Show More
@@ -1,78 +1,80 b'' | |||||
1 | volumes: |
|
1 | volumes: | |
2 | nixstore: {} |
|
2 | nixstore: {} | |
3 | pipcache: {} |
|
3 | pipcache: {} | |
4 | rctmpdir: {} |
|
4 | rctmpdir: {} | |
5 |
|
5 | |||
6 | services: |
|
6 | services: | |
7 |
|
7 | |||
8 | rhodecode: |
|
8 | rhodecode: | |
9 | volumes: |
|
9 | volumes: | |
10 | - $WORKSPACE_HOME/rhodecode-vcsserver:/home/rhodecode/rhodecode-vcsserver:delegated |
|
10 | - $WORKSPACE_HOME/rhodecode-vcsserver:/home/rhodecode/rhodecode-vcsserver:delegated | |
11 | - $WORKSPACE_HOME/rhodecode-enterprise-ce:/home/rhodecode/rhodecode-enterprise-ce:delegated |
|
11 | - $WORKSPACE_HOME/rhodecode-enterprise-ce:/home/rhodecode/rhodecode-enterprise-ce:delegated | |
12 | - $WORKSPACE_HOME/rhodecode-enterprise-ee:/home/rhodecode/rhodecode-enterprise-ee:delegated |
|
12 | - $WORKSPACE_HOME/rhodecode-enterprise-ee:/home/rhodecode/rhodecode-enterprise-ee:delegated | |
13 | - $WORKSPACE_HOME/rhodecode-tools-ce:/home/rhodecode/rhodecode-tools-ce:delegated |
|
13 | - $WORKSPACE_HOME/rhodecode-tools-ce:/home/rhodecode/rhodecode-tools-ce:delegated | |
14 | - $WORKSPACE_HOME:/var/opt/rhodecode_repo_store:delegated |
|
14 | - $WORKSPACE_HOME:/var/opt/rhodecode_repo_store:delegated | |
15 | - nixstore:/opt/nix/store |
|
15 | - nixstore:/opt/nix/store | |
16 | - pipcache:/home/rhodecode/.cache/pip |
|
16 | - pipcache:/home/rhodecode/.cache/pip | |
17 | # shared TMP dir |
|
17 | # shared TMP dir | |
18 | - rctmpdir:/tmp |
|
18 | - rctmpdir:/tmp | |
19 |
|
19 | |||
20 | environment: |
|
20 | environment: | |
21 | RC_APP_PORT: "8080" |
|
21 | RC_APP_PORT: "8080" | |
22 |
|
22 | |||
23 | vcsserver: |
|
23 | vcsserver: | |
24 | volumes: |
|
24 | volumes: | |
25 | - $WORKSPACE_HOME/rhodecode-vcsserver:/home/rhodecode/rhodecode-vcsserver:delegated |
|
25 | - $WORKSPACE_HOME/rhodecode-vcsserver:/home/rhodecode/rhodecode-vcsserver:delegated | |
26 | - $WORKSPACE_HOME/rhodecode-enterprise-ce:/home/rhodecode/rhodecode-enterprise-ce:delegated |
|
26 | - $WORKSPACE_HOME/rhodecode-enterprise-ce:/home/rhodecode/rhodecode-enterprise-ce:delegated | |
27 | - $WORKSPACE_HOME/rhodecode-enterprise-ee:/home/rhodecode/rhodecode-enterprise-ee:delegated |
|
27 | - $WORKSPACE_HOME/rhodecode-enterprise-ee:/home/rhodecode/rhodecode-enterprise-ee:delegated | |
28 | - $WORKSPACE_HOME/rhodecode-tools-ce:/home/rhodecode/rhodecode-tools-ce:delegated |
|
28 | - $WORKSPACE_HOME/rhodecode-tools-ce:/home/rhodecode/rhodecode-tools-ce:delegated | |
29 | - $WORKSPACE_HOME:/var/opt/rhodecode_repo_store:delegated |
|
29 | - $WORKSPACE_HOME:/var/opt/rhodecode_repo_store:delegated | |
30 | - nixstore:/opt/nix/store |
|
30 | - nixstore:/opt/nix/store | |
31 | - pipcache:/home/rhodecode/.cache/pip |
|
31 | - pipcache:/home/rhodecode/.cache/pip | |
32 | # shared TMP dir |
|
32 | # shared TMP dir | |
33 | - rctmpdir:/tmp |
|
33 | - rctmpdir:/tmp | |
34 |
|
34 | |||
35 | environment: |
|
35 | environment: | |
36 | RC_APP_PORT: "8080" |
|
36 | RC_APP_PORT: "8080" | |
37 |
|
37 | |||
38 | celery: |
|
38 | celery: | |
39 | volumes: |
|
39 | volumes: | |
40 | - $WORKSPACE_HOME/rhodecode-vcsserver:/home/rhodecode/rhodecode-vcsserver:delegated |
|
40 | - $WORKSPACE_HOME/rhodecode-vcsserver:/home/rhodecode/rhodecode-vcsserver:delegated | |
41 | - $WORKSPACE_HOME/rhodecode-enterprise-ce:/home/rhodecode/rhodecode-enterprise-ce:delegated |
|
41 | - $WORKSPACE_HOME/rhodecode-enterprise-ce:/home/rhodecode/rhodecode-enterprise-ce:delegated | |
42 | - $WORKSPACE_HOME/rhodecode-enterprise-ee:/home/rhodecode/rhodecode-enterprise-ee:delegated |
|
42 | - $WORKSPACE_HOME/rhodecode-enterprise-ee:/home/rhodecode/rhodecode-enterprise-ee:delegated | |
43 | - nixstore:/opt/nix/store |
|
43 | - nixstore:/opt/nix/store | |
44 | - pipcache:/home/rhodecode/.cache/pip |
|
44 | - pipcache:/home/rhodecode/.cache/pip | |
45 | # shared TMP dir |
|
45 | # shared TMP dir | |
46 | - rctmpdir:/tmp |
|
46 | - rctmpdir:/tmp | |
47 |
|
47 | |||
48 | celery-beat: |
|
48 | celery-beat: | |
49 | volumes: |
|
49 | volumes: | |
50 | - $WORKSPACE_HOME/rhodecode-vcsserver:/home/rhodecode/rhodecode-vcsserver:delegated |
|
50 | - $WORKSPACE_HOME/rhodecode-vcsserver:/home/rhodecode/rhodecode-vcsserver:delegated | |
51 | - $WORKSPACE_HOME/rhodecode-enterprise-ce:/home/rhodecode/rhodecode-enterprise-ce:delegated |
|
51 | - $WORKSPACE_HOME/rhodecode-enterprise-ce:/home/rhodecode/rhodecode-enterprise-ce:delegated | |
52 | - $WORKSPACE_HOME/rhodecode-enterprise-ee:/home/rhodecode/rhodecode-enterprise-ee:delegated |
|
52 | - $WORKSPACE_HOME/rhodecode-enterprise-ee:/home/rhodecode/rhodecode-enterprise-ee:delegated | |
53 | - nixstore:/opt/nix/store |
|
53 | - nixstore:/opt/nix/store | |
54 | - pipcache:/home/rhodecode/.cache/pip |
|
54 | - pipcache:/home/rhodecode/.cache/pip | |
55 | # shared TMP dir |
|
55 | # shared TMP dir | |
56 | - rctmpdir:/tmp |
|
56 | - rctmpdir:/tmp | |
57 |
|
57 | |||
58 | svn: |
|
58 | svn: | |
59 | volumes: |
|
59 | volumes: | |
60 | - $WORKSPACE_HOME/rhodecode-vcsserver:/home/rhodecode/rhodecode-vcsserver:delegated |
|
60 | - $WORKSPACE_HOME/rhodecode-vcsserver:/home/rhodecode/rhodecode-vcsserver:delegated | |
61 | - $WORKSPACE_HOME/rhodecode-enterprise-ce:/home/rhodecode/rhodecode-enterprise-ce:delegated |
|
61 | - $WORKSPACE_HOME/rhodecode-enterprise-ce:/home/rhodecode/rhodecode-enterprise-ce:delegated | |
62 | - $WORKSPACE_HOME/rhodecode-enterprise-ee:/home/rhodecode/rhodecode-enterprise-ee:delegated |
|
62 | - $WORKSPACE_HOME/rhodecode-enterprise-ee:/home/rhodecode/rhodecode-enterprise-ee:delegated | |
63 | - $WORKSPACE_HOME:/var/opt/rhodecode_repo_store:delegated |
|
63 | - $WORKSPACE_HOME:/var/opt/rhodecode_repo_store:delegated | |
64 | - nixstore:/opt/nix/store |
|
64 | - nixstore:/opt/nix/store | |
65 | - pipcache:/home/rhodecode/.cache/pip |
|
65 | - pipcache:/home/rhodecode/.cache/pip | |
66 | # shared TMP dir |
|
66 | # shared TMP dir | |
67 | - rctmpdir:/tmp |
|
67 | - rctmpdir:/tmp | |
|
68 | # config override | |||
|
69 | - $PWD/service/svn/virtualhost.conf:/home/rhodecode/apache2/conf/virtualhost.conf | |||
68 |
|
70 | |||
69 | sshd: |
|
71 | sshd: | |
70 | volumes: |
|
72 | volumes: | |
71 | - $WORKSPACE_HOME/rhodecode-vcsserver:/home/rhodecode/rhodecode-vcsserver:delegated |
|
73 | - $WORKSPACE_HOME/rhodecode-vcsserver:/home/rhodecode/rhodecode-vcsserver:delegated | |
72 | - $WORKSPACE_HOME/rhodecode-enterprise-ce:/home/rhodecode/rhodecode-enterprise-ce:delegated |
|
74 | - $WORKSPACE_HOME/rhodecode-enterprise-ce:/home/rhodecode/rhodecode-enterprise-ce:delegated | |
73 | - $WORKSPACE_HOME/rhodecode-enterprise-ee:/home/rhodecode/rhodecode-enterprise-ee:delegated |
|
75 | - $WORKSPACE_HOME/rhodecode-enterprise-ee:/home/rhodecode/rhodecode-enterprise-ee:delegated | |
74 | - $WORKSPACE_HOME:/var/opt/rhodecode_repo_store:delegated |
|
76 | - $WORKSPACE_HOME:/var/opt/rhodecode_repo_store:delegated | |
75 | - nixstore:/opt/nix/store |
|
77 | - nixstore:/opt/nix/store | |
76 | - pipcache:/home/rhodecode/.cache/pip |
|
78 | - pipcache:/home/rhodecode/.cache/pip | |
77 | # shared TMP dir |
|
79 | # shared TMP dir | |
78 | - rctmpdir:/tmp |
|
80 | - rctmpdir:/tmp |
@@ -1,302 +1,304 b'' | |||||
1 | version: '3.9' |
|
1 | version: '3.9' | |
2 |
|
2 | |||
3 | x-logging: &custom-logging |
|
3 | x-logging: &custom-logging | |
4 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions |
|
4 | # docker plugin install grafana/loki-docker-driver:2.7.1 --alias loki --grant-all-permissions | |
5 | # NOTE: loki logging driver ONLY works for host type networks... |
|
5 | # NOTE: loki logging driver ONLY works for host type networks... | |
6 | driver: loki |
|
6 | driver: loki | |
7 | options: |
|
7 | options: | |
8 | #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push" |
|
8 | #loki-url: "http://${RC_LOKI_AUTH}loki:3100/loki/api/v1/push" | |
9 | loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push" |
|
9 | loki-url: "http://${RC_LOKI_AUTH}127.0.0.1:3100/loki/api/v1/push" | |
10 | loki-retries: "5" |
|
10 | loki-retries: "5" | |
11 | loki-timeout: "1s" |
|
11 | loki-timeout: "1s" | |
12 | loki-max-backoff: "800ms" |
|
12 | loki-max-backoff: "800ms" | |
13 |
|
13 | |||
14 |
|
14 | |||
15 | services: |
|
15 | services: | |
16 |
|
16 | |||
17 | # base shared options for RhodeCode type services |
|
17 | # base shared options for RhodeCode type services | |
18 | common_base: |
|
18 | common_base: | |
19 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} |
|
19 | image: rhodecode/rhodecode-${RC_EDITION}:${RC_VERSION:-4.28.0} | |
20 | stdin_open: true |
|
20 | stdin_open: true | |
21 | tty: true |
|
21 | tty: true | |
22 | restart: always |
|
22 | restart: always | |
23 | deploy: |
|
23 | deploy: | |
24 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
24 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
25 | replicas: 0 |
|
25 | replicas: 0 | |
26 | networks: |
|
26 | networks: | |
27 | - rhodecode_network |
|
27 | - rhodecode_network | |
28 | extra_hosts: |
|
28 | extra_hosts: | |
29 | - "host.docker.internal:host-gateway" |
|
29 | - "host.docker.internal:host-gateway" | |
30 | volumes: |
|
30 | volumes: | |
31 | - confvolume:/etc/rhodecode/conf |
|
31 | - confvolume:/etc/rhodecode/conf | |
32 | - rc_reposvolume:/var/opt/rhodecode_repo_store |
|
32 | - rc_reposvolume:/var/opt/rhodecode_repo_store | |
33 | - rc_datavolume:/var/opt/rhodecode_data |
|
33 | - rc_datavolume:/var/opt/rhodecode_data | |
34 | logging: |
|
34 | logging: | |
35 | *custom-logging |
|
35 | *custom-logging | |
36 |
|
36 | |||
37 | # base definition WITHOUT labels to full control over override and custom service |
|
37 | # base definition WITHOUT labels to full control over override and custom service | |
38 | # main rhodecode will use extends + service from that base |
|
38 | # main rhodecode will use extends + service from that base | |
39 | rhodecode_base: |
|
39 | rhodecode_base: | |
40 | extends: |
|
40 | extends: | |
41 | service: common_base |
|
41 | service: common_base | |
42 |
|
42 | |||
43 | env_file: |
|
43 | env_file: | |
44 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
44 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
45 |
|
45 | |||
46 | command: [ |
|
46 | command: [ | |
47 | "/usr/local/bin/rhodecode_bin/bin/gunicorn", |
|
47 | "/usr/local/bin/rhodecode_bin/bin/gunicorn", | |
48 | "--error-logfile=-", |
|
48 | "--error-logfile=-", | |
49 | "--paster=/etc/rhodecode/conf/rhodecode.ini", |
|
49 | "--paster=/etc/rhodecode/conf/rhodecode.ini", | |
50 | "--config=/etc/rhodecode/conf/gunicorn_conf_rc.py" |
|
50 | "--config=/etc/rhodecode/conf/gunicorn_conf_rc.py" | |
51 | ] |
|
51 | ] | |
52 |
|
52 | |||
53 | build: |
|
53 | build: | |
54 | context: . |
|
54 | context: . | |
55 | dockerfile: service/rhodecode/rhodecode.dockerfile |
|
55 | dockerfile: service/rhodecode/rhodecode.dockerfile | |
56 | args: |
|
56 | args: | |
57 | TZ: ${TZ:-UTC} |
|
57 | TZ: ${TZ:-UTC} | |
58 | RHODECODE_VERSION: ${RC_VERSION:-4.28.0} |
|
58 | RHODECODE_VERSION: ${RC_VERSION:-4.28.0} | |
59 | RHODECODE_DB: postgresql://rhodecode:${DB_PASSWORD:?must-specify-db-password}@database/${DB_NAME:?must-specify-db-name} |
|
59 | RHODECODE_DB: postgresql://rhodecode:${DB_PASSWORD:?must-specify-db-password}@database/${DB_NAME:?must-specify-db-name} | |
60 | RHODECODE_USER_NAME: ${RHODECODE_USER_NAME} |
|
60 | RHODECODE_USER_NAME: ${RHODECODE_USER_NAME} | |
61 | RHODECODE_USER_PASS: ${RHODECODE_USER_PASS} |
|
61 | RHODECODE_USER_PASS: ${RHODECODE_USER_PASS} | |
62 | RHODECODE_USER_EMAIL: ${RHODECODE_USER_EMAIL} |
|
62 | RHODECODE_USER_EMAIL: ${RHODECODE_USER_EMAIL} | |
63 |
|
63 | |||
64 | environment: |
|
64 | environment: | |
65 | RC_APP_TYPE: rhodecode_http |
|
65 | RC_APP_TYPE: rhodecode_http | |
66 | RC_APP_PROC: 1 |
|
66 | RC_APP_PROC: 1 | |
67 | RC_APP_PORT: "10020" |
|
67 | RC_APP_PORT: "10020" | |
68 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
68 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" | |
69 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
69 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" | |
70 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" |
|
70 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" | |
71 | GEVENT_RESOLVER: "ares" |
|
