP1 | ||
42 | PZKoL38EAxsMzdYgkYH6T9a4wJH/IPt+uuFTFFy3o8TKMvKaJk98+Jsp2X/QuNxh | ||
43 | qpcIGaVbtQ1bn7m+k5Qe/fz+bFuUeXPivafLLlGc6KbdgMvSW9EVMO7yBy/2JE15 | ||
44 | ZJgl7lXKLQ31VQPAHT3an5IV2C/ie12eEqZWlnCiHV/wT+zhOkSpWdrheWfBT+ac | ||
45 | hR4jDH80AS3F8jo3byQATJb3RoCYUCVc3u1ouhNZa5yLgYZ/iZkpk5gKjxHPudFb | ||
46 | DdWjbGflN9k17VCf4Z9yAb9QMqHzHwIGXrb7ryFcuROMCLLVUp07PrTrRxnO9A/4 | ||
47 | xxECi0l/BzNxeU1gK88hEaNjIfviPR/h6Gq6KOcNKZ8rVFdwFpjbvwHMQBWhrqfu | ||
48 | G3KaePvbnObKHXpfIKoAM7X2qfO+IFnLGTPyhFTcrl6vZBTMZTfZiC1XDQLuGUnd | ||
49 | sckuXINIU3DFWzZGr0QrqkuE/jyr7FXeUJj9B7cLo+s/TXo+RaVfi3kOc9BoxIvy | ||
50 | /qiNGs/TKy2/Ujqp/affmIMoMXSozKmga81JSwkADO1JMgUy6dApXz9kP4EE3g== | ||
51 | =CLGF | ||
52 | -----END PGP PUBLIC KEY BLOCK----- |
node/files/nodesource.list
0 → 100644
1 | deb https://deb.nodesource.com/node_8.x stretch main |
1 | FROM debian:stretch | 1 | FROM debian:stretch-slim |
2 | 2 | ||
3 | ARG PHPFPM_EXTRA_PACKAGES | 3 | ARG PHPFPM_EXTRA_PACKAGES |
4 | 4 | ||
... | @@ -8,5 +8,5 @@ RUN /tmp/files/configure | ... | @@ -8,5 +8,5 @@ RUN /tmp/files/configure |
8 | ADD https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar /usr/local/bin/wp | 8 | ADD https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar /usr/local/bin/wp |
9 | RUN ["chmod", "755", "/usr/local/bin/wp"] | 9 | RUN ["chmod", "755", "/usr/local/bin/wp"] |
10 | 10 | ||
11 | ENTRYPOINT ["/root/entrypoint"] | 11 | ENTRYPOINT ["/sbin/entrypoint"] |
12 | CMD ["/usr/sbin/php-fpm7.0", "--nodaemonize", "--force-stderr", "--fpm-config", "/etc/php/7.0/fpm/php-fpm.conf"] | 12 | CMD ["/usr/sbin/php-fpm7.0", "--nodaemonize", "--force-stderr", "--fpm-config", "/etc/php/7.0/fpm/php-fpm.conf"] | ... | ... |
... | @@ -7,7 +7,7 @@ apt-get install -y sudo ssmtp php7.0-fpm php7.0-mysql php7.0-curl php7.0-imagick | ... | @@ -7,7 +7,7 @@ apt-get install -y sudo ssmtp php7.0-fpm php7.0-mysql php7.0-curl php7.0-imagick |
7 | rm /etc/php/7.0/fpm/pool.d/www.conf | 7 | rm /etc/php/7.0/fpm/pool.d/www.conf |
8 | cp -a /tmp/files/app-defaults.conf /etc/php/7.0/fpm | 8 | cp -a /tmp/files/app-defaults.conf /etc/php/7.0/fpm |
9 | 9 | ||
10 | cp /tmp/files/entrypoint /root/entrypoint | 10 | cp /tmp/files/entrypoint /sbin/entrypoint |
11 | 11 | ||
12 | addgroup hostgroup | 12 | addgroup hostgroup |
13 | adduser --gecos 'Host User' --ingroup hostgroup --disabled-password hostuser | 13 | adduser --gecos 'Host User' --ingroup hostgroup --disabled-password hostuser | ... | ... |
... | @@ -4,12 +4,12 @@ set -ex | ... | @@ -4,12 +4,12 @@ set -ex |
4 | 4 | ||
