diff --git a/.env b/.env index ce1f2f3..8fb599e 100644 --- a/.env +++ b/.env @@ -6,6 +6,7 @@ RC_VERSION="4.24.1" # Database access credentials POSTGRES_DB=rhodecode +POSTGRES_USER=rhodecode POSTGRES_PASSWORD=hUc1adS7oDd6Oj3in3 # base url for running app diff --git a/docker-compose.yaml b/docker-compose.yaml index 0717c08..d66d106 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -21,14 +21,21 @@ volumes: # volume for rhodecode caches, archive caches, elasticsearch etc datavolume: {} - # postgres store - pg_data: {} + # volume for RhodeCode repo-store, it's where the repositories will be stored + rhodecode_repos: + labels: + "keep": 1 + + # volume for postgres db store + pg_data: + labels: + "keep": 1 # volume for rhodecode elasticsearch - es_data: {} + es_data: + labels: + "keep": 1 - # RhodeCode repo-store, it's where the repositories will be stored - rhodecode_repos: {} networks: rhodecode_network: @@ -45,8 +52,7 @@ services: restart: unless-stopped command: [ "/var/opt/rhodecode_bin/bin/gunicorn", - "--name", - "gunicorn-rhodecode-1", + "--name=gunicorn-rhodecode-1", "--error-logfile=-", "--paster=/etc/rhodecode/conf/compose/rhodecode.optimized.ini", "--config=/etc/rhodecode/conf/gunicorn_conf.py" @@ -57,7 +63,7 @@ services: build: context: . dockerfile: service/rhodecode/rhodecode.dockerfile - network: rhodecode_network + #network: rhodecode_network args: TZ: ${TZ} RHODECODE_VERSION: ${RC_VERSION:?specify-RC_VERSION-env-var} @@ -84,7 +90,6 @@ services: APACHE_LOG_DIR: /var/log/rhodecode/svn MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf - healthcheck: test: [ "CMD", "curl", "-A", "RhodeCode-Healthcheck", "-s", "-o", "/dev/null", "-w", "'%{http_code}'", "http://127.0.0.1:10020/_admin/ops/ping" ] timeout: 30s @@ -278,7 +283,7 @@ services: elasticsearch: networks: - rhodecode_network - image: docker.elastic.co/elasticsearch/elasticsearch:6.8.13 + image: docker.elastic.co/elasticsearch/elasticsearch:6.8.14 environment: - cluster.name=elasticsearch-cluster @@ -322,11 +327,14 @@ services: redis: networks: - rhodecode_network - image: rhodecode/redis:6.0.10 + image: rhodecode/redis:6.2.1 + build: context: . dockerfile: service/redis/rhodecode_redis.dockerfile network: rhodecode_network + args: + REDIS_BUILD: 6.2.1 restart: unless-stopped @@ -339,21 +347,25 @@ services: database: networks: - rhodecode_network - image: rhodecode/database:13.1 + image: rhodecode/database:13.2 + build: context: . dockerfile: service/database/rhodecode_database.dockerfile network: rhodecode_network - restart: unless-stopped - - ports: - - "127.0.0.1::5432" + args: + POSTGRES_BUILD: 13.2 environment: POSTGRES_DB: ${POSTGRES_DB:?must-specify-db-name} - POSTGRES_USER: rhodecode + POSTGRES_USER: ${POSTGRES_USER:?must-specify-db-user} POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:?must-specify-db-password} + restart: unless-stopped + + ports: + - "127.0.0.1::5432" + volumes: # save the pg_data volume - pg_data:/var/lib/postgresql/data @@ -362,11 +374,15 @@ services: nginx: networks: - rhodecode_network - image: rhodecode/nginx:1.19.6 + image: rhodecode/nginx:1.19.8 + build: context: . dockerfile: service/nginx/rhodecode_nginx.dockerfile