71 | GEVENT_RESOLVER: "ares" | |
72 | GUNICORN_CMD_ARGS: "--bind=0.0.0.0:10020 --name=gunicorn-rhodecode-1 --workers=2" |
|
72 | GUNICORN_CMD_ARGS: "--bind=0.0.0.0:10020 --name=gunicorn-rhodecode-1 --workers=2" | |
73 |
|
73 | |||
74 | DB_UPGRADE: 1 # run the DB upgrade |
|
74 | DB_UPGRADE: 1 # run the DB upgrade | |
75 | SETUP_APP: 1 # run the application default settings setup, can be turned off after initial run |
|
75 | SETUP_APP: 1 # run the application default settings setup, can be turned off after initial run | |
76 | #FORCE_DB_INIT_FILE: 1 # force the database init, warning: destroys old DB |
|
76 | #FORCE_DB_INIT_FILE: 1 # force the database init, warning: destroys old DB | |
77 | #FORCE_RC_SETUP_APP: 1 # force running setup scripts for configuration/license application |
|
77 | #FORCE_RC_SETUP_APP: 1 # force running setup scripts for configuration/license application | |
78 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini |
|
78 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini | |
79 |
|
79 | |||
80 | # SVN Specific |
|
80 | # SVN Specific | |
81 | MOD_DAV_SVN_PORT: 8090 |
|
81 | MOD_DAV_SVN_PORT: 8090 | |
|
82 | MOD_DAV_SVN_LOG_LEVEL: info | |||
82 | APACHE_LOG_DIR: /var/log |
|
83 | APACHE_LOG_DIR: /var/log | |
83 | MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf |
|
84 | MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf | |
84 |
|
85 | |||
85 | healthcheck: |
|
86 | healthcheck: | |
86 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${RC_APP_PORT}/_admin/ops/ping |
|
87 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${RC_APP_PORT}/_admin/ops/ping | |
87 | timeout: 30s |
|
88 | timeout: 30s | |
88 | interval: 60s |
|
89 | interval: 60s | |
89 | retries: 10 |
|
90 | retries: 10 | |
90 |
|
91 | |||
91 | tmpfs: |
|
92 | tmpfs: | |
92 | - /data_ramdisk:size=${RC_DATA_RAMDISK_SIZE:-256M} |
|
93 | - /data_ramdisk:size=${RC_DATA_RAMDISK_SIZE:-256M} | |
93 |
|
94 | |||
94 | rhodecode: |
|
95 | rhodecode: | |
95 | # depends_on: |
|
96 | # depends_on: | |
96 | # - redis |
|
97 | # - redis | |
97 | # - database |
|
98 | # - database | |
98 | # - channelstream |
|
99 | # - channelstream | |
99 | # ports: |
|
100 | # ports: | |
100 | # - "127.0.0.1::10020" |
|
101 | # - "127.0.0.1::10020" | |
101 | extends: |
|
102 | extends: | |
102 | service: rhodecode_base |
|
103 | service: rhodecode_base | |
103 |
|
104 | |||
104 | deploy: |
|
105 | deploy: | |
105 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
106 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
106 | # replicas of rhodecode and vcsserver should be equal in most cases |
|
107 | # replicas of rhodecode and vcsserver should be equal in most cases | |
107 | replicas: 1 |
|
108 | replicas: 1 | |
108 |
|
109 | |||
109 | volumes: |
|
110 | volumes: | |
110 | - ./.custom/static_files:/var/opt/rhodecode_static_data |
|
111 | - ./.custom/static_files:/var/opt/rhodecode_static_data | |
111 |
|
112 | |||
112 | labels: |
|
113 | labels: | |
113 | - "autoheal=true" |
|
114 | - "autoheal=true" | |
114 | - "traefik.enable=true" |
|
115 | - "traefik.enable=true" | |
115 | - "traefik.http.routers.rhodecode.entrypoints=http" |
|
116 | - "traefik.http.routers.rhodecode.entrypoints=http" | |
116 | - "traefik.http.routers.rhodecode.priority=10" |
|
117 | - "traefik.http.routers.rhodecode.priority=10" | |
117 | - "traefik.http.routers.rhodecode.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`)" |
|
118 | - "traefik.http.routers.rhodecode.rule=Host(`${RC_HOSTNAME:?must-specify-rhodecode-hostname}`)" | |
118 | - "traefik.http.routers.rhodecode.service=rhodecode-web" |
|
119 | - "traefik.http.routers.rhodecode.service=rhodecode-web" | |
119 | - "traefik.http.services.rhodecode-web.loadbalancer.server.port=10020" |
|
120 | - "traefik.http.services.rhodecode-web.loadbalancer.server.port=10020" | |
120 | # HTTP + SSL example, should be put into .custom/docker-compose-apps.override.yaml |
|
121 | # HTTP + SSL example, should be put into .custom/docker-compose-apps.override.yaml | |
121 | #- "traefik.http.routers.rhodecode.entrypoints=http,https" |
|
122 | #- "traefik.http.routers.rhodecode.entrypoints=http,https" | |
122 |
|
123 | |||
123 | vcsserver: |
|
124 | vcsserver: | |
124 | # depends_on: |
|
125 | # depends_on: | |
125 | # - redis |
|
126 | # - redis | |
126 | # ports: |
|
127 | # ports: | |
127 | # - "127.0.0.1::10010" |
|
128 | # - "127.0.0.1::10010" | |
128 | extends: |
|
129 | extends: | |
129 | service: common_base |
|
130 | service: common_base | |
130 | env_file: |
|
131 | env_file: | |
131 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
132 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
132 | command: [ |
|
133 | command: [ | |
133 | "/usr/local/bin/rhodecode_bin/vcs_bin/gunicorn", |
|
134 | "/usr/local/bin/rhodecode_bin/vcs_bin/gunicorn", | |
134 | "--error-logfile=-", |
|
135 | "--error-logfile=-", | |
135 | "--paster=/etc/rhodecode/conf/vcsserver.ini", |
|
136 | "--paster=/etc/rhodecode/conf/vcsserver.ini", | |
136 | "--config=/etc/rhodecode/conf/gunicorn_conf_vcs.py" |
|
137 | "--config=/etc/rhodecode/conf/gunicorn_conf_vcs.py" | |
137 | ] |
|
138 | ] | |
138 | deploy: |
|
139 | deploy: | |
139 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
140 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
140 | # replicas of rhodecode and vcsserver should be equal in most cases |
|
141 | # replicas of rhodecode and vcsserver should be equal in most cases | |
141 | replicas: 1 |
|
142 | replicas: 1 | |
142 | environment: |
|
143 | environment: | |
143 | RC_APP_TYPE: rhodecode_vcsserver |
|
144 | RC_APP_TYPE: rhodecode_vcsserver | |
144 | RC_APP_PROC: 1 |
|
145 | RC_APP_PROC: 1 | |
145 | RC_APP_PORT: "10010" |
|
146 | RC_APP_PORT: "10010" | |
146 | MAIN_INI_PATH: /etc/rhodecode/conf/vcsserver.ini |
|
147 | MAIN_INI_PATH: /etc/rhodecode/conf/vcsserver.ini | |
147 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
148 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" | |
148 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
149 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" | |
149 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" |
|
150 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" | |
150 | GUNICORN_CMD_ARGS: "--bind=0.0.0.0:10010 --name=gunicorn-vcsserver-1 --workers=3" |
|
151 | GUNICORN_CMD_ARGS: "--bind=0.0.0.0:10010 --name=gunicorn-vcsserver-1 --workers=3" | |
151 |
|
152 | |||
152 | healthcheck: |
|
153 | healthcheck: | |
153 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${RC_APP_PORT}/status |
|
154 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${RC_APP_PORT}/status | |
154 | timeout: 30s |
|
155 | timeout: 30s | |
155 | start_period: 5s |
|
156 | start_period: 5s | |
156 | interval: 60s |
|
157 | interval: 60s | |
157 | retries: 10 |
|
158 | retries: 10 | |
158 | labels: |
|
159 | labels: | |
159 | - "autoheal=true" |
|
160 | - "autoheal=true" | |
160 |
|
161 | |||
161 | celery: |
|
162 | celery: | |
162 | extends: |
|
163 | extends: | |
163 | service: common_base |
|
164 | service: common_base | |
164 | # depends_on: |
|
165 | # depends_on: | |
165 | # - database |
|
166 | # - database | |
166 | # - redis |
|
167 | # - redis | |
167 | env_file: |
|
168 | env_file: | |
168 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
169 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
169 | command: [ |
|
170 | command: [ | |
170 | "/usr/local/bin/rhodecode_bin/bin/celery", |
|
171 | "/usr/local/bin/rhodecode_bin/bin/celery", | |
171 | "--no-color", |
|
172 | "--no-color", | |
172 | "--app=rhodecode.lib.celerylib.loader", |
|
173 | "--app=rhodecode.lib.celerylib.loader", | |
173 | "worker", |
|
174 | "worker", | |
174 | "--autoscale=20,2", |
|
175 | "--autoscale=20,2", | |
175 | "--task-events", |
|
176 | "--task-events", | |
176 | "--loglevel=DEBUG", |
|
177 | "--loglevel=DEBUG", | |
177 | "--ini=/etc/rhodecode/conf/rhodecode.ini" |
|
178 | "--ini=/etc/rhodecode/conf/rhodecode.ini" | |
178 | ] |
|
179 | ] | |
179 | deploy: |
|
180 | deploy: | |
180 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
181 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
181 | replicas: 1 |
|
182 | replicas: 1 | |
182 | environment: |
|
183 | environment: | |
183 | RC_APP_TYPE: rhodecode_celery |
|
184 | RC_APP_TYPE: rhodecode_celery | |
184 | RC_APP_PROC: 1 |
|
185 | RC_APP_PROC: 1 | |
185 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini |
|
186 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini | |
186 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
187 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" | |
187 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
188 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" | |
188 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" |
|
189 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" | |
189 | labels: |
|
190 | labels: | |
190 | - "autoheal=true" |
|
191 | - "autoheal=true" | |
191 |
|
192 | |||
192 | celery-beat: |
|
193 | celery-beat: | |
193 | extends: |
|
194 | extends: | |
194 | service: common_base |
|
195 | service: common_base | |
195 | # depends_on: |
|
196 | # depends_on: | |
196 | # - database |
|
197 | # - database | |
197 | # - redis |
|
198 | # - redis | |
198 | env_file: |
|
199 | env_file: | |
199 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
200 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
200 | command: [ |
|
201 | command: [ | |
201 | "/usr/local/bin/rhodecode_bin/bin/celery", |
|
202 | "/usr/local/bin/rhodecode_bin/bin/celery", | |
202 | "--no-color", |
|
203 | "--no-color", | |
203 | "--app=rhodecode.lib.celerylib.loader", |
|
204 | "--app=rhodecode.lib.celerylib.loader", | |
204 | "beat", |
|
205 | "beat", | |
205 | "--scheduler=rhodecode.lib.celerylib.scheduler.RcScheduler", |
|
206 | "--scheduler=rhodecode.lib.celerylib.scheduler.RcScheduler", | |
206 | "--loglevel=DEBUG", |
|
207 | "--loglevel=DEBUG", | |
207 | "--ini=/etc/rhodecode/conf/rhodecode.ini" |
|
208 | "--ini=/etc/rhodecode/conf/rhodecode.ini" | |
208 | ] |
|
209 | ] | |
209 | deploy: |
|
210 | deploy: | |
210 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
211 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
211 | replicas: 1 |
|
212 | replicas: 1 | |
212 | environment: |
|
213 | environment: | |
213 | RC_APP_TYPE: rhodecode_beat |
|
214 | RC_APP_TYPE: rhodecode_beat | |
214 | RC_APP_PROC: 1 |
|
215 | RC_APP_PROC: 1 | |
215 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini |
|
216 | MAIN_INI_PATH: /etc/rhodecode/conf/rhodecode.ini | |
216 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
217 | SSL_CERT_FILE: "/etc/rhodecode/conf/ca-bundle.crt" | |
217 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" |
|
218 | REQUESTS_CA_BUNDLE: "/etc/rhodecode/conf/ca-bundle.crt" | |
218 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" |
|
219 | GIT_SSL_CAINFO: "/etc/rhodecode/conf/ca-bundle.crt" | |
219 | labels: |
|
220 | labels: | |
220 | - "autoheal=true" |
|
221 | - "autoheal=true" | |
221 |
|
222 | |||
222 | svn: |
|
223 | svn: | |
223 | extends: |
|
224 | extends: | |
224 | service: common_base |
|
225 | service: common_base | |
225 | # depends_on: |
|
226 | # depends_on: | |
226 | # - database |
|
227 | # - database | |
227 | # - redis |
|
228 | # - redis | |
228 |
|
229 | |||
229 | # build: |
|
230 | # build: | |
230 | # context: . |
|
231 | # context: . | |
231 | # dockerfile: service/svn/rhodecode_svn.dockerfile |
|
232 | # dockerfile: service/svn/rhodecode_svn.dockerfile | |
232 | # args: |
|
233 | # args: | |
233 | # APACHE_VER: 1.3 |
|
234 | # APACHE_VER: 1.3 | |
234 |
|
235 | |||
235 | env_file: |
|
236 | env_file: | |
236 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
237 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
237 | command: [ |
|
238 | command: [ | |
238 | "apachectl", |
|
239 | "apachectl", | |
239 | "-D", |
|
240 | "-D", | |
240 | "FOREGROUND" |
|
241 | "FOREGROUND" | |
241 | ] |
|
242 | ] | |
242 | deploy: |
|
243 | deploy: | |
243 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
244 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
244 | replicas: 1 |
|
245 | replicas: 1 | |
245 | environment: |
|
246 | environment: | |