5 | hostuser_home="$(getent passwd hostuser | cut -f 6 -d :)" | 5 | hostuser_home="$(getent passwd hostuser | cut -f 6 -d :)" |
6 | 6 | ||
7 | if [[ $GID ]]; then | 7 | if [[ $GID && $GID -ne 0 ]]; then |
8 | old_gid=$(getent group hostgroup | cut -f 3 -d :) | 8 | old_gid=$(getent group hostgroup | cut -f 3 -d :) |
9 | groupmod -g $GID hostgroup | 9 | groupmod -g $GID hostgroup |
10 | find "$hostuser_home" -gid $old_gid -print0 | xargs -0r chgrp hostgroup | 10 | find "$hostuser_home" -gid $old_gid -print0 | xargs -0r chgrp hostgroup |
11 | fi | 11 | fi |
12 | if [[ $UID ]]; then | 12 | if [[ $UID && $GID -ne 0 ]]; then |
13 | usermod -u $UID hostuser | 13 | usermod -u $UID hostuser |
14 | fi | 14 | fi |
15 | mkdir -p /run/php | 15 | mkdir -p /run/php | ... | ... |
... | @@ -4,12 +4,12 @@ set -ex | ... | @@ -4,12 +4,12 @@ set -ex |
4 | 4 | ||
5 | hostuser_home="$(getent passwd hostuser | cut -f 6 -d :)" | 5 | hostuser_home="$(getent passwd hostuser | cut -f 6 -d :)" |
6 | 6 | ||
7 | if [[ $GID ]]; then | 7 | if [[ $GID && $GID -ne 0 ]]; then |
8 | old_gid=$(getent group hostgroup | cut -f 3 -d :) | 8 | old_gid=$(getent group hostgroup | cut -f 3 -d :) |
9 | groupmod -g $GID hostgroup | 9 | groupmod -g $GID hostgroup |
10 | find "$hostuser_home" -gid $old_gid -print0 | xargs -0r chgrp hostgroup | 10 | find "$hostuser_home" -gid $old_gid -print0 | xargs -0r chgrp hostgroup |
11 | fi | 11 | fi |
12 | if [[ $UID ]]; then | 12 | if [[ $UID && $UID -ne 0 ]]; then |
13 | usermod -u $UID hostuser | 13 | usermod -u $UID hostuser |
14 | fi | 14 | fi |
15 | 15 | ... | ... |
postgresql/Dockerfile
0 → 100644
postgresql/files/configure
0 → 100755
1 | #!/bin/sh | ||
2 | |||
3 | set -e | ||
4 | |||
5 | mkdir /usr/share/man/man1 /usr/share/man/man7 | ||
6 | cp /tmp/files/no-suggests-recommends.conf /etc/apt/apt.conf.d/no-suggests-recommends | ||
7 | apt-get update | ||
8 | apt-get install -y postgresql-9.6 \ | ||
9 | $POSTGRESQL_EXTRA_PACKAGES \ | ||
10 | && true | ||
11 | |||
12 | rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/* | ||
13 | |||
14 | mkdir /var/lib/container | ||
15 | tar -cC /var/lib/postgresql/ . | gzip -9v > /var/lib/container/var_lib_postgresql.tar.gz | ||
16 | rm -rf /var/lib/postgresql | ||
17 | mkdir /var/lib/postgresql | ||
18 | |||
19 | cp -a /tmp/files/entrypoint /sbin | ||
20 | |||
21 | rm -rf /tmp/files |
postgresql/files/entrypoint
0 → 100755
1 | #!/bin/bash | ||
2 | |||
3 | set -ex | ||
4 | |||
5 | if [[ $(find /var/lib/postgresql -maxdepth 1 -mindepth 1|wc -l) = 0 ]]; then | ||