network: rhodecode_network + args: + NGINX_BUILD: 1.19.8 + restart: unless-stopped ports: diff --git a/service/database/rhodecode_database.dockerfile b/service/database/rhodecode_database.dockerfile index 3dad39f..232f2ca 100644 --- a/service/database/rhodecode_database.dockerfile +++ b/service/database/rhodecode_database.dockerfile @@ -1,4 +1,5 @@ -FROM library/postgres:13.1 +ARG POSTGRES_BUILD +FROM library/postgres:$POSTGRES_BUILD COPY service/database/customized.conf /etc/conf.d/pg_customized.conf CMD ["postgres", "-c", "log_statement=ddl"] \ No newline at end of file diff --git a/service/nginx/rhodecode_nginx.dockerfile b/service/nginx/rhodecode_nginx.dockerfile index f36d11e..8cf501b 100644 --- a/service/nginx/rhodecode_nginx.dockerfile +++ b/service/nginx/rhodecode_nginx.dockerfile @@ -1,4 +1,5 @@ -FROM library/nginx:1.19.6 +ARG NGINX_BUILD +FROM library/nginx:$NGINX_BUILD ENV NGINX_ENTRYPOINT_QUIET_LOGS=1 diff --git a/service/redis/rhodecode_redis.dockerfile b/service/redis/rhodecode_redis.dockerfile index 99987d1..0094682 100644 --- a/service/redis/rhodecode_redis.dockerfile +++ b/service/redis/rhodecode_redis.dockerfile @@ -1,3 +1,4 @@ -FROM library/redis:6.0.9 +ARG REDIS_BUILD +FROM library/redis:$REDIS_BUILD COPY service/redis/redis.conf /etc/redis/redis-rc.conf CMD ["redis-server", "/etc/redis/redis-rc.conf"] diff --git a/service/rhodecode/rhodecode.dockerfile b/service/rhodecode/rhodecode.dockerfile index 51e3707..c22109e 100644 --- a/service/rhodecode/rhodecode.dockerfile +++ b/service/rhodecode/rhodecode.dockerfile @@ -4,7 +4,9 @@ MAINTAINER RhodeCode Inc. ARG TZ="UTC" ARG LOCALE_TYPE=en_US.UTF-8 ARG RHODECODE_TYPE=Enterprise +# binary-install ARG RHODECODE_VERSION=4.24.1 + ARG RHODECODE_DB=sqlite ARG RHODECODE_USER_NAME=admin ARG RHODECODE_USER_PASS=secret4 @@ -76,6 +78,8 @@ set -eux; \ curl \ sudo \ gosu \ + bzip2 \ + ca-certificates \ $PYTHON_DEPS \ $SSH_LOCALE_DEPS \ $SVN_LOCALE_DEPS \ @@ -105,7 +109,8 @@ ENV \ RUN \ echo "** Create system user $RC_USER **" && \ groupadd --system --gid 999 $RC_USER && \ - useradd --system --gid $RC_USER --uid 999 --shell /bin/bash $RC_USER + useradd --system --gid $RC_USER --uid 999 --shell /bin/bash $RC_USER && \ + usermod -G $RC_USER $RC_USER # set the defult bash shell SHELL ["/bin/bash", "-c"] @@ -119,6 +124,7 @@ echo $TZ > /etc/timezone RUN \ echo "** prepare rhodecode store and cache **" && \ + install -d -m 0700 -o $RC_USER -g $RC_USER /nix && \ install -d -m 0755 -o $RC_USER -g $RC_USER /opt/rhodecode && \ install -d -m 0755 -o $RC_USER -g $RC_USER /var/opt/rhodecode_bin && \ install -d -m 0755 -o $RC_USER -g $RC_USER $RHODECODE_REPO_DIR && \ @@ -163,8 +169,8 @@ echo "**** Apache config ****" && \ # Copy artifacts COPY --chown=$RC_USER:$RC_USER .cache/* /home/$RC_USER/.rccontrol/cache/ -COPY --chown=$RC_USER:$RC_USER service/rhodecode/bootstrap/* /home/$RC_USER/.rccontrol/bootstrap/ COPY --chown=$RC_USER:$RC_USER config/compose/rhodecode_enterprise.license /home/$RC_USER/.rccontrol/bootstrap/ +COPY --chown=$RC_USER:$RC_USER service/rhodecode/bootstrap/* /home/$RC_USER/.rccontrol/bootstrap/ RUN \ echo "**** locale-archive path ****" && \ @@ -181,33 +187,36 @@ echo "** install rhodecode control **" && \ chmod +x ${INSTALLER} && \ ${INSTALLER} --accept-license && \ ${RCCONTROL} self-init && \ - cp -v /home/$RC_USER/.rccontrol-profile/etc/ca-bundle.crt $BUILD_CONF/ + cp -v /home/$RC_USER/.rccontrol-profile/etc/ca-bundle.crt $BUILD_CONF/ && \ + echo "Done" RUN \ echo "** install vcsserver ${RHODECODE_VERSION} **" && \ ${RCCONTROL} install VCSServer --version ${RHODECODE_VERSION} --start-at-boot=yes --accept-license --offline \ '{"host":"'"$RHODECODE_VCS_HOST"'", "port":"'"$RHODECODE_VCS_PORT"'"}' && \ VCSSERVER_PATH=/home/$RC_USER/.rccontrol/vcsserver-1 && \ - cp -v ${VCSSERVER_PATH}/vcsserver.ini $BUILD_CONF/ + rm -rf $BUILD_BIN_DIR/vcs_bin && ln -s ${VCSSERVER_PATH}/profile/bin $BUILD_BIN_DIR/vcs_bin && \ + cp -v ${VCSSERVER_PATH}/vcsserver.ini $BUILD_CONF/vcsserver.ini RUN \ echo "** install rhodecode ${RHODECODE_TYPE} ${RHODECODE_VERSION} **" && \ - RHODECODE_DB_INIT=sqlite && \ - ${RCCONTROL} install ${RHODECODE_TYPE} --version ${RHODECODE_VERSION} --start-at-boot=yes --accept-license --offline \ - '{"host":"'"$RHODECODE_HOST"'", "port":"'"$RHODECODE_HTTP_PORT"'", "username":"'"$RHODECODE_USER_NAME"'", "password":"'"$RHODECODE_USER_PASS"'", "email":"'"$RHODECODE_USER_EMAIL"'", "repo_dir":"'"$RHODECODE_REPO_DIR"'", "database": "'"$RHODECODE_DB_INIT"'", "skip_existing_db": "1"}' && \ - RHODECODE_PATH=/home/$RC_USER/.rccontrol/${RC_TYPE_ID} && \ - cp -v ${RHODECODE_PATH}/rhodecode.ini $BUILD_CONF/ && \ - cp -v ${RHODECODE_PATH}/search_mapping.ini $BUILD_CONF/ && \ - cp -v ${RHODECODE_PATH}/gunicorn_conf.py $BUILD_CONF/ && \ - rm -rf $BUILD_BIN_DIR/bin && ln -s ${RHODECODE_PATH}/profile/bin $BUILD_BIN_DIR && \ - mkdir -p $RHODECODE_DATA_DIR/static && cp -r ${RHODECODE_PATH}/public/* $RHODECODE_DATA_DIR/static/ && \ - rm ${RHODECODE_PATH}/rhodecode.db + RHODECODE_DB_INIT=sqlite && \ + ${RCCONTROL} install ${RHODECODE_TYPE} --version ${RHODECODE_VERSION} --start-at-boot=yes --accept-license --offline \ + '{"host":"'"$RHODECODE_HOST"'", "port":"'"$RHODECODE_HTTP_PORT"'", "username":"'"$RHODECODE_USER_NAME"'", "password":"'"$RHODECODE_USER_PASS"'", "email":"'"$RHODECODE_USER_EMAIL"'", "repo_dir":"'"$RHODECODE_REPO_DIR"'", "database": "'"$RHODECODE_DB_INIT"'", "skip_existing_db": "1"}' && \ + RHODECODE_PATH=/home/$RC_USER/.rccontrol/${RC_TYPE_ID} && \ + rm -rf $BUILD_BIN_DIR/bin && ln -s ${RHODECODE_PATH}/profile/bin $BUILD_BIN_DIR/ && \ + cp -v ${RHODECODE_PATH}/rhodecode.ini $BUILD_CONF/rhodecode.ini && \ + cp -v ${RHODECODE_PATH}/gunicorn_conf.py $BUILD_CONF/gunicorn_conf.py && \ + cp -v ${RHODECODE_PATH}/search_mapping.ini $BUILD_CONF/search_mapping.ini && \ + mkdir -p $RHODECODE_DATA_DIR/static && cp -r ${RHODECODE_PATH}/public/* $RHODECODE_DATA_DIR/static/ && \ + rm ${RHODECODE_PATH}/rhodecode.db RUN \ echo "** configure supervisord **" && \ - cp -v ${SUPERVISOR_CONF} $BUILD_CONF/ && \ - sed -i "s/self_managed_supervisor = False/self_managed_supervisor = True/g" /home/$RC_USER/.rccontrol.ini + cp -v ${SUPERVISOR_CONF} $BUILD_CONF/ && \ + sed -i "s/self_managed_supervisor = False/self_managed_supervisor = True/g" /home/$RC_USER/.rccontrol.ini && \ + echo "done" USER root