246 | RC_APP_TYPE: rhodecode_svn |
|
247 | RC_APP_TYPE: rhodecode_svn | |
247 |
|
248 | |||
248 | # SVN Specific |
|
249 | # SVN Specific | |
249 | MOD_DAV_SVN_PORT: 8090 |
|
250 | MOD_DAV_SVN_PORT: 8090 | |
|
251 | MOD_DAV_SVN_LOG_LEVEL: info | |||
250 | APACHE_LOG_DIR: /var/log |
|
252 | APACHE_LOG_DIR: /var/log | |
251 | MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf |
|
253 | MOD_DAV_SVN_CONF_FILE: /etc/rhodecode/conf/svn/mod_dav_svn.conf | |
252 |
MOD_DAV_CORE_MODULES_DIR: / |
|
254 | MOD_DAV_CORE_MODULES_DIR: /home/rhodecode/apache2/modules/ | |
253 |
MOD_DAV_SVN_MODULE: / |
|
255 | MOD_DAV_SVN_MODULE: /home/rhodecode/apache2/modules/mod_dav.so | |
254 |
|
256 | |||
255 | healthcheck: |
|
257 | healthcheck: | |
256 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${MOD_DAV_SVN_PORT}/_server_status |
|
258 | test: curl -A RhodeCode-Healthcheck -s -o /dev/null -w '%{http_code}' http://127.0.0.1:$${MOD_DAV_SVN_PORT}/_server_status | |
257 | timeout: 30s |
|
259 | timeout: 30s | |
258 | interval: 60s |
|
260 | interval: 60s | |
259 | retries: 10 |
|
261 | retries: 10 | |
260 | # ports: |
|
262 | # ports: | |
261 | # - "127.0.0.1::8090" |
|
263 | # - "127.0.0.1::8090" | |
262 | labels: |
|
264 | labels: | |
263 | - "autoheal=true" |
|
265 | - "autoheal=true" | |
264 |
|
266 | |||
265 | sshd: |
|
267 | sshd: | |
266 | extends: |
|
268 | extends: | |
267 | service: common_base |
|
269 | service: common_base | |
268 | # depends_on: |
|
270 | # depends_on: | |
269 | # - database |
|
271 | # - database | |
270 | # - redis |
|
272 | # - redis | |
271 | env_file: |
|
273 | env_file: | |
272 | - ${RC_ENV_FILE:?must-specify-rc-env-file} |
|
274 | - ${RC_ENV_FILE:?must-specify-rc-env-file} | |
273 | command: [ |
|
275 | command: [ | |
274 | "/usr/sbin/sshd", |
|
276 | "/usr/sbin/sshd", | |
275 | "-f", |
|
277 | "-f", | |
276 | "/etc/rhodecode/sshd_config", |
|
278 | "/etc/rhodecode/sshd_config", | |
277 | "-D", |
|
279 | "-D", | |
278 | "-e" |
|
280 | "-e" | |
279 | ] |
|
281 | ] | |
280 | deploy: |
|
282 | deploy: | |
281 | # override this in .custom/docker-compose-apps.override.yaml to scale up |
|
283 | # override this in .custom/docker-compose-apps.override.yaml to scale up | |
282 | replicas: 1 |
|
284 | replicas: 1 | |
283 | environment: |
|
285 | environment: | |
284 | RC_APP_TYPE: rhodecode_sshd |
|
286 | RC_APP_TYPE: rhodecode_sshd | |
285 | SSH_BOOTSTRAP: 1 |
|
287 | SSH_BOOTSTRAP: 1 | |
286 | SSH_ENSURE_PERMS: 1 |
|
288 | SSH_ENSURE_PERMS: 1 | |
287 | healthcheck: |
|
289 | healthcheck: | |
288 | # we call ssh internally, to find permission denied, if SSH is DOWN it would be connection refused |
|
290 | # we call ssh internally, to find permission denied, if SSH is DOWN it would be connection refused | |
289 | test: /usr/bin/ssh -p22 -o StrictHostKeyChecking=no -o PasswordAuthentication=No rhodecode@localhost true 2>&1 | grep -c 'Permission denied' > /dev/null |
|
291 | test: /usr/bin/ssh -p22 -o StrictHostKeyChecking=no -o PasswordAuthentication=No rhodecode@localhost true 2>&1 | grep -c 'Permission denied' > /dev/null | |
290 | timeout: 30s |
|
292 | timeout: 30s | |
291 | interval: 60s |
|
293 | interval: 60s | |
292 | retries: 10 |
|
294 | retries: 10 | |
293 | # ports: |
|
295 | # ports: | |
294 | # # 9022 is set from .env file too. |
|
296 | # # 9022 is set from .env file too. | |
295 | # - "9022:22" |
|
297 | # - "9022:22" | |
296 | labels: |
|
298 | labels: | |
297 | - "autoheal=true" |
|
299 | - "autoheal=true" | |
298 | - "traefik.enable=true" |
|
300 | - "traefik.enable=true" | |
299 | - "traefik.tcp.routers.sshd.entrypoints=ssh" |
|
301 | - "traefik.tcp.routers.sshd.entrypoints=ssh" | |
300 | - "traefik.tcp.routers.sshd.rule=HostSNI(`*`)" |
|
302 | - "traefik.tcp.routers.sshd.rule=HostSNI(`*`)" | |
301 | - "traefik.tcp.routers.sshd.service=rhodecode-ssh" |
|
303 | - "traefik.tcp.routers.sshd.service=rhodecode-ssh" | |
302 | - "traefik.tcp.services.rhodecode-ssh.loadbalancer.server.port=22" |
|
304 | - "traefik.tcp.services.rhodecode-ssh.loadbalancer.server.port=22" |
@@ -1,298 +1,299 b'' | |||||
1 | # binary-install |
|
1 | # binary-install | |
2 | FROM ubuntu:22.04 |
|
2 | FROM ubuntu:22.04 | |
3 | # Using 22.04 LTS Release |
|
3 | # Using 22.04 LTS Release | |
4 | MAINTAINER RhodeCode Inc. <support@rhodecode.com> |
|
4 | MAINTAINER RhodeCode Inc. <support@rhodecode.com> | |
5 |
|
5 | |||
6 | ARG TZ="UTC" |
|
6 | ARG TZ="UTC" | |
7 | ARG LOCALE_TYPE=en_US.UTF-8 |
|
7 | ARG LOCALE_TYPE=en_US.UTF-8 | |
8 | ARG RHODECODE_TYPE=Enterprise |
|
8 | ARG RHODECODE_TYPE=Enterprise | |
9 |
|
9 | |||
10 | ARG RHODECODE_VERSION=4.28.0 |
|
10 | ARG RHODECODE_VERSION=4.28.0 | |
11 |
|
11 | |||
12 | ARG RHODECODE_DB=sqlite |
|
12 | ARG RHODECODE_DB=sqlite | |
13 | ARG RHODECODE_USER_NAME=admin |
|
13 | ARG RHODECODE_USER_NAME=admin | |
14 | ARG RHODECODE_USER_PASS=secret4 |
|
14 | ARG RHODECODE_USER_PASS=secret4 | |
15 | ARG RHODECODE_USER_EMAIL=admin@server.local |
|
15 | ARG RHODECODE_USER_EMAIL=admin@server.local | |
16 |
|
16 | |||
17 | # nix ver/channels |
|
17 | # nix ver/channels | |
18 | ARG DEV_NIX_VERSION=2.0.4 |
|
18 | ARG DEV_NIX_VERSION=2.0.4 | |
19 | ARG DEV_NIX_CHANNEL=nixos-18.03 |
|
19 | ARG DEV_NIX_CHANNEL=nixos-18.03 | |
20 |
|
20 | |||
21 | # env are runtime |
|
21 | # env are runtime | |
22 | ENV \ |
|
22 | ENV \ | |
23 | TZ=${TZ} \ |
|
23 | TZ=${TZ} \ | |
24 | LOCALE_TYPE=${LOCALE_TYPE} \ |
|
24 | LOCALE_TYPE=${LOCALE_TYPE} \ | |
25 | \ |
|
25 | \ | |
26 | ## Define type we build, and the instance we'll create |
|
26 | ## Define type we build, and the instance we'll create | |
27 | RHODECODE_TYPE=${RHODECODE_TYPE} \ |
|
27 | RHODECODE_TYPE=${RHODECODE_TYPE} \ | |
28 | RC_TYPE_ID=enterprise-1 \ |
|
28 | RC_TYPE_ID=enterprise-1 \ | |
29 | \ |
|
29 | \ | |
30 | ## SETUP ARGS FOR INSTALLATION ## |
|
30 | ## SETUP ARGS FOR INSTALLATION ## | |
31 | ## set version we build on, get from .env or set default ver |
|
31 | ## set version we build on, get from .env or set default ver | |
32 | RHODECODE_VERSION=${RHODECODE_VERSION} \ |
|
32 | RHODECODE_VERSION=${RHODECODE_VERSION} \ | |
33 | \ |
|
33 | \ | |
34 | ## set DB, default sqlite |
|
34 | ## set DB, default sqlite | |
35 | RHODECODE_DB=${RHODECODE_DB} \ |
|
35 | RHODECODE_DB=${RHODECODE_DB} \ | |
36 | \ |
|
36 | \ | |
37 | ## set app bootstrap required data |
|
37 | ## set app bootstrap required data | |
38 | RHODECODE_USER_NAME=${RHODECODE_USER_NAME} \ |
|
38 | RHODECODE_USER_NAME=${RHODECODE_USER_NAME} \ | |
39 | RHODECODE_USER_PASS=${RHODECODE_USER_PASS} \ |
|
39 | RHODECODE_USER_PASS=${RHODECODE_USER_PASS} \ | |
40 | RHODECODE_USER_EMAIL=${RHODECODE_USER_EMAIL} \ |
|
40 | RHODECODE_USER_EMAIL=${RHODECODE_USER_EMAIL} \ | |
41 | \ |
|
41 | \ | |
42 | RC_USER=rhodecode \ |
|
42 | RC_USER=rhodecode \ | |
43 | \ |
|
43 | \ | |
44 | # SVN CONFIG |
|
44 | # SVN CONFIG | |
45 | MOD_DAV_SVN_CONF_FILE=/etc/rhodecode/conf/svn/mod_dav_svn.conf \ |
|
45 | MOD_DAV_SVN_CONF_FILE=/etc/rhodecode/conf/svn/mod_dav_svn.conf \ | |
46 | MOD_DAV_SVN_PORT=8090 \ |
|
46 | MOD_DAV_SVN_PORT=8090 \ | |
|
47 | MOD_DAV_SVN_LOG_LEVEL=info \ | |||
47 | \ |
|
48 | \ | |
48 | # SSHD CONFIG |
|
49 | # SSHD CONFIG | |
49 | SSHD_CONF_FILE=/etc/rhodecode/sshd_config \ |
|
50 | SSHD_CONF_FILE=/etc/rhodecode/sshd_config \ | |
50 | \ |
|
51 | \ | |
51 | SHARED_CONF_DIR=/etc/rhodecode/conf \ |
|
52 | SHARED_CONF_DIR=/etc/rhodecode/conf \ | |
52 | BUILD_CONF=/etc/rhodecode/conf_build \ |
|
53 | BUILD_CONF=/etc/rhodecode/conf_build \ | |
53 | BUILD_BIN_DIR=/usr/local/bin/rhodecode_bin \ |
|
54 | BUILD_BIN_DIR=/usr/local/bin/rhodecode_bin \ | |
54 | RHODECODE_DATA_DIR=/var/opt/rhodecode_data \ |
|
55 | RHODECODE_DATA_DIR=/var/opt/rhodecode_data \ | |
55 | RHODECODE_REPO_DIR=/var/opt/rhodecode_repo_store \ |
|
56 | RHODECODE_REPO_DIR=/var/opt/rhodecode_repo_store \ | |
56 | RHODECODE_HTTP_PORT=10020 \ |
|
57 | RHODECODE_HTTP_PORT=10020 \ | |
57 | RHODECODE_VCS_PORT=10010 \ |
|
58 | RHODECODE_VCS_PORT=10010 \ | |
58 | RHODECODE_HOST=0.0.0.0 \ |
|
59 | RHODECODE_HOST=0.0.0.0 \ | |
59 | RHODECODE_VCS_HOST=127.0.0.1 |
|
60 | RHODECODE_VCS_HOST=127.0.0.1 | |
60 |
|
61 | |||
61 | ENV \ |
|
62 | ENV \ | |
62 | RCCONTROL=/home/$RC_USER/.rccontrol-profile/bin/rccontrol \ |
|
63 | RCCONTROL=/home/$RC_USER/.rccontrol-profile/bin/rccontrol \ | |
63 | SUPERVISOR_CONF=/home/$RC_USER/.rccontrol/supervisor/supervisord.ini \ |
|
64 | SUPERVISOR_CONF=/home/$RC_USER/.rccontrol/supervisor/supervisord.ini \ | |
64 | # make application scripts visible |
|
65 | # make application scripts visible | |
65 | PATH=$PATH:/home/$RC_USER/.rccontrol-profile/bin |
|
66 | PATH=$PATH:/home/$RC_USER/.rccontrol-profile/bin | |
66 |
|
67 | |||
67 | ENV SVN_LOCALE_DEPS apache2 apache2-utils libapache2-mod-svn |
|
68 | ENV SVN_LOCALE_DEPS apache2 apache2-utils libapache2-mod-svn | |
68 | ENV SSH_LOCALE_DEPS openssh-server |
|
69 | ENV SSH_LOCALE_DEPS openssh-server | |
69 | ENV PYTHON_DEPS python2 |
|
70 | ENV PYTHON_DEPS python2 | |
70 | ENV EXTRA_DEPS "" |
|
71 | ENV EXTRA_DEPS "" | |
71 |
|
72 | |||
72 | ENV \ |
|
73 | ENV \ | |
73 | NIX_BLD_USER=nixbld \ |
|
74 | NIX_BLD_USER=nixbld \ | |
74 | NIX_PATH=/nix/var/nix/profiles/per-user/$RC_USER/channels \ |
|
75 | NIX_PATH=/nix/var/nix/profiles/per-user/$RC_USER/channels \ | |
75 | NIX_SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt \ |
|
76 | NIX_SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt \ | |
76 | PATH=$PATH:/nix/var/nix/profiles/per-user/$RC_USER/profile/bin:/home/$RC_USER/rhodecode-enterprise-ee/profile/bin |
|
77 | PATH=$PATH:/nix/var/nix/profiles/per-user/$RC_USER/profile/bin:/home/$RC_USER/rhodecode-enterprise-ee/profile/bin | |
77 |
|
78 | |||
78 | RUN \ |
|
79 | RUN \ | |
79 | echo "** install base packages **" && \ |
|
80 | echo "** install base packages **" && \ | |
80 | set -eux; \ |
|
81 | set -eux; \ | |
81 | \ |
|
82 | \ | |
82 | savedAptMark="$(apt-mark showmanual)"; \ |
|
83 | savedAptMark="$(apt-mark showmanual)"; \ | |
83 | apt-get update; \ |
|
84 | apt-get update; \ | |
84 | DEBIAN_FRONTEND="noninteractive" \ |
|
85 | DEBIAN_FRONTEND="noninteractive" \ | |
85 | apt-get install -y --no-install-recommends \ |
|
86 | apt-get install -y --no-install-recommends \ | |
86 | tini \ |
|
87 | tini \ | |
87 | bash \ |
|
88 | bash \ | |
88 | binutils \ |
|
89 | binutils \ | |
89 | tzdata \ |
|
90 | tzdata \ | |
90 | locales \ |
|
91 | locales \ | |
91 | openssl \ |
|
92 | openssl \ | |
92 | curl \ |
|
93 | curl \ | |
93 | sudo \ |
|
94 | sudo \ | |
94 | gosu \ |
|
95 | gosu \ | |
95 | bzip2 \ |
|
96 | bzip2 \ | |
96 | ca-certificates \ |
|
97 | ca-certificates \ | |
97 | $PYTHON_DEPS \ |
|
98 | $PYTHON_DEPS \ | |
98 | $SSH_LOCALE_DEPS \ |
|
99 | $SSH_LOCALE_DEPS \ | |
99 | $SVN_LOCALE_DEPS \ |
|
100 | $SVN_LOCALE_DEPS \ | |
100 | $EXTRA_DEPS \ |
|
101 | $EXTRA_DEPS \ | |
101 | ; \ |
|
102 | ; \ | |
102 | rm -rf /var/lib/apt/lists/*; |
|
103 | rm -rf /var/lib/apt/lists/*; | |
103 |
|
104 | |||
104 | RUN \ |
|
105 | RUN \ | |
105 | echo "** Configure the python executable for py2/3 compat **" && \ |
|
106 | echo "** Configure the python executable for py2/3 compat **" && \ | |
106 | IS_PY=$(which python3 || which python2) && \ |
|
107 | IS_PY=$(which python3 || which python2) && \ | |
107 | if [ -n $IS_PY ] ; then ln -s $IS_PY /usr/bin/python ; fi |
|
108 | if [ -n $IS_PY ] ; then ln -s $IS_PY /usr/bin/python ; fi | |
108 |
|
109 | |||
109 | RUN \ |
|
110 | RUN \ | |
110 | echo "** Configure the locales **" && \ |
|
111 | echo "** Configure the locales **" && \ | |
111 | sed -i "s/^# ${LOCALE_TYPE}/${LOCALE_TYPE}/g" /etc/locale.gen && \ |
|
112 | sed -i "s/^# ${LOCALE_TYPE}/${LOCALE_TYPE}/g" /etc/locale.gen && \ | |
112 | locale-gen |
|
113 | locale-gen | |
113 |
|
114 | |||
114 | # locale-archive is a fix for old nix glibc2.26 locales available |
|
115 | # locale-archive is a fix for old nix glibc2.26 locales available | |
115 | ENV \ |
|
116 | ENV \ | |
116 | LOCALE_ARCHIVE=/var/opt/locale-archive \ |
|
117 | LOCALE_ARCHIVE=/var/opt/locale-archive \ | |
117 | LANG=${LOCALE_TYPE} \ |
|
118 | LANG=${LOCALE_TYPE} \ | |
118 | LANGUAGE=${LOCALE_TYPE} \ |
|
119 | LANGUAGE=${LOCALE_TYPE} \ | |
119 | LC_ALL=${LOCALE_TYPE} |
|
120 | LC_ALL=${LOCALE_TYPE} | |
120 |
|
121 | |||