6 | zcat /var/lib/container/var_lib_postgresql.tar.gz | tar xf - -C /var/lib/postgresql | ||
7 | fi | ||
8 | |||
9 | postgres_home="$(getent passwd postgres | cut -f 6 -d :)" | ||
10 | |||
11 | if [[ $GID && $GID -ne 0 ]]; then | ||
12 | old_gid=$(getent group postgres | cut -f 3 -d :) | ||
13 | groupmod -g $GID postgres | ||
14 | find "$postgres_home" /etc/postgresql /var/run/postgresql -gid $old_gid -print0 | xargs -0r chgrp postgres | ||
15 | fi | ||
16 | |||
17 | if [[ $UID && $UID -ne 0 ]]; then | ||
18 | old_uid=$(getent passwd postgres | cut -f 3 -d :) | ||
19 | usermod -u $UID postgres | ||
20 | find /etc/postgresql /var/run/postgresql -uid $old_uid -print0 | xargs -0r chown postgres | ||
21 | fi | ||
22 | |||
23 | exec "$@" |
postgresql/files/no-suggests-recommends.conf
0 → 100644
redis/Dockerfile
0 → 100644
redis/files/configure
0 → 100755
redis/files/entrypoint
0 → 100755
1 | #!/bin/bash | ||
2 | |||
3 | set -ex | ||
4 | |||
5 | TARGET_GROUP=redis | ||
6 | TARGET_USER=redis | ||
7 | |||
8 | target_home="$(getent passwd "$TARGET_USER" | cut -f 6 -d :)" | ||
9 | |||
10 | if [[ $GID && $GID -ne 0 ]]; then | ||
11 | groupmod -g $GID "$TARGET_GROUP" | ||
12 | fi | ||
13 | if [[ $UID && $UID -ne 0 ]]; then | ||
14 | usermod -u $UID "$TARGET_USER" | ||
15 | fi | ||
16 | |||
17 | find "$target_home" \ | ||
18 | '(' -not -user "$TARGET_USER" -a -not -group "$TARGET_GROUP" -exec chown "$TARGET_USER:$TARGET_GROUP" '{}' + ')' -o \ | ||
19 | '(' -not -user "$TARGET_USER" -exec chown "$TARGET_USER" '{}' + ')' -o \ | ||
20 | '(' -not -group "$TARGET_GROUP" -exec chgrp "$TARGET_GROUP" '{}' + ')' -o \ | ||
21 | -true | ||
22 | |||
23 | exec "$@" |
... | @@ -4,12 +4,12 @@ set -ex | ... | @@ -4,12 +4,12 @@ set -ex |
4 | 4 | ||
5 | hostuser_home="$(getent passwd hostuser | cut -f 6 -d :)" | 5 | hostuser_home="$(getent passwd hostuser | cut -f 6 -d :)" |
6 | 6 | ||
7 | if [[ $GID ]]; then | 7 | if [[ $GID && $GID -ne 0 ]]; then |
8 | old_gid=$(getent group hostgroup | cut -f 3 -d :) | 8 | old_gid=$(getent group hostgroup | cut -f 3 -d :) |
9 | groupmod -g $GID hostgroup | 9 | groupmod -g $GID hostgroup |
10 | find "$hostuser_home" -gid $old_gid -print0 | xargs -0r chgrp hostgroup | 10 | find "$hostuser_home" -gid $old_gid -print0 | xargs -0r chgrp hostgroup |
11 | fi | 11 | fi |
12 | if [[ $UID ]]; then | 12 | if [[ $UID && $UID -ne 0 ]]; then |
13 | usermod -u $UID hostuser | 13 | usermod -u $UID hostuser |
14 | fi | 14 | fi |
15 | 15 | ... | ... |
-
Please register or sign in to post a comment