121 | # configure the system user |
|
122 | # configure the system user | |
122 | # explicitly set uid/gid to guarantee that it won't change in the future |
|
123 | # explicitly set uid/gid to guarantee that it won't change in the future | |
123 | # the values 999:999 are identical to the current user/group id assigned |
|
124 | # the values 999:999 are identical to the current user/group id assigned | |
124 | RUN \ |
|
125 | RUN \ | |
125 | echo "** Create system user $RC_USER **" && \ |
|
126 | echo "** Create system user $RC_USER **" && \ | |
126 | groupadd --system --gid 999 $RC_USER && \ |
|
127 | groupadd --system --gid 999 $RC_USER && \ | |
127 | useradd --system --gid $RC_USER --uid 999 --shell /bin/bash $RC_USER && \ |
|
128 | useradd --system --gid $RC_USER --uid 999 --shell /bin/bash $RC_USER && \ | |
128 | usermod -G $RC_USER $RC_USER |
|
129 | usermod -G $RC_USER $RC_USER | |
129 |
|
130 | |||
130 | RUN \ |
|
131 | RUN \ | |
131 | echo "** Create nix-build user $NIX_BLD_USER **" && \ |
|
132 | echo "** Create nix-build user $NIX_BLD_USER **" && \ | |
132 | groupadd --system --gid 1099 $NIX_BLD_USER && \ |
|
133 | groupadd --system --gid 1099 $NIX_BLD_USER && \ | |
133 | useradd --system --gid $NIX_BLD_USER --uid 1099 --shell /bin/bash $NIX_BLD_USER && \ |
|
134 | useradd --system --gid $NIX_BLD_USER --uid 1099 --shell /bin/bash $NIX_BLD_USER && \ | |
134 | usermod -G $NIX_BLD_USER $NIX_BLD_USER |
|
135 | usermod -G $NIX_BLD_USER $NIX_BLD_USER | |
135 |
|
136 | |||
136 | RUN \ |
|
137 | RUN \ | |
137 | echo "** disable nix sandboxing **" && \ |
|
138 | echo "** disable nix sandboxing **" && \ | |
138 | mkdir /etc/nix && echo 'sandbox = false' > /etc/nix/nix.conf |
|
139 | mkdir /etc/nix && echo 'sandbox = false' > /etc/nix/nix.conf | |
139 |
|
140 | |||
140 |
|
141 | |||
141 | # set the defult bash shell |
|
142 | # set the defult bash shell | |
142 | SHELL ["/bin/bash", "-c"] |
|
143 | SHELL ["/bin/bash", "-c"] | |
143 |
|
144 | |||
144 | # Fix and set a timezone |
|
145 | # Fix and set a timezone | |
145 | RUN \ |
|
146 | RUN \ | |
146 | echo "** configure the timezone **" && \ |
|
147 | echo "** configure the timezone **" && \ | |
147 | rm /etc/localtime && cp /usr/share/zoneinfo/$TZ /etc/localtime && \ |
|
148 | rm /etc/localtime && cp /usr/share/zoneinfo/$TZ /etc/localtime && \ | |
148 | echo $TZ > /etc/timezone |
|
149 | echo $TZ > /etc/timezone | |
149 |
|
150 | |||
150 |
|
151 | |||
151 | RUN \ |
|
152 | RUN \ | |
152 | echo "** prepare rhodecode store and cache **" && \ |
|
153 | echo "** prepare rhodecode store and cache **" && \ | |
153 | install -d -m 0700 -o $RC_USER -g $RC_USER /nix && \ |
|
154 | install -d -m 0700 -o $RC_USER -g $RC_USER /nix && \ | |
154 | install -d -m 0755 -o $RC_USER -g $RC_USER /opt/rhodecode && \ |
|
155 | install -d -m 0755 -o $RC_USER -g $RC_USER /opt/rhodecode && \ | |
155 | install -d -m 0755 -o $RC_USER -g $RC_USER /usr/local/bin/rhodecode_bin && \ |
|
156 | install -d -m 0755 -o $RC_USER -g $RC_USER /usr/local/bin/rhodecode_bin && \ | |
156 | install -d -m 0755 -o $RC_USER -g $RC_USER $RHODECODE_REPO_DIR && \ |
|
157 | install -d -m 0755 -o $RC_USER -g $RC_USER $RHODECODE_REPO_DIR && \ | |
157 | install -d -m 0755 -o $RC_USER -g $RC_USER $RHODECODE_DATA_DIR && \ |
|
158 | install -d -m 0755 -o $RC_USER -g $RC_USER $RHODECODE_DATA_DIR && \ | |
158 | install -d -m 0755 -o $RC_USER -g $RC_USER $BUILD_CONF && \ |
|
159 | install -d -m 0755 -o $RC_USER -g $RC_USER $BUILD_CONF && \ | |
159 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/rhodecode-vcsserver && \ |
|
160 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/rhodecode-vcsserver && \ | |
160 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/rhodecode-enterprise-ce && \ |
|
161 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/rhodecode-enterprise-ce && \ | |
161 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/rhodecode-enterprise-ee && \ |
|
162 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/rhodecode-enterprise-ee && \ | |
162 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/ && \ |
|
163 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/ && \ | |
163 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol && \ |
|
164 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol && \ | |
164 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/cache && \ |
|
165 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/cache && \ | |
165 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/bootstrap && \ |
|
166 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/bootstrap && \ | |
166 | install -d -m 0700 -o $RC_USER -g $RC_USER /home/$RC_USER/.ssh && \ |
|
167 | install -d -m 0700 -o $RC_USER -g $RC_USER /home/$RC_USER/.ssh && \ | |
167 | install -d -m 0700 -o $RC_USER -g $RC_USER /home/$RC_USER/.rhoderc |
|
168 | install -d -m 0700 -o $RC_USER -g $RC_USER /home/$RC_USER/.rhoderc | |
168 |
|
169 | |||
169 | # expose our custom sshd config |
|
170 | # expose our custom sshd config | |
170 | COPY service/sshd/sshd_config $SSHD_CONF_FILE |
|
171 | COPY service/sshd/sshd_config $SSHD_CONF_FILE | |
171 |
|
172 | |||
172 | # Apache SVN setup |
|
173 | # Apache SVN setup | |
173 | RUN \ |
|
174 | RUN \ | |
174 | echo "**** Apache config cleanup ****" && \ |
|
175 | echo "**** Apache config cleanup ****" && \ | |
175 | rm -f /etc/apache2/conf.d/info.conf \ |
|
176 | rm -f /etc/apache2/conf.d/info.conf \ | |
176 | /etc/apache2/conf.d/mpm.conf \ |
|
177 | /etc/apache2/conf.d/mpm.conf \ | |
177 | /etc/apache2/conf.d/userdir.conf && \ |
|
178 | /etc/apache2/conf.d/userdir.conf && \ | |
178 | rm -f /etc/apache2/sites-enabled/* && \ |
|
179 | rm -f /etc/apache2/sites-enabled/* && \ | |
179 | rm -f /etc/apache2/sites-available/* |
|
180 | rm -f /etc/apache2/sites-available/* | |
180 |
|
181 | |||
181 | # custom SVN virtualhost |
|
182 | # custom SVN virtualhost | |
182 | COPY service/svn/virtualhost.conf /etc/apache2/sites-enabled/ |
|
183 | COPY service/svn/virtualhost.conf /etc/apache2/sites-enabled/ | |
183 |
|
184 | |||
184 | RUN \ |
|
185 | RUN \ | |
185 | echo "**** Apache config ****" && \ |
|
186 | echo "**** Apache config ****" && \ | |
186 | echo $(strings /usr/lib/apache2/modules/mod_dav_svn.so | grep 'Powered by') > /var/opt/dav.version && \ |
|
187 | echo $(strings /usr/lib/apache2/modules/mod_dav_svn.so | grep 'Powered by') > /var/opt/dav.version && \ | |
187 | mkdir -p /run/apache2 && \ |
|
188 | mkdir -p /run/apache2 && \ | |
188 | mkdir -p /var/opt/www && \ |
|
189 | mkdir -p /var/opt/www && \ | |
189 | echo "unset HOME" > /etc/apache2/envvars && \ |
|
190 | echo "unset HOME" > /etc/apache2/envvars && \ | |
190 | echo "export APACHE_RUN_USER=${RC_USER}" >> /etc/apache2/envvars && \ |
|
191 | echo "export APACHE_RUN_USER=${RC_USER}" >> /etc/apache2/envvars && \ | |
191 | echo "export APACHE_PID_FILE=/var/run/apache2/apache2.pid" >> /etc/apache2/envvars && \ |
|
192 | echo "export APACHE_PID_FILE=/var/run/apache2/apache2.pid" >> /etc/apache2/envvars && \ | |
192 | echo "export APACHE_RUN_DIR=/var/run/apache2" >> /etc/apache2/envvars && \ |
|
193 | echo "export APACHE_RUN_DIR=/var/run/apache2" >> /etc/apache2/envvars && \ | |
193 | echo "export APACHE_LOCK_DIR=/var/lock/apache2" >> /etc/apache2/envvars && \ |
|
194 | echo "export APACHE_LOCK_DIR=/var/lock/apache2" >> /etc/apache2/envvars && \ | |
194 | echo "export APACHE_RUN_USER=${RC_USER}" >> /etc/apache2/envvars && \ |
|
195 | echo "export APACHE_RUN_USER=${RC_USER}" >> /etc/apache2/envvars && \ | |
195 | echo "export APACHE_RUN_GROUP=${RC_USER}" >> /etc/apache2/envvars && \ |
|
196 | echo "export APACHE_RUN_GROUP=${RC_USER}" >> /etc/apache2/envvars && \ | |
196 | sed -i "s/Listen 80/Listen ${MOD_DAV_SVN_PORT}/g" /etc/apache2/ports.conf |
|
197 | sed -i "s/Listen 80/Listen ${MOD_DAV_SVN_PORT}/g" /etc/apache2/ports.conf | |
197 |
|
198 | |||
198 |
|
199 | |||
199 | # Copy artifacts |
|
200 | # Copy artifacts | |
200 |
|
201 | |||
201 | COPY --chown=$RC_USER:$RC_USER .cache/locale-archive /var/opt/ |
|
202 | COPY --chown=$RC_USER:$RC_USER .cache/locale-archive /var/opt/ | |
202 | COPY --chown=$RC_USER:$RC_USER .cache/RhodeCode* /home/$RC_USER/.rccontrol/cache/ |
|
203 | COPY --chown=$RC_USER:$RC_USER .cache/RhodeCode* /home/$RC_USER/.rccontrol/cache/ | |
203 | COPY --chown=$RC_USER:$RC_USER config/_shared/rhodecode_enterprise.license /home/$RC_USER/.rccontrol/bootstrap/ |
|
204 | COPY --chown=$RC_USER:$RC_USER config/_shared/rhodecode_enterprise.license /home/$RC_USER/.rccontrol/bootstrap/ | |
204 | COPY --chown=$RC_USER:$RC_USER service/rhodecode/bootstrap/* /home/$RC_USER/.rccontrol/bootstrap/ |
|
205 | COPY --chown=$RC_USER:$RC_USER service/rhodecode/bootstrap/* /home/$RC_USER/.rccontrol/bootstrap/ | |
205 | #COPY --chown=$RC_USER:$RC_USER .source/ /home/$RC_USER/ |
|
206 | #COPY --chown=$RC_USER:$RC_USER .source/ /home/$RC_USER/ | |
206 |
|
207 | |||
207 |
|
208 | |||
208 | #RUN \ |
|
209 | #RUN \ | |
209 | #echo "** prepare rhodecode dirs **" && \ |
|
210 | #echo "** prepare rhodecode dirs **" && \ | |
210 | # install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/vcsserver-1 && \ |
|
211 | # install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/vcsserver-1 && \ | |
211 | # install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/community-1 && \ |
|
212 | # install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/community-1 && \ | |
212 | # install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/enterprise-1 && \ |
|
213 | # install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/enterprise-1 && \ | |
213 | # echo "Done rhodecode dirs" |
|
214 | # echo "Done rhodecode dirs" | |
214 |
|
215 | |||
215 | # change to non-root user for RUN commands |
|
216 | # change to non-root user for RUN commands | |
216 | USER $RC_USER |
|
217 | USER $RC_USER | |
217 | WORKDIR /home/$RC_USER |
|
218 | WORKDIR /home/$RC_USER | |
218 |
|
219 | |||
219 | RUN \ |
|
220 | RUN \ | |
220 | echo "** install rhodecode control **" && \ |
|
221 | echo "** install rhodecode control **" && \ | |
221 | cd /home/$RC_USER/.rccontrol/cache && \ |
|
222 | cd /home/$RC_USER/.rccontrol/cache && \ | |
222 | INSTALLER=$(ls -Art /home/$RC_USER/.rccontrol/cache/RhodeCode-installer-* | tail -n 1) && \ |
|
223 | INSTALLER=$(ls -Art /home/$RC_USER/.rccontrol/cache/RhodeCode-installer-* | tail -n 1) && \ | |
223 | chmod +x ${INSTALLER} && \ |
|
224 | chmod +x ${INSTALLER} && \ | |
224 | ${INSTALLER} --accept-license && \ |
|
225 | ${INSTALLER} --accept-license && \ | |
225 | ${RCCONTROL} self-init && \ |
|
226 | ${RCCONTROL} self-init && \ | |
226 | cp -v /home/$RC_USER/.rccontrol-profile/etc/ca-bundle.crt $BUILD_CONF/ && \ |
|
227 | cp -v /home/$RC_USER/.rccontrol-profile/etc/ca-bundle.crt $BUILD_CONF/ && \ | |
227 | echo "Done installing rhodecode control" |
|
228 | echo "Done installing rhodecode control" | |
228 |
|
229 | |||
229 | RUN \ |
|
230 | RUN \ | |
230 | echo "** install vcsserver ${RHODECODE_VERSION} **" && \ |
|
231 | echo "** install vcsserver ${RHODECODE_VERSION} **" && \ | |
231 | ${RCCONTROL} install VCSServer --version ${RHODECODE_VERSION} --start-at-boot=yes --accept-license --offline \ |
|
232 | ${RCCONTROL} install VCSServer --version ${RHODECODE_VERSION} --start-at-boot=yes --accept-license --offline \ | |
232 | '{"host":"'"$RHODECODE_VCS_HOST"'", "port":"'"$RHODECODE_VCS_PORT"'"}' && \ |
|
233 | '{"host":"'"$RHODECODE_VCS_HOST"'", "port":"'"$RHODECODE_VCS_PORT"'"}' && \ | |
233 | VCSSERVER_PATH=/home/$RC_USER/.rccontrol/vcsserver-1 && \ |
|
234 | VCSSERVER_PATH=/home/$RC_USER/.rccontrol/vcsserver-1 && \ | |
234 | rm -rf $BUILD_BIN_DIR/vcs_bin && \ |
|
235 | rm -rf $BUILD_BIN_DIR/vcs_bin && \ | |
235 | ln -s ${VCSSERVER_PATH}/profile/bin $BUILD_BIN_DIR/vcs_bin && \ |
|
236 | ln -s ${VCSSERVER_PATH}/profile/bin $BUILD_BIN_DIR/vcs_bin && \ | |
236 | cp -v ${VCSSERVER_PATH}/vcsserver.ini $BUILD_CONF/vcsserver.ini && \ |
|
237 | cp -v ${VCSSERVER_PATH}/vcsserver.ini $BUILD_CONF/vcsserver.ini && \ | |
237 | cp -v ${VCSSERVER_PATH}/gunicorn_conf.py $BUILD_CONF/gunicorn_conf_vcs.py && \ |
|
238 | cp -v ${VCSSERVER_PATH}/gunicorn_conf.py $BUILD_CONF/gunicorn_conf_vcs.py && \ | |
238 | echo "Done installing vcsserver" |
|
239 | echo "Done installing vcsserver" | |
239 |
|
240 | |||
240 | RUN \ |
|
241 | RUN \ | |
241 | echo "** install rhodecode ${RHODECODE_TYPE} ${RHODECODE_VERSION} **" && \ |
|
242 | echo "** install rhodecode ${RHODECODE_TYPE} ${RHODECODE_VERSION} **" && \ | |
242 | RHODECODE_DB_INIT=sqlite && \ |
|
243 | RHODECODE_DB_INIT=sqlite && \ | |
243 | ${RCCONTROL} install ${RHODECODE_TYPE} --version ${RHODECODE_VERSION} --start-at-boot=yes --accept-license --offline \ |
|
244 | ${RCCONTROL} install ${RHODECODE_TYPE} --version ${RHODECODE_VERSION} --start-at-boot=yes --accept-license --offline \ | |
244 | '{"host":"'"$RHODECODE_HOST"'", "port":"'"$RHODECODE_HTTP_PORT"'", "username":"'"$RHODECODE_USER_NAME"'", "password":"'"$RHODECODE_USER_PASS"'", "email":"'"$RHODECODE_USER_EMAIL"'", "repo_dir":"'"$RHODECODE_REPO_DIR"'", "database": "'"$RHODECODE_DB_INIT"'", "skip_existing_db": "1"}' && \ |
|
245 | '{"host":"'"$RHODECODE_HOST"'", "port":"'"$RHODECODE_HTTP_PORT"'", "username":"'"$RHODECODE_USER_NAME"'", "password":"'"$RHODECODE_USER_PASS"'", "email":"'"$RHODECODE_USER_EMAIL"'", "repo_dir":"'"$RHODECODE_REPO_DIR"'", "database": "'"$RHODECODE_DB_INIT"'", "skip_existing_db": "1"}' && \ | |
245 | RHODECODE_PATH=/home/$RC_USER/.rccontrol/${RC_TYPE_ID} && \ |
|
246 | RHODECODE_PATH=/home/$RC_USER/.rccontrol/${RC_TYPE_ID} && \ | |
246 | rm -rf $BUILD_BIN_DIR/bin && ln -s ${RHODECODE_PATH}/profile/bin $BUILD_BIN_DIR/ && \ |
|
247 | rm -rf $BUILD_BIN_DIR/bin && ln -s ${RHODECODE_PATH}/profile/bin $BUILD_BIN_DIR/ && \ | |
247 | cp -v ${RHODECODE_PATH}/rhodecode.ini $BUILD_CONF/rhodecode.ini && \ |
|
248 | cp -v ${RHODECODE_PATH}/rhodecode.ini $BUILD_CONF/rhodecode.ini && \ | |
248 | cp -v ${RHODECODE_PATH}/gunicorn_conf.py $BUILD_CONF/gunicorn_conf_rc.py && \ |
|
249 | cp -v ${RHODECODE_PATH}/gunicorn_conf.py $BUILD_CONF/gunicorn_conf_rc.py && \ | |
249 | cp -v ${RHODECODE_PATH}/search_mapping.ini $BUILD_CONF/search_mapping.ini && \ |
|
250 | cp -v ${RHODECODE_PATH}/search_mapping.ini $BUILD_CONF/search_mapping.ini && \ | |
250 | mkdir -p $RHODECODE_DATA_DIR/static && cp -r ${RHODECODE_PATH}/public/* $RHODECODE_DATA_DIR/static/ && \ |
|
251 | mkdir -p $RHODECODE_DATA_DIR/static && cp -r ${RHODECODE_PATH}/public/* $RHODECODE_DATA_DIR/static/ && \ | |
251 | rm ${RHODECODE_PATH}/rhodecode.db && \ |
|
252 | rm ${RHODECODE_PATH}/rhodecode.db && \ | |
252 | echo "Done installing rhodecode" |
|
253 | echo "Done installing rhodecode" | |
253 |
|
254 | |||
254 |
|
255 | |||
255 | RUN \ |
|
256 | RUN \ | |
256 | echo "** configure supervisord **" && \ |
|
257 | echo "** configure supervisord **" && \ | |
257 | cp -v ${SUPERVISOR_CONF} $BUILD_CONF/ && \ |
|
258 | cp -v ${SUPERVISOR_CONF} $BUILD_CONF/ && \ | |
258 | sed -i "s/self_managed_supervisor = False/self_managed_supervisor = True/g" /home/$RC_USER/.rccontrol.ini && \ |
|
259 | sed -i "s/self_managed_supervisor = False/self_managed_supervisor = True/g" /home/$RC_USER/.rccontrol.ini && \ | |
259 | echo "Done installing supervisord" |
|
260 | echo "Done installing supervisord" | |
260 |
|
261 | |||
261 | USER root |
|
262 | USER root | |
262 |
|
263 | |||
263 | RUN \ |
|
264 | RUN \ | |
264 | echo "**** cleanup ****" && \ |
|
265 | echo "**** cleanup ****" && \ | |
265 | apt-get remove -y $PYTHON_DEPS && \ |
|
266 | apt-get remove -y $PYTHON_DEPS && \ | |
266 | apt-get autoclean -y && \ |
|
267 | apt-get autoclean -y && \ | |
267 | rm -f /tmp/* && \ |
|
268 | rm -f /tmp/* && \ | |
268 | rm -f /home/$RC_USER/.rccontrol/cache/RhodeCode-* && \ |
|
269 | rm -f /home/$RC_USER/.rccontrol/cache/RhodeCode-* && \ | |
269 | rm -rf /var/lib/apt/lists/* && \ |
|
270 | rm -rf /var/lib/apt/lists/* && \ | |
270 | rm -rf /var/cache/apk/* && \ |
|
271 | rm -rf /var/cache/apk/* && \ | |
271 | rm -f ${SUPERVISOR_CONF} && \ |
|
272 | rm -f ${SUPERVISOR_CONF} && \ | |
272 | echo "Done cleanup" |
|
273 | echo "Done cleanup" | |
273 |
|
274 | |||
274 | #RUN \ |
|
275 | #RUN \ | |
275 | #echo "**** cleanup source ****" && \ |
|
276 | #echo "**** cleanup source ****" && \ | |
276 | # rm -rf /home/$RC_USER/rhodecode-vcsserver && \ |
|
277 | # rm -rf /home/$RC_USER/rhodecode-vcsserver && \ | |
277 | # rm -rf /home/$RC_USER/rhodecode-enterprise-ce && \ |
|
278 | # rm -rf /home/$RC_USER/rhodecode-enterprise-ce && \ | |
278 | # rm -rf /home/$RC_USER/rhodecode-enterprise-ee && \ |
|
279 | # rm -rf /home/$RC_USER/rhodecode-enterprise-ee && \ | |
279 | # echo "Done cleanup source" |
|
280 | # echo "Done cleanup source" | |
280 |
|
281 | |||
281 | # copy entrypoints |
|
282 | # copy entrypoints | |
282 | COPY entrypoints.d/entrypoint.sh /opt/entrypoints.d/entrypoint.sh |
|
283 | COPY entrypoints.d/entrypoint.sh /opt/entrypoints.d/entrypoint.sh | |
283 |
|
284 | |||
284 | RUN chmod +x /opt/entrypoints.d/entrypoint.sh |
|
285 | RUN chmod +x /opt/entrypoints.d/entrypoint.sh | |
285 |
|
286 | |||
286 | # config volume |
|
287 | # config volume | |
287 | VOLUME /etc/rhodecode/conf |
|
288 | VOLUME /etc/rhodecode/conf | |
288 |
|
289 | |||
289 | # repo store volume |
|
290 | # repo store volume | |
290 | VOLUME /var/opt/rhodecode_repo_store |
|
291 | VOLUME /var/opt/rhodecode_repo_store | |
291 |
|
292 | |||
292 | # data volume |
|
293 | # data volume | |
293 | VOLUME /var/opt/rhodecode_data |
|
294 | VOLUME /var/opt/rhodecode_data | |
294 |
|
295 | |||
295 | ENTRYPOINT ["/opt/entrypoints.d/entrypoint.sh"] |
|
296 | ENTRYPOINT ["/opt/entrypoints.d/entrypoint.sh"] | |
296 |
|
297 | |||
297 | # compose can override this |
|
298 | # compose can override this | |
298 | CMD [ "$BUILD_BIN_DIR/bin/gunicorn", "--error-logfile=-", "--paster=/etc/rhodecode/conf_build/rhodecode.ini", "--config=/etc/rhodecode/conf_build/gunicorn_conf_rc.py" ] |
|
299 | CMD [ "$BUILD_BIN_DIR/bin/gunicorn", "--error-logfile=-", "--paster=/etc/rhodecode/conf_build/rhodecode.ini", "--config=/etc/rhodecode/conf_build/gunicorn_conf_rc.py" ] |
@@ -1,444 +1,448 b'' | |||||
1 | # virtualenv-install |
|
1 | # virtualenv-install | |
2 |
|
2 | |||
3 | FROM ubuntu:22.04 |
|
3 | FROM ubuntu:22.04 | |
4 | # Using 22.04 LTS Release |
|
4 | # Using 22.04 LTS Release | |
5 |
|
5 | |||
6 | ARG TZ="UTC" |
|
6 | ARG TZ="UTC" | |
7 | ARG LOCALE_TYPE=en_US.UTF-8 |
|
7 | ARG LOCALE_TYPE=en_US.UTF-8 | |
8 | ARG RHODECODE_TYPE=Enterprise |
|
8 | ARG RHODECODE_TYPE=Enterprise | |
9 |
|
9 | |||
10 | ARG RHODECODE_VERSION=5.0.0 |
|
10 | ARG RHODECODE_VERSION=5.0.0 | |
11 |
|
11 | |||
12 | ARG RHODECODE_DB=sqlite |
|
12 | ARG RHODECODE_DB=sqlite | |
13 | ARG RHODECODE_USER_NAME=admin |
|
13 | ARG RHODECODE_USER_NAME=admin | |
14 | ARG RHODECODE_USER_PASS=secret4 |
|
14 | ARG RHODECODE_USER_PASS=secret4 | |
15 | ARG RHODECODE_USER_EMAIL=admin@server.local |
|
15 | ARG RHODECODE_USER_EMAIL=admin@server.local | |
16 |
|
16 | |||
17 | # env are runtime |
|
17 | # env are runtime | |
18 | ENV \ |
|
18 | ENV \ | |
19 | TZ=${TZ} \ |
|
19 | TZ=${TZ} \ | |
20 | LOCALE_TYPE=${LOCALE_TYPE} \ |
|
20 | LOCALE_TYPE=${LOCALE_TYPE} \ | |
21 | \ |
|
21 | \ | |
22 | ## Define type we build, and the instance we'll create |
|
22 | ## Define type we build, and the instance we'll create | |
23 | RHODECODE_TYPE=${RHODECODE_TYPE} \ |
|
23 | RHODECODE_TYPE=${RHODECODE_TYPE} \ | |
24 | RC_TYPE_ID=enterprise-1 \ |
|
24 | RC_TYPE_ID=enterprise-1 \ | |
25 | \ |
|
25 | \ | |
26 | ## SETUP ARGS FOR INSTALLATION ## |
|
26 | ## SETUP ARGS FOR INSTALLATION ## | |
27 | ## set version we build on, get from .env or set default ver |
|
27 | ## set version we build on, get from .env or set default ver | |
28 | RHODECODE_VERSION=${RHODECODE_VERSION} \ |
|
28 | RHODECODE_VERSION=${RHODECODE_VERSION} \ | |
29 | \ |
|
29 | \ | |
30 | ## set DB, default sqlite |
|
30 | ## set DB, default sqlite | |
31 | RHODECODE_DB=${RHODECODE_DB} \ |
|
31 | RHODECODE_DB=${RHODECODE_DB} \ | |
32 | \ |
|
32 | \ | |
33 | ## set app bootstrap required data |
|
33 | ## set app bootstrap required data | |
34 | RHODECODE_USER_NAME=${RHODECODE_USER_NAME} \ |
|
34 | RHODECODE_USER_NAME=${RHODECODE_USER_NAME} \ | |
35 | RHODECODE_USER_PASS=${RHODECODE_USER_PASS} \ |
|
35 | RHODECODE_USER_PASS=${RHODECODE_USER_PASS} \ | |
36 | RHODECODE_USER_EMAIL=${RHODECODE_USER_EMAIL} \ |
|
36 | RHODECODE_USER_EMAIL=${RHODECODE_USER_EMAIL} \ | |
37 | \ |
|
37 | \ | |
38 | RC_USER=rhodecode \ |
|
38 | RC_USER=rhodecode \ | |
39 | \ |
|
39 | \ | |
40 | # SVN CONFIG |
|
40 | # SVN CONFIG | |
41 | MOD_DAV_SVN_CONF_FILE=/etc/rhodecode/conf/svn/mod_dav_svn.conf \ |
|
41 | MOD_DAV_SVN_CONF_FILE=/etc/rhodecode/conf/svn/mod_dav_svn.conf \ | |
42 | MOD_DAV_SVN_PORT=8090 \ |
|
42 | MOD_DAV_SVN_PORT=8090 \ | |
|
43 | MOD_DAV_SVN_LOG_LEVEL=info \ | |||
43 | MOD_DAV_CORE_MODULES_DIR=/home/$RC_USER/apache2/modules \ |
|
44 | MOD_DAV_CORE_MODULES_DIR=/home/$RC_USER/apache2/modules \ | |
44 | MOD_DAV_SVN_MODULE=/home/rhodecode/subversion/libexec/mod_dav_svn.so \ |
|
45 | MOD_DAV_SVN_MODULE=/home/rhodecode/subversion/libexec/mod_dav_svn.so \ | |
45 | \ |
|
46 | \ | |
46 | # SSHD CONFIG |
|
47 | # SSHD CONFIG | |
47 | SSHD_CONF_FILE=/etc/rhodecode/sshd_config \ |
|
48 | SSHD_CONF_FILE=/etc/rhodecode/sshd_config \ | |
48 | \ |
|
49 | \ | |
49 | SHARED_CONF_DIR=/etc/rhodecode/conf \ |
|
50 | SHARED_CONF_DIR=/etc/rhodecode/conf \ | |
50 | BUILD_CONF=/etc/rhodecode/conf_build \ |
|
51 | BUILD_CONF=/etc/rhodecode/conf_build \ | |
51 | BUILD_BIN_DIR=/usr/local/bin/rhodecode_bin \ |
|
52 | BUILD_BIN_DIR=/usr/local/bin/rhodecode_bin \ | |
52 | RHODECODE_STATIC_DIR=/var/opt/rhodecode_static \ |
|
53 | RHODECODE_STATIC_DIR=/var/opt/rhodecode_static \ | |
53 | RHODECODE_DATA_DIR=/var/opt/rhodecode_data \ |
|
54 | RHODECODE_DATA_DIR=/var/opt/rhodecode_data \ | |
54 | RHODECODE_REPO_DIR=/var/opt/rhodecode_repo_store \ |
|
55 | RHODECODE_REPO_DIR=/var/opt/rhodecode_repo_store \ | |
55 | RHODECODE_HTTP_PORT=10020 \ |
|
56 | RHODECODE_HTTP_PORT=10020 \ | |
56 | RHODECODE_VCS_PORT=10010 \ |
|
57 | RHODECODE_VCS_PORT=10010 \ | |
57 | RHODECODE_HOST=0.0.0.0 \ |
|
58 | RHODECODE_HOST=0.0.0.0 \ | |
58 | RHODECODE_VCS_HOST=127.0.0.1 |
|
59 | RHODECODE_VCS_HOST=127.0.0.1 | |
59 |
|
60 | |||
60 |
|
61 | |||
61 | ENV SSH_DEPS \ |
|
62 | ENV SSH_DEPS \ | |
62 | openssh-server |
|
63 | openssh-server | |
63 |
|
64 | |||
64 | ENV SVN_DEPS \ |
|
65 | ENV SVN_DEPS \ | |
65 | "" |
|
66 | "" | |
66 |
|
67 | |||
67 | ENV SVN_DEV_DEPS \ |
|
68 | ENV SVN_DEV_DEPS \ | |
68 | libtool automake autoconf libapr1-dev libaprutil1-dev libdb5.3-dev liblz4-dev libpcre3-dev \ |
|
69 | libtool automake autoconf libapr1-dev libaprutil1-dev libdb5.3-dev liblz4-dev libpcre3-dev \ | |
69 | libperl-dev libserf-dev libneon27-gnutls-dev libutf8proc-dev py3c-dev gettext tcl-dev |
|
70 | libperl-dev libserf-dev libneon27-gnutls-dev libutf8proc-dev py3c-dev gettext tcl-dev | |
70 |
|
71 | |||
71 | ENV PYTHON_DEPS \ |
|
72 | ENV PYTHON_DEPS \ | |
72 | python3.11 |
|
73 | python3.11 | |
73 | ENV PYTHON_DEV_DEPS \ |
|
74 | ENV PYTHON_DEV_DEPS \ | |
74 | python3.11-dev build-essential libpq-dev libmysqlclient-dev libxmlsec1-dev libxml2-dev libsqlite3-dev \ |
|
75 | python3.11-dev build-essential libpq-dev libmysqlclient-dev libxmlsec1-dev libxml2-dev libsqlite3-dev \ | |
75 | liblzma-dev libzmq3-dev libldap2-dev libsasl2-dev libcurl4-openssl-dev libssl-dev libxslt-dev |
|
76 | liblzma-dev libzmq3-dev libldap2-dev libsasl2-dev libcurl4-openssl-dev libssl-dev libxslt-dev | |
76 |
|
77 | |||
77 | ENV EXTRA_DEPS \ |
|
78 | ENV EXTRA_DEPS \ | |
78 | vim pkg-config openssl libbz2-1.0 libbz2-dev sqlite3 cpanminus libapr1 |
|
79 | vim pkg-config openssl libbz2-1.0 libbz2-dev sqlite3 cpanminus libapr1 | |
79 |
|
80 | |||
80 | # define which deps from the above should be removed in cleanup phase |
|
81 | # define which deps from the above should be removed in cleanup phase | |
81 | ENV CLEANUP_DEPS \ |
|
82 | ENV CLEANUP_DEPS \ | |
82 | $PYTHON_DEV_DEPS $SVN_DEV_DEPS |
|
83 | $PYTHON_DEV_DEPS $SVN_DEV_DEPS | |
83 | ENV CLEANUP_DEPS "" |
|
84 | ENV CLEANUP_DEPS "" | |
84 |
|
85 | |||
85 | RUN \ |
|
86 | RUN \ | |
86 | echo "** install base packages **" && \ |
|
87 | echo "** install base packages **" && \ | |
87 | set -eux; \ |
|
88 | set -eux; \ | |
88 | apt-get update; \ |
|
89 | apt-get update; \ | |
89 | apt-get install -y ca-certificates curl openssl gpg; \ |
|
90 | apt-get install -y ca-certificates curl openssl gpg; \ | |
90 | curl -fsSL https://keyserver.ubuntu.com/pks/lookup\?op\=get\&search\=0xba6932366a755776 | gpg --dearmor -o /usr/share/keyrings/python-3.gpg; \ |
|
91 | curl -fsSL https://keyserver.ubuntu.com/pks/lookup\?op\=get\&search\=0xba6932366a755776 | gpg --dearmor -o /usr/share/keyrings/python-3.gpg; \ | |
91 | echo "deb [signed-by=/usr/share/keyrings/python-3.gpg] https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu jammy main" >> /etc/apt/sources.list; \ |
|
92 | echo "deb [signed-by=/usr/share/keyrings/python-3.gpg] https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu jammy main" >> /etc/apt/sources.list; \ | |
92 | echo "deb-src [signed-by=/usr/share/keyrings/python-3.gpg] https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu jammy main" >> /etc/apt/sources.list; \ |
|
93 | echo "deb-src [signed-by=/usr/share/keyrings/python-3.gpg] https://ppa.launchpadcontent.net/deadsnakes/ppa/ubuntu jammy main" >> /etc/apt/sources.list; \ | |
93 | \ |
|
94 | \ | |
94 | savedAptMark="$(apt-mark showmanual)"; \ |
|
95 | savedAptMark="$(apt-mark showmanual)"; \ | |
95 | apt-get update; \ |
|
96 | apt-get update; \ | |
96 | DEBIAN_FRONTEND="noninteractive" \ |
|
97 | DEBIAN_FRONTEND="noninteractive" \ | |
97 | apt-get install -y --no-install-recommends \ |
|
98 | apt-get install -y --no-install-recommends \ | |
98 | tini \ |
|
99 | tini \ | |
99 | bash \ |
|
100 | bash \ | |
100 | binutils \ |
|
101 | binutils \ | |
101 | tzdata \ |
|
102 | tzdata \ | |
102 | locales \ |
|
103 | locales \ | |
103 | openssl \ |
|
104 | openssl \ | |
104 | curl \ |
|
105 | curl \ | |
105 | sudo \ |
|
106 | sudo \ | |
106 | gosu \ |
|
107 | gosu \ | |
107 | bzip2 unzip \ |
|
108 | bzip2 unzip \ | |
108 | $PYTHON_DEPS $PYTHON_DEV_DEPS\ |
|
109 | $PYTHON_DEPS $PYTHON_DEV_DEPS\ | |
109 | $SSH_DEPS \ |
|
110 | $SSH_DEPS \ | |
110 | $SVN_DEPS $SVN_DEV_DEPS\ |
|
111 | $SVN_DEPS $SVN_DEV_DEPS\ | |
111 | $EXTRA_DEPS \ |
|
112 | $EXTRA_DEPS \ | |
112 | ; \ |
|
113 | ; \ | |
113 | rm -rf /var/lib/apt/lists/*; |
|
114 | rm -rf /var/lib/apt/lists/*; | |
114 |
|
115 | |||
115 | RUN \ |
|
116 | RUN \ | |
116 | echo "** Configure the locales **" && \ |
|
117 | echo "** Configure the locales **" && \ | |
117 | sed -i "s/^# ${LOCALE_TYPE}/${LOCALE_TYPE}/g" /etc/locale.gen && \ |
|
118 | sed -i "s/^# ${LOCALE_TYPE}/${LOCALE_TYPE}/g" /etc/locale.gen && \ | |
118 | locale-gen |
|
119 | locale-gen | |
119 |
|
120 | |||
120 | # locale-archive is a fix for old nix glibc2.26 locales available |
|
121 | # locale-archive is a fix for old nix glibc2.26 locales available | |
121 | ENV \ |
|
122 | ENV \ | |
122 | #LOCALE_ARCHIVE=/var/opt/locale-archive \ |
|
123 | #LOCALE_ARCHIVE=/var/opt/locale-archive \ | |
123 | LANG=${LOCALE_TYPE} \ |
|
124 | LANG=${LOCALE_TYPE} \ | |
124 | LANGUAGE=${LOCALE_TYPE} \ |
|
125 | LANGUAGE=${LOCALE_TYPE} \ | |
125 | LC_ALL=${LOCALE_TYPE} |
|
126 | LC_ALL=${LOCALE_TYPE} | |
126 |
|
127 | |||
127 | # configure the system user |
|
128 | # configure the system user | |
128 | # explicitly set uid/gid to guarantee that it won't change in the future |
|
129 | # explicitly set uid/gid to guarantee that it won't change in the future | |
129 | # the values 999:999 are identical to the current user/group id assigned |
|
130 | # the values 999:999 are identical to the current user/group id assigned | |
130 | RUN \ |
|
131 | RUN \ | |
131 | echo "** Create system user $RC_USER **" && \ |
|
132 | echo "** Create system user $RC_USER **" && \ | |
132 | groupadd --system --gid 999 $RC_USER && \ |
|
133 | groupadd --system --gid 999 $RC_USER && \ | |
133 | useradd --system --gid $RC_USER --uid 999 --shell /bin/bash $RC_USER && \ |
|
134 | useradd --system --gid $RC_USER --uid 999 --shell /bin/bash $RC_USER && \ | |
134 | usermod -G $RC_USER $RC_USER |
|
135 | usermod -G $RC_USER $RC_USER | |
135 |
|
136 | |||
136 | # Add new user docker to sudo group |
|
137 | # Add new user docker to sudo group | |
137 | RUN \ |
|
138 | RUN \ | |
138 | adduser $RC_USER sudo |
|
139 | adduser $RC_USER sudo | |
139 |
|
140 | |||
140 | # Ensure sudo group users are not |
|
141 | # Ensure sudo group users are not | |
141 | # asked for a password when using |
|
142 | # asked for a password when using | |
142 | # sudo command by ammending sudoers file |
|
143 | # sudo command by ammending sudoers file | |
143 | RUN \ |
|
144 | RUN \ | |
144 | echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers |
|
145 | echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers | |
145 |
|
146 | |||
146 | # set the defult bash shell |
|
147 | # set the defult bash shell | |
147 | SHELL ["/bin/bash", "-c"] |
|
148 | SHELL ["/bin/bash", "-c"] | |
148 |
|
149 | |||
149 | # Fix and set a timezone |
|
150 | # Fix and set a timezone | |
150 | RUN \ |
|
151 | RUN \ | |
151 | echo "** configure the timezone **" && \ |
|
152 | echo "** configure the timezone **" && \ | |
152 | rm /etc/localtime && cp /usr/share/zoneinfo/$TZ /etc/localtime && \ |
|
153 | rm /etc/localtime && cp /usr/share/zoneinfo/$TZ /etc/localtime && \ | |
153 | echo $TZ > /etc/timezone |
|
154 | echo $TZ > /etc/timezone | |
154 |
|
155 | |||
155 |
|
156 | |||
156 | RUN \ |
|
157 | RUN \ | |
157 | echo "** prepare rhodecode store and cache **" && \ |
|
158 | echo "** prepare rhodecode store and cache **" && \ | |
158 | install -d -m 0755 -o $RC_USER -g $RC_USER /opt/rhodecode && \ |
|
159 | install -d -m 0755 -o $RC_USER -g $RC_USER /opt/rhodecode && \ | |
159 | install -d -m 0700 -o $RC_USER -g $RC_USER /home/$RC_USER/venv && \ |
|
160 | install -d -m 0700 -o $RC_USER -g $RC_USER /home/$RC_USER/venv && \ | |
160 | install -d -m 0755 -o $RC_USER -g $RC_USER /usr/local/bin/rhodecode_bin && \ |
|
161 | install -d -m 0755 -o $RC_USER -g $RC_USER /usr/local/bin/rhodecode_bin && \ | |
161 | install -d -m 0755 -o $RC_USER -g $RC_USER $RHODECODE_STATIC_DIR && \ |
|
162 | install -d -m 0755 -o $RC_USER -g $RC_USER $RHODECODE_STATIC_DIR && \ | |
162 | install -d -m 0755 -o $RC_USER -g $RC_USER $RHODECODE_REPO_DIR && \ |
|
163 | install -d -m 0755 -o $RC_USER -g $RC_USER $RHODECODE_REPO_DIR && \ | |
163 | install -d -m 0755 -o $RC_USER -g $RC_USER $RHODECODE_DATA_DIR && \ |
|
164 | install -d -m 0755 -o $RC_USER -g $RC_USER $RHODECODE_DATA_DIR && \ | |
164 | install -d -m 0755 -o $RC_USER -g $RC_USER $BUILD_CONF && \ |
|
165 | install -d -m 0755 -o $RC_USER -g $RC_USER $BUILD_CONF && \ | |
165 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/rhodecode-vcsserver && \ |
|
166 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/rhodecode-vcsserver && \ | |
166 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/rhodecode-enterprise-ce && \ |
|
167 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/rhodecode-enterprise-ce && \ | |
167 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/rhodecode-enterprise-ee && \ |
|
168 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/rhodecode-enterprise-ee && \ | |
168 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/ && \ |
|
169 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/ && \ | |
169 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol && \ |
|
170 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol && \ | |
170 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/cache && \ |
|
171 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/cache && \ | |
171 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/bootstrap && \ |
|
172 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/bootstrap && \ | |
172 | install -d -m 0700 -o $RC_USER -g $RC_USER /home/$RC_USER/.ssh |
|
173 | install -d -m 0700 -o $RC_USER -g $RC_USER /home/$RC_USER/.ssh | |
173 |
|
174 | |||
174 | RUN \ |
|
175 | RUN \ | |
175 | echo 'export PS1=">> rhodecode-docker-$RHODECODE_VERSION \W \$ "' >> /root/.bash_profile && \ |
|
176 | echo 'export PS1=">> rhodecode-docker-$RHODECODE_VERSION \W \$ "' >> /root/.bash_profile && \ | |
176 | echo 'export PS1=">> rhodecode-docker-$RHODECODE_VERSION \W \$ "' >> /home/$RC_USER/.bash_profile |
|
177 | echo 'export PS1=">> rhodecode-docker-$RHODECODE_VERSION \W \$ "' >> /home/$RC_USER/.bash_profile | |
177 |
|
178 | |||
178 | # expose our custom sshd config |
|
179 | # expose our custom sshd config | |
179 | COPY service/sshd/sshd_config $SSHD_CONF_FILE |
|
180 | COPY service/sshd/sshd_config $SSHD_CONF_FILE | |
180 |
|
181 | |||
181 | # change to non-root user for RUN commands |
|
182 | # change to non-root user for RUN commands | |
182 | USER $RC_USER |
|
183 | USER $RC_USER | |
183 | WORKDIR /home/$RC_USER |
|
184 | WORKDIR /home/$RC_USER | |
184 |
|
185 | |||
185 | ENV \ |
|
186 | ENV \ | |
186 | VENV_PATH=/home/$RC_USER/venv |
|
187 | VENV_PATH=/home/$RC_USER/venv | |
187 |
|
188 | |||
188 | ENV \ |
|
189 | ENV \ | |
189 | PYTHON_VERSION=python3.11 \ |
|
190 | PYTHON_VERSION=python3.11 \ | |
190 | PYTHON_EXECUTABLE=/usr/bin/python3.11 \ |
|
191 | PYTHON_EXECUTABLE=/usr/bin/python3.11 \ | |
191 | PYTHON=$VENV_PATH/bin/python3.11 \ |
|
192 | PYTHON=$VENV_PATH/bin/python3.11 \ | |
192 | PIP_EXECUTABLE=$VENV_PATH/bin/pip \ |
|
193 | PIP_EXECUTABLE=$VENV_PATH/bin/pip \ | |
193 | # make venv application scripts visible |
|
194 | # make venv application scripts visible | |
194 | PATH=$VENV_PATH/bin:/home/$RC_USER/.local/bin:$PATH |
|
195 | PATH=$VENV_PATH/bin:/home/$RC_USER/.local/bin:$PATH | |
195 |
|
196 | |||
196 | RUN \ |
|
197 | RUN \ | |
197 | echo "** get pip **" && \ |
|
198 | echo "** get pip **" && \ | |
198 | curl -sSL https://bootstrap.pypa.io/get-pip.py -o get-pip.py && \ |
|
199 | curl -sSL https://bootstrap.pypa.io/get-pip.py -o get-pip.py && \ | |
199 | $PYTHON_EXECUTABLE get-pip.py \ |
|
200 | $PYTHON_EXECUTABLE get-pip.py \ | |
200 | --disable-pip-version-check \ |
|
201 | --disable-pip-version-check \ | |
201 | --no-cache-dir \ |
|
202 | --no-cache-dir \ | |
202 | --no-compile \ |
|
203 | --no-compile \ | |
203 | "pip==23.2.1" && \ |
|
204 | "pip==23.2.1" && \ | |
204 | rm get-pip.py |
|
205 | rm get-pip.py | |
205 |
|
206 | |||
206 | RUN \ |
|
207 | RUN \ | |
207 | /home/$RC_USER/.local/bin/pip install --user virtualenv |
|
208 | /home/$RC_USER/.local/bin/pip install --user virtualenv | |
208 |
|
209 | |||
209 | RUN \ |
|
210 | RUN \ | |
210 | /home/$RC_USER/.local/bin/virtualenv --python="$PYTHON_EXECUTABLE" $VENV_PATH && \ |
|
211 | /home/$RC_USER/.local/bin/virtualenv --python="$PYTHON_EXECUTABLE" $VENV_PATH && \ | |
211 | /home/$RC_USER/.local/bin/pip install --upgrade pip |
|
212 | /home/$RC_USER/.local/bin/pip install --upgrade pip | |
212 |
|
213 | |||
213 | # swig install |
|
214 | # swig install | |
214 | ENV \ |
|
215 | ENV \ | |
215 | RC_SWIG_VERSION=3.0.12 \ |
|
216 | RC_SWIG_VERSION=3.0.12 \ | |
216 | PATH=/usr/local/bin/:$PATH |
|
217 | PATH=/usr/local/bin/:$PATH | |
217 |
|
218 | |||
218 | RUN \ |
|
219 | RUN \ | |
219 | echo "** install swig packages $RC_SWIG_VERSION **" && \ |
|
220 | echo "** install swig packages $RC_SWIG_VERSION **" && \ | |
220 | curl -L https://sourceforge.net/projects/swig/files/swig/swig-$RC_SWIG_VERSION/swig-$RC_SWIG_VERSION.tar.gz/download -o swig.tar.gz && \ |
|
221 | curl -L https://sourceforge.net/projects/swig/files/swig/swig-$RC_SWIG_VERSION/swig-$RC_SWIG_VERSION.tar.gz/download -o swig.tar.gz && \ | |
221 | tar xfz swig.tar.gz && rm swig.tar.gz && \ |
|
222 | tar xfz swig.tar.gz && rm swig.tar.gz && \ | |
222 | cd swig-$RC_SWIG_VERSION && \ |
|
223 | cd swig-$RC_SWIG_VERSION && \ | |
223 | ./configure --with-python=$PYTHON && \ |
|
224 | ./configure --with-python=$PYTHON && \ | |
224 | make && \ |
|
225 | make && \ | |
225 | sudo make install && \ |
|
226 | sudo make install && \ | |
226 | cd ../ && sudo rm -rf swig-$RC_SWIG_VERSION |
|
227 | cd ../ && sudo rm -rf swig-$RC_SWIG_VERSION | |
227 |
|
228 | |||
228 | # GIT Install |
|
229 | # GIT Install | |
229 | ENV \ |
|
230 | ENV \ | |
230 | RC_GIT_VER=2.41.0 \ |
|
231 | RC_GIT_VER=2.41.0 \ | |
231 | # make git scripts visible |
|
232 | # make git scripts visible | |
232 | PATH=/home/$RC_USER/git/bin:$PATH |
|
233 | PATH=/home/$RC_USER/git/bin:$PATH | |
233 |
|
234 | |||
234 | RUN \ |
|
235 | RUN \ | |
235 | echo "** install git packages $RC_GIT_VER **" && \ |
|
236 | echo "** install git packages $RC_GIT_VER **" && \ | |
236 | curl -L https://www.kernel.org/pub/software/scm/git/git-$RC_GIT_VER.tar.gz -o git.tar.gz && \ |
|
237 | curl -L https://www.kernel.org/pub/software/scm/git/git-$RC_GIT_VER.tar.gz -o git.tar.gz && \ | |
237 | tar xfz git.tar.gz && rm git.tar.gz && \ |
|
238 | tar xfz git.tar.gz && rm git.tar.gz && \ | |
238 | cd git-$RC_GIT_VER && \ |
|
239 | cd git-$RC_GIT_VER && \ | |
239 | ./configure --prefix=/home/$RC_USER/git && \ |
|
240 | ./configure --prefix=/home/$RC_USER/git && \ | |
240 | make NO_GETTEXT=yes NO_MSGFMT=yes && \ |
|
241 | make NO_GETTEXT=yes NO_MSGFMT=yes && \ | |
241 | sudo make install && \ |
|
242 | sudo make install && \ | |
242 | cd ../ && sudo rm -rf git-$RC_GIT_VER |
|
243 | cd ../ && sudo rm -rf git-$RC_GIT_VER | |
243 |
|
244 | |||
244 | RUN \ |
|
245 | RUN \ | |
245 | echo "** install git symlinks **" && \ |
|
246 | echo "** install git symlinks **" && \ | |
246 | mkdir -p $BUILD_BIN_DIR/vcs_bin && \ |
|
247 | mkdir -p $BUILD_BIN_DIR/vcs_bin && \ | |
247 | sudo chown $RC_USER:$RC_USER /home/$RC_USER/git && \ |
|
248 | sudo chown $RC_USER:$RC_USER /home/$RC_USER/git && \ | |
248 | ln -s /home/$RC_USER/git/bin/git $BUILD_BIN_DIR/vcs_bin/git |
|
249 | ln -s /home/$RC_USER/git/bin/git $BUILD_BIN_DIR/vcs_bin/git | |
249 |
|
250 | |||
250 | # Apache2 install |
|
251 | # Apache2 install | |
251 | ENV \ |
|
252 | ENV \ | |
252 |
RC_APACHE2_VER=2.4.5 |
|
253 | RC_APACHE2_VER=2.4.58 \ | |
253 | # make apache scripts visible |
|
254 | # make apache scripts visible | |
254 | PATH=/home/$RC_USER/apache2/bin:$PATH |
|
255 | PATH=/home/$RC_USER/apache2/bin:$PATH | |
255 |
|
256 | |||
256 | RUN \ |
|
257 | RUN \ | |
257 | echo "** install Apache packages $RC_SVN_VER **" && \ |
|
258 | echo "** install Apache packages $RC_SVN_VER **" && \ | |
258 | curl -L https://archive.apache.org/dist/httpd/httpd-$RC_APACHE2_VER.tar.gz -o apache2.tar.gz && \ |
|
259 | curl -L https://archive.apache.org/dist/httpd/httpd-$RC_APACHE2_VER.tar.gz -o apache2.tar.gz && \ | |
259 | tar xfz apache2.tar.gz && rm apache2.tar.gz && \ |
|
260 | tar xfz apache2.tar.gz && rm apache2.tar.gz && \ | |
260 | cd httpd-$RC_APACHE2_VER && \ |
|
261 | cd httpd-$RC_APACHE2_VER && \ | |
261 | ./configure --prefix=/home/$RC_USER/apache2 --enable-mods-shared=reallyall --enable-dav --enable-authn-anon && \ |
|
262 | ./configure --prefix=/home/$RC_USER/apache2 --enable-mods-shared=reallyall --enable-dav --enable-authn-anon && \ | |
262 | make && \ |
|
263 | make && \ | |
263 | make install && \ |
|
264 | make install && \ | |
264 | cd ../ && sudo rm -rf httpd-$RC_APACHE2_VER |
|
265 | cd ../ && sudo rm -rf httpd-$RC_APACHE2_VER | |
265 |
|
266 | |||
266 | # custom SVN virtualhost |
|
267 | # custom SVN virtualhost | |
267 | COPY \ |
|
268 | COPY \ | |
268 | service/svn/virtualhost.conf /home/$RC_USER/apache2/conf/virtualhost.conf |
|
269 | service/svn/virtualhost.conf /home/$RC_USER/apache2/conf/virtualhost.conf | |
269 |
|
270 | |||
270 | RUN \ |
|
271 | RUN \ | |
271 | echo "**** Apache config ****" && \ |
|
272 | echo "**** Apache config ****" && \ | |
272 | sed -i "s/Listen 80/Listen ${MOD_DAV_SVN_PORT}/g" /home/$RC_USER/apache2/conf/httpd.conf && \ |
|
273 | sed -i "s/Listen 80/Listen ${MOD_DAV_SVN_PORT}/g" /home/$RC_USER/apache2/conf/httpd.conf && \ | |
273 | sed -i "s/#LoadModule dav_module modules\/mod_dav.so/LoadModule dav_module modules\/mod_dav.so/g" /home/$RC_USER/apache2/conf/httpd.conf && \ |
|
274 | sed -i "s/#LoadModule dav_module modules\/mod_dav.so/LoadModule dav_module modules\/mod_dav.so/g" /home/$RC_USER/apache2/conf/httpd.conf && \ | |
274 | sed -i "s/User daemon/User ${RC_USER}/g" /home/$RC_USER/apache2/conf/httpd.conf && \ |
|
275 | sed -i "s/User daemon/User ${RC_USER}/g" /home/$RC_USER/apache2/conf/httpd.conf && \ | |
275 | sed -i "s/Group daemon/Group ${RC_USER}/g" /home/$RC_USER/apache2/conf/httpd.conf && \ |
|
276 | sed -i "s/Group daemon/Group ${RC_USER}/g" /home/$RC_USER/apache2/conf/httpd.conf && \ | |
276 |
sed -i "s/ |
|
277 | sed -i "s/ServerAdmin you@example.com/ServerAdmin admin@${HOSTNAME}/g" /home/$RC_USER/apache2/conf/httpd.conf && \ | |
|
278 | sed -i "s/ServerName buildkitsandbox/ServerName ${HOSTNAME}/g" /home/$RC_USER/apache2/conf/httpd.conf && \ | |||
|
279 | sed -i "s/#Include conf\/extra\/httpd-vhosts.conf/Include conf\/virtualhost.conf/g" /home/$RC_USER/apache2/conf/httpd.conf | |||
|
280 | ||||
277 |
|
281 | |||
278 | # Subversion install |
|
282 | # Subversion install | |
279 | # https://svn.apache.org/repos/asf/subversion/trunk/subversion/bindings/swig/INSTALL |
|
283 | # https://svn.apache.org/repos/asf/subversion/trunk/subversion/bindings/swig/INSTALL | |
280 |
|
284 | |||
281 | ENV \ |
|
285 | ENV \ | |
282 | RC_SVN_VER=1.14.2 \ |
|
286 | RC_SVN_VER=1.14.2 \ | |
283 | SVN_PREFIX=/home/$RC_USER/subversion \ |
|
287 | SVN_PREFIX=/home/$RC_USER/subversion \ | |
284 | # make svn scripts visible |
|
288 | # make svn scripts visible | |
285 | PATH=/home/$RC_USER/subversion/bin:$PATH |
|
289 | PATH=/home/$RC_USER/subversion/bin:$PATH | |
286 |
|
290 | |||
287 |
|
291 | |||
288 | RUN \ |
|
292 | RUN \ | |
289 | echo "** install svn packages $RC_SVN_VER **" && \ |
|
293 | echo "** install svn packages $RC_SVN_VER **" && \ | |
290 | curl -L https://downloads.apache.org/subversion/subversion-$RC_SVN_VER.tar.gz -o subversion.tar.gz && \ |
|
294 | curl -L https://downloads.apache.org/subversion/subversion-$RC_SVN_VER.tar.gz -o subversion.tar.gz && \ | |
291 | tar xfz subversion.tar.gz && rm subversion.tar.gz && \ |
|
295 | tar xfz subversion.tar.gz && rm subversion.tar.gz && \ | |
292 | cd subversion-$RC_SVN_VER && \ |
|
296 | cd subversion-$RC_SVN_VER && \ | |
293 | ./autogen.sh && \ |
|
297 | ./autogen.sh && \ | |
294 | ./configure --prefix=$SVN_PREFIX --with-apxs=/home/$RC_USER/apache2/bin/apxs --enable-mod-activation --with-swig=/usr/local/bin/swig && \ |
|
298 | ./configure --prefix=$SVN_PREFIX --with-apxs=/home/$RC_USER/apache2/bin/apxs --enable-mod-activation --with-swig=/usr/local/bin/swig && \ | |
295 | make && \ |
|
299 | make && \ | |
296 | sudo make install && \ |
|
300 | sudo make install && \ | |
297 | sudo make clean-swig-py && \ |
|
301 | sudo make clean-swig-py && \ | |
298 | sudo make swig-py swig_pydir=$VENV_PATH/lib/$PYTHON_VERSION/site-packages/libsvn swig_pydir_extra=$VENV_PATH/lib/$PYTHON_VERSION/site-packages/svn && \ |
|
302 | sudo make swig-py swig_pydir=$VENV_PATH/lib/$PYTHON_VERSION/site-packages/libsvn swig_pydir_extra=$VENV_PATH/lib/$PYTHON_VERSION/site-packages/svn && \ | |
299 | sudo make install-swig-py swig_pydir=$VENV_PATH/lib/$PYTHON_VERSION/site-packages/libsvn swig_pydir_extra=$VENV_PATH/lib/$PYTHON_VERSION/site-packages/svn && \ |
|
303 | sudo make install-swig-py swig_pydir=$VENV_PATH/lib/$PYTHON_VERSION/site-packages/libsvn swig_pydir_extra=$VENV_PATH/lib/$PYTHON_VERSION/site-packages/svn && \ | |
300 | sudo ldconfig -v && \ |
|
304 | sudo ldconfig -v && \ | |
301 | cd ../ && sudo rm -rf subversion-$RC_SVN_VER |
|
305 | cd ../ && sudo rm -rf subversion-$RC_SVN_VER | |
302 |
|
306 | |||
303 | RUN \ |
|
307 | RUN \ | |
304 | echo "** install svn symlinks **" && \ |
|
308 | echo "** install svn symlinks **" && \ | |
305 | mkdir -p $BUILD_BIN_DIR/vcs_bin && \ |
|
309 | mkdir -p $BUILD_BIN_DIR/vcs_bin && \ | |
306 | sudo chown $RC_USER:$RC_USER /home/$RC_USER/subversion && \ |
|
310 | sudo chown $RC_USER:$RC_USER /home/$RC_USER/subversion && \ | |
307 | echo $(strings $MOD_DAV_SVN_MODULE | grep 'Powered by') > $BUILD_BIN_DIR/vcs_bin/mod_dav_svn.version && \ |
|
311 | echo $(strings $MOD_DAV_SVN_MODULE | grep 'Powered by') > $BUILD_BIN_DIR/vcs_bin/mod_dav_svn.version && \ | |
308 | ln -s /home/$RC_USER/subversion/svn $BUILD_BIN_DIR/vcs_bin/svn && \ |
|
312 | ln -s /home/$RC_USER/subversion/svn $BUILD_BIN_DIR/vcs_bin/svn && \ | |
309 | ln -s /home/$RC_USER/subversion/svnadmin $BUILD_BIN_DIR/vcs_bin/svnadmin && \ |
|
313 | ln -s /home/$RC_USER/subversion/svnadmin $BUILD_BIN_DIR/vcs_bin/svnadmin && \ | |
310 | ln -s /home/$RC_USER/subversion/svnbench $BUILD_BIN_DIR/vcs_bin/svnbench && \ |
|
314 | ln -s /home/$RC_USER/subversion/svnbench $BUILD_BIN_DIR/vcs_bin/svnbench && \ | |
311 | ln -s /home/$RC_USER/subversion/svndumpfilter $BUILD_BIN_DIR/vcs_bin/svndumpfilter && \ |
|
315 | ln -s /home/$RC_USER/subversion/svndumpfilter $BUILD_BIN_DIR/vcs_bin/svndumpfilter && \ | |
312 | ln -s /home/$RC_USER/subversion/svnfsfs $BUILD_BIN_DIR/vcs_bin/svnfsfs && \ |
|
316 | ln -s /home/$RC_USER/subversion/svnfsfs $BUILD_BIN_DIR/vcs_bin/svnfsfs && \ | |
313 | ln -s /home/$RC_USER/subversion/svnlook $BUILD_BIN_DIR/vcs_bin/svnlook && \ |
|
317 | ln -s /home/$RC_USER/subversion/svnlook $BUILD_BIN_DIR/vcs_bin/svnlook && \ | |
314 | ln -s /home/$RC_USER/subversion/svnmucc $BUILD_BIN_DIR/vcs_bin/svnmucc && \ |
|
318 | ln -s /home/$RC_USER/subversion/svnmucc $BUILD_BIN_DIR/vcs_bin/svnmucc && \ | |
315 | ln -s /home/$RC_USER/subversion/svnversion $BUILD_BIN_DIR/vcs_bin/svnversion && \ |
|
319 | ln -s /home/$RC_USER/subversion/svnversion $BUILD_BIN_DIR/vcs_bin/svnversion && \ | |
316 | ln -s /home/$RC_USER/subversion/svnsync $BUILD_BIN_DIR/vcs_bin/svnsync && \ |
|
320 | ln -s /home/$RC_USER/subversion/svnsync $BUILD_BIN_DIR/vcs_bin/svnsync && \ | |
317 | ln -s /home/$RC_USER/subversion/svnserve $BUILD_BIN_DIR/vcs_bin/svnserve && \ |
|
321 | ln -s /home/$RC_USER/subversion/svnserve $BUILD_BIN_DIR/vcs_bin/svnserve && \ | |
318 | ln -s /home/$RC_USER/subversion/svnrdump $BUILD_BIN_DIR/vcs_bin/svnrdump |
|
322 | ln -s /home/$RC_USER/subversion/svnrdump $BUILD_BIN_DIR/vcs_bin/svnrdump | |
319 |
|
323 | |||
320 | #TODO: compile libgit2 |
|
324 | #TODO: compile libgit2 | |
321 | #https://www.pygit2.org/install.html#advanced |
|
325 | #https://www.pygit2.org/install.html#advanced | |
322 | #ENV \ |
|
326 | #ENV \ | |
323 | # RC_LIBGIT2_VER=1.14.2 \ |
|
327 | # RC_LIBGIT2_VER=1.14.2 \ | |
324 | # curl -L https://github.com/libgit2/libgit2/archive/refs/tags/v$RC_LIBGIT2_VER.tar.gz -o libgit2.tar.gz |
|
328 | # curl -L https://github.com/libgit2/libgit2/archive/refs/tags/v$RC_LIBGIT2_VER.tar.gz -o libgit2.tar.gz | |
325 | # tar xzf libgit2.tar.gz && rm libgit2.tar.gz |
|
329 | # tar xzf libgit2.tar.gz && rm libgit2.tar.gz | |
326 | # cd libgit2-$RC_LIBGIT2_VER/ |
|
330 | # cd libgit2-$RC_LIBGIT2_VER/ | |
327 | # cmake . |
|
331 | # cmake . | |
328 | # make |
|
332 | # make | |
329 | # sudo make install \ |
|
333 | # sudo make install \ | |
330 | # |
|
334 | # | |
331 |
|
335 | |||
332 | # Copy artifacts |
|
336 | # Copy artifacts | |
333 | #COPY --chown=$RC_USER:$RC_USER .cache/locale-archive /var/opt/ |
|
337 | #COPY --chown=$RC_USER:$RC_USER .cache/locale-archive /var/opt/ | |
334 | COPY --chown=$RC_USER:$RC_USER config/_shared/rhodecode_enterprise.license /home/$RC_USER/.rccontrol/bootstrap/ |
|
338 | COPY --chown=$RC_USER:$RC_USER config/_shared/rhodecode_enterprise.license /home/$RC_USER/.rccontrol/bootstrap/ | |
335 | COPY --chown=$RC_USER:$RC_USER service/rhodecode/bootstrap/* /home/$RC_USER/.rccontrol/bootstrap/ |
|
339 | COPY --chown=$RC_USER:$RC_USER service/rhodecode/bootstrap/* /home/$RC_USER/.rccontrol/bootstrap/ | |
336 | COPY --chown=$RC_USER:$RC_USER .source/ /home/$RC_USER/ |
|
340 | COPY --chown=$RC_USER:$RC_USER .source/ /home/$RC_USER/ | |
337 |
|
341 | |||
338 | # VCS |
|
342 | # VCS | |
339 | RUN \ |
|
343 | RUN \ | |
340 | echo "** install vcsserver ${RHODECODE_VERSION} **" && \ |
|
344 | echo "** install vcsserver ${RHODECODE_VERSION} **" && \ | |
341 | $PIP_EXECUTABLE install --disable-pip-version-check --trusted-host pypi.python.org --no-cache-dir \ |
|
345 | $PIP_EXECUTABLE install --disable-pip-version-check --trusted-host pypi.python.org --no-cache-dir \ | |
342 | -r /home/$RC_USER/rhodecode-vcsserver/requirements.txt && \ |
|
346 | -r /home/$RC_USER/rhodecode-vcsserver/requirements.txt && \ | |
343 | $PIP_EXECUTABLE install /home/$RC_USER/rhodecode-vcsserver |
|
347 | $PIP_EXECUTABLE install /home/$RC_USER/rhodecode-vcsserver | |
344 |
|
348 | |||
345 | RUN \ |
|
349 | RUN \ | |
346 | #echo "** copy config of vcsserver ${RHODECODE_VERSION} **" && \ |
|
350 | #echo "** copy config of vcsserver ${RHODECODE_VERSION} **" && \ | |
347 | VCSSERVER_PATH=/home/$RC_USER/rhodecode-vcsserver && \ |
|
351 | VCSSERVER_PATH=/home/$RC_USER/rhodecode-vcsserver && \ | |
348 | rm -rf $BUILD_BIN_DIR/vcs_bin && \ |
|
352 | rm -rf $BUILD_BIN_DIR/vcs_bin && \ | |
349 | cp -rv --preserve=links $VENV_PATH/bin $BUILD_BIN_DIR/vcs_bin && \ |
|
353 | cp -rv --preserve=links $VENV_PATH/bin $BUILD_BIN_DIR/vcs_bin && \ | |
350 | cp -v ${VCSSERVER_PATH}/configs/production.ini $BUILD_CONF/vcsserver.ini && \ |
|
354 | cp -v ${VCSSERVER_PATH}/configs/production.ini $BUILD_CONF/vcsserver.ini && \ | |
351 | cp -v ${VCSSERVER_PATH}/configs/gunicorn_config.py $BUILD_CONF/gunicorn_conf_vcs.py && \ |
|
355 | cp -v ${VCSSERVER_PATH}/configs/gunicorn_config.py $BUILD_CONF/gunicorn_conf_vcs.py && \ | |
352 | echo "Done copy config of vcsserver" |
|
356 | echo "Done copy config of vcsserver" | |
353 |
|
357 | |||
354 | # CE |
|
358 | # CE | |
355 | RUN \ |
|
359 | RUN \ | |
356 | echo "** install rhodecode-ce ${RHODECODE_VERSION} **" && \ |
|
360 | echo "** install rhodecode-ce ${RHODECODE_VERSION} **" && \ | |
357 | $PIP_EXECUTABLE install --disable-pip-version-check --trusted-host pypi.python.org --no-cache-dir \ |
|
361 | $PIP_EXECUTABLE install --disable-pip-version-check --trusted-host pypi.python.org --no-cache-dir \ | |
358 | -r /home/$RC_USER/rhodecode-enterprise-ce/requirements_rc_tools.txt \ |
|
362 | -r /home/$RC_USER/rhodecode-enterprise-ce/requirements_rc_tools.txt \ | |
359 | -r /home/$RC_USER/rhodecode-enterprise-ce/requirements.txt && \ |
|
363 | -r /home/$RC_USER/rhodecode-enterprise-ce/requirements.txt && \ | |
360 | $PIP_EXECUTABLE install /home/$RC_USER/rhodecode-enterprise-ce |
|
364 | $PIP_EXECUTABLE install /home/$RC_USER/rhodecode-enterprise-ce | |
361 |
|
365 | |||
362 | RUN \ |
|
366 | RUN \ | |
363 | echo "** copy config of rhodecode-ce ${RHODECODE_VERSION} **" && \ |
|
367 | echo "** copy config of rhodecode-ce ${RHODECODE_VERSION} **" && \ | |
364 | RHODECODE_PATH=/home/$RC_USER/rhodecode-enterprise-ce && \ |
|
368 | RHODECODE_PATH=/home/$RC_USER/rhodecode-enterprise-ce && \ | |
365 | rm -rf $BUILD_BIN_DIR/bin && \ |
|
369 | rm -rf $BUILD_BIN_DIR/bin && \ | |
366 | cp -rv --preserve=links $VENV_PATH/bin $BUILD_BIN_DIR/bin && \ |
|
370 | cp -rv --preserve=links $VENV_PATH/bin $BUILD_BIN_DIR/bin && \ | |
367 | cp -v ${RHODECODE_PATH}/configs/production.ini $BUILD_CONF/rhodecode.ini && \ |
|
371 | cp -v ${RHODECODE_PATH}/configs/production.ini $BUILD_CONF/rhodecode.ini && \ | |
368 | cp -v ${RHODECODE_PATH}/configs/gunicorn_config.py $BUILD_CONF/gunicorn_conf_rc.py && \ |
|
372 | cp -v ${RHODECODE_PATH}/configs/gunicorn_config.py $BUILD_CONF/gunicorn_conf_rc.py && \ | |
369 | mkdir -p $RHODECODE_STATIC_DIR/static/ && cp -Rf /${RHODECODE_PATH}/rhodecode/public/* $RHODECODE_STATIC_DIR/static/ && chmod 755 -R $RHODECODE_STATIC_DIR/static/ && \ |
|
373 | mkdir -p $RHODECODE_STATIC_DIR/static/ && cp -Rf /${RHODECODE_PATH}/rhodecode/public/* $RHODECODE_STATIC_DIR/static/ && chmod 755 -R $RHODECODE_STATIC_DIR/static/ && \ | |
370 | echo "Done copy config of rhodecode-ce" |
|
374 | echo "Done copy config of rhodecode-ce" | |
371 |
|
375 | |||
372 | # EE |
|
376 | # EE | |
373 | RUN \ |
|
377 | RUN \ | |
374 | echo "** install rhodecode-ee ${RHODECODE_VERSION} **" && \ |
|
378 | echo "** install rhodecode-ee ${RHODECODE_VERSION} **" && \ | |
375 | $PIP_EXECUTABLE install --disable-pip-version-check --trusted-host pypi.python.org --no-cache-dir \ |
|
379 | $PIP_EXECUTABLE install --disable-pip-version-check --trusted-host pypi.python.org --no-cache-dir \ | |
376 | -r /home/$RC_USER/rhodecode-enterprise-ee/requirements.txt && \ |
|
380 | -r /home/$RC_USER/rhodecode-enterprise-ee/requirements.txt && \ | |
377 | $PIP_EXECUTABLE install /home/$RC_USER/rhodecode-enterprise-ee |
|
381 | $PIP_EXECUTABLE install /home/$RC_USER/rhodecode-enterprise-ee | |
378 |
|
382 | |||
379 | RUN \ |
|
383 | RUN \ | |
380 | echo "** copy config of rhodecode-ee ${RHODECODE_VERSION} **" && \ |
|
384 | echo "** copy config of rhodecode-ee ${RHODECODE_VERSION} **" && \ | |
381 | RHODECODE_PATH=/home/$RC_USER/rhodecode-enterprise-ee && \ |
|
385 | RHODECODE_PATH=/home/$RC_USER/rhodecode-enterprise-ee && \ | |
382 | rm -rf $BUILD_BIN_DIR/bin && \ |
|
386 | rm -rf $BUILD_BIN_DIR/bin && \ | |
383 | cp -rv --preserve=links $VENV_PATH/bin $BUILD_BIN_DIR/bin && \ |
|
387 | cp -rv --preserve=links $VENV_PATH/bin $BUILD_BIN_DIR/bin && \ | |
384 | cp -v ${RHODECODE_PATH}/configs/production.ini $BUILD_CONF/rhodecode.ini && \ |
|
388 | cp -v ${RHODECODE_PATH}/configs/production.ini $BUILD_CONF/rhodecode.ini && \ | |
385 | cp -v ${RHODECODE_PATH}/configs/gunicorn_config.py $BUILD_CONF/gunicorn_conf_rc.py && \ |
|
389 | cp -v ${RHODECODE_PATH}/configs/gunicorn_config.py $BUILD_CONF/gunicorn_conf_rc.py && \ | |
386 | mkdir -p $RHODECODE_STATIC_DIR/static/ && cp -Rf /${RHODECODE_PATH}/rc_ee/public/* $RHODECODE_STATIC_DIR/static/ && chmod 755 -R $RHODECODE_STATIC_DIR/static/ && \ |
|
390 | mkdir -p $RHODECODE_STATIC_DIR/static/ && cp -Rf /${RHODECODE_PATH}/rc_ee/public/* $RHODECODE_STATIC_DIR/static/ && chmod 755 -R $RHODECODE_STATIC_DIR/static/ && \ | |
387 | find $RHODECODE_STATIC_DIR/static/ -type f -name "*.less" -delete && \ |
|
391 | find $RHODECODE_STATIC_DIR/static/ -type f -name "*.less" -delete && \ | |
388 | find $RHODECODE_STATIC_DIR/static/js/src -type f -name "*.js" -delete && \ |
|
392 | find $RHODECODE_STATIC_DIR/static/js/src -type f -name "*.js" -delete && \ | |
389 | rm $RHODECODE_STATIC_DIR/static/js/scripts.js && \ |
|
393 | rm $RHODECODE_STATIC_DIR/static/js/scripts.js && \ | |
390 | echo "Done copy config of rhodecode-ee" |
|
394 | echo "Done copy config of rhodecode-ee" | |
391 |
|
395 | |||
392 |
|
396 | |||
393 | RUN \ |
|
397 | RUN \ | |
394 | echo "** cleanup of EE code **" && \ |
|
398 | echo "** cleanup of EE code **" && \ | |
395 | for out in "rc_ee" "rc_auth_plugins" "rc_chat" "rc_elasticsearch" "rc_integrations" "rc_license" "rc_reviewers"; do \ |
|
399 | for out in "rc_ee" "rc_auth_plugins" "rc_chat" "rc_elasticsearch" "rc_integrations" "rc_license" "rc_reviewers"; do \ | |
396 | echo ; \ |
|
400 | echo ; \ | |
397 | echo "cleanup of '$VENV_PATH/lib/$PYTHON_VERSION/site-packages/$out'"; \ |
|
401 | echo "cleanup of '$VENV_PATH/lib/$PYTHON_VERSION/site-packages/$out'"; \ | |
398 | rm -rf $VENV_PATH/lib/$PYTHON_VERSION/site-packages/$out/tests; \ |
|
402 | rm -rf $VENV_PATH/lib/$PYTHON_VERSION/site-packages/$out/tests; \ | |
399 | rm -rf `find $VENV_PATH/lib/$PYTHON_VERSION/site-packages/$out -path "*__pycache__"`; \ |
|
403 | rm -rf `find $VENV_PATH/lib/$PYTHON_VERSION/site-packages/$out -path "*__pycache__"`; \ | |
400 | rm -f `find $VENV_PATH/lib/$PYTHON_VERSION/site-packages/$out -type f \( -name "*.py" -o -name "*.c" \) -not -name "__init__.py" -not -path "*celerylib/tasks.py"`; \ |
|
404 | rm -f `find $VENV_PATH/lib/$PYTHON_VERSION/site-packages/$out -type f \( -name "*.py" -o -name "*.c" \) -not -name "__init__.py" -not -path "*celerylib/tasks.py"`; \ | |
401 | rm -f `echo "\`find $VENV_PATH/lib/$PYTHON_VERSION/site-packages/$out -type f -name \"*.so\"\` " | sed -e "s/\.so[ \t]*/\.pyc /g"`; \ |
|
405 | rm -f `echo "\`find $VENV_PATH/lib/$PYTHON_VERSION/site-packages/$out -type f -name \"*.so\"\` " | sed -e "s/\.so[ \t]*/\.pyc /g"`; \ | |
402 | done |
|
406 | done | |
403 |
|
407 | |||
404 |
|
408 | |||
405 | USER root |
|
409 | USER root | |
406 |
|
410 | |||
407 | RUN \ |
|
411 | RUN \ | |
408 | echo "**** cleanup ****" && \ |
|
412 | echo "**** cleanup ****" && \ | |
409 | apt-get remove -y $CLEANUP_DEPS && \ |
|
413 | apt-get remove -y $CLEANUP_DEPS && \ | |
410 | apt-get autoclean -y && \ |
|
414 | apt-get autoclean -y && \ | |
411 | rm -rf /tmp/* && \ |
|
415 | rm -rf /tmp/* && \ | |
412 | rm -rf /home/$RC_USER/.cache/pip && \ |
|
416 | rm -rf /home/$RC_USER/.cache/pip && \ | |
413 | rm -f /home/$RC_USER/.rccontrol/cache/RhodeCode-* && \ |
|
417 | rm -f /home/$RC_USER/.rccontrol/cache/RhodeCode-* && \ | |
414 | rm -rf /var/lib/apt/lists/* && \ |
|
418 | rm -rf /var/lib/apt/lists/* && \ | |
415 | rm -rf /var/cache/apk/* && \ |
|
419 | rm -rf /var/cache/apk/* && \ | |
416 | rm -f ${SUPERVISOR_CONF} && \ |
|
420 | rm -f ${SUPERVISOR_CONF} && \ | |
417 | echo "Done cleanup" |
|
421 | echo "Done cleanup" | |
418 |
|
422 | |||
419 | RUN \ |
|
423 | RUN \ | |
420 | echo "**** cleanup source ****" && \ |
|
424 | echo "**** cleanup source ****" && \ | |
421 | rm -rf /home/$RC_USER/*.sh && \ |
|
425 | rm -rf /home/$RC_USER/*.sh && \ | |
422 | rm -rf /home/$RC_USER/rhodecode-vcsserver && \ |
|
426 | rm -rf /home/$RC_USER/rhodecode-vcsserver && \ | |
423 | rm -rf /home/$RC_USER/rhodecode-enterprise-ce && \ |
|
427 | rm -rf /home/$RC_USER/rhodecode-enterprise-ce && \ | |
424 | rm -rf /home/$RC_USER/rhodecode-enterprise-ee && \ |
|
428 | rm -rf /home/$RC_USER/rhodecode-enterprise-ee && \ | |
425 | echo "Done cleanup source" |
|
429 | echo "Done cleanup source" | |
426 |
|
430 | |||
427 | # copy entrypoints |
|
431 | # copy entrypoints | |
428 | COPY entrypoints.d/entrypoint.sh /opt/entrypoints.d/entrypoint.sh |
|
432 | COPY entrypoints.d/entrypoint.sh /opt/entrypoints.d/entrypoint.sh | |
429 |
|
433 | |||
430 | RUN chmod +x /opt/entrypoints.d/entrypoint.sh |
|
434 | RUN chmod +x /opt/entrypoints.d/entrypoint.sh | |
431 |
|
435 | |||
432 | # config volume |
|
436 | # config volume | |
433 | VOLUME /etc/rhodecode/conf |
|
437 | VOLUME /etc/rhodecode/conf | |
434 |
|
438 | |||
435 | # repo store volume |
|
439 | # repo store volume | |
436 | VOLUME /var/opt/rhodecode_repo_store |
|
440 | VOLUME /var/opt/rhodecode_repo_store | |
437 |
|
441 | |||
438 | # data volume |
|
442 | # data volume | |
439 | VOLUME /var/opt/rhodecode_data |
|
443 | VOLUME /var/opt/rhodecode_data | |
440 |
|
444 | |||
441 | ENTRYPOINT ["/opt/entrypoints.d/entrypoint.sh"] |
|
445 | ENTRYPOINT ["/opt/entrypoints.d/entrypoint.sh"] | |
442 |
|
446 | |||
443 | # compose can override this |
|
447 | # compose can override this | |
444 | CMD [ "$BUILD_BIN_DIR/bin/gunicorn", "--error-logfile=-", "--paster=/etc/rhodecode/conf_build/rhodecode.ini", "--config=/etc/rhodecode/conf_build/gunicorn_conf_rc.py" ] |
|
448 | CMD [ "$BUILD_BIN_DIR/bin/gunicorn", "--error-logfile=-", "--paster=/etc/rhodecode/conf_build/rhodecode.ini", "--config=/etc/rhodecode/conf_build/gunicorn_conf_rc.py" ] |
@@ -1,338 +1,339 b'' | |||||
1 | # source-install |
|
1 | # source-install | |
2 |
|
2 | |||
3 | FROM ubuntu:22.04 |
|
3 | FROM ubuntu:22.04 | |
4 | # Using 22.04 LTS Release |
|
4 | # Using 22.04 LTS Release | |
5 |
|
5 | |||
6 | ARG TZ="UTC" |
|
6 | ARG TZ="UTC" | |
7 | ARG LOCALE_TYPE=en_US.UTF-8 |
|
7 | ARG LOCALE_TYPE=en_US.UTF-8 | |
8 | ARG RHODECODE_TYPE=Enterprise |
|
8 | ARG RHODECODE_TYPE=Enterprise | |
9 |
|
9 | |||
10 | ARG RHODECODE_VERSION=4.28.0 |
|
10 | ARG RHODECODE_VERSION=4.28.0 | |
11 |
|
11 | |||
12 | ARG RHODECODE_DB=sqlite |
|
12 | ARG RHODECODE_DB=sqlite | |
13 | ARG RHODECODE_USER_NAME=admin |
|
13 | ARG RHODECODE_USER_NAME=admin | |
14 | ARG RHODECODE_USER_PASS=secret4 |
|
14 | ARG RHODECODE_USER_PASS=secret4 | |
15 | ARG RHODECODE_USER_EMAIL=admin@server.local |
|
15 | ARG RHODECODE_USER_EMAIL=admin@server.local | |
16 |
|
16 | |||
17 | # nix ver/channels |
|
17 | # nix ver/channels | |
18 | ARG DEV_NIX_VERSION=2.0.4 |
|
18 | ARG DEV_NIX_VERSION=2.0.4 | |
19 | ARG DEV_NIX_CHANNEL=nixos-18.03 |
|
19 | ARG DEV_NIX_CHANNEL=nixos-18.03 | |
20 |
|
20 | |||
21 | # env are runtime |
|
21 | # env are runtime | |
22 | ENV \ |
|
22 | ENV \ | |
23 | TZ=${TZ} \ |
|
23 | TZ=${TZ} \ | |
24 | LOCALE_TYPE=${LOCALE_TYPE} \ |
|
24 | LOCALE_TYPE=${LOCALE_TYPE} \ | |
25 | \ |
|
25 | \ | |
26 | ## Define type we build, and the instance we'll create |
|
26 | ## Define type we build, and the instance we'll create | |
27 | RHODECODE_TYPE=${RHODECODE_TYPE} \ |
|
27 | RHODECODE_TYPE=${RHODECODE_TYPE} \ | |
28 | RC_TYPE_ID=enterprise-1 \ |
|
28 | RC_TYPE_ID=enterprise-1 \ | |
29 | \ |
|
29 | \ | |
30 | ## SETUP ARGS FOR INSTALLATION ## |
|
30 | ## SETUP ARGS FOR INSTALLATION ## | |
31 | ## set version we build on, get from .env or set default ver |
|
31 | ## set version we build on, get from .env or set default ver | |
32 | RHODECODE_VERSION=${RHODECODE_VERSION} \ |
|
32 | RHODECODE_VERSION=${RHODECODE_VERSION} \ | |
33 | \ |
|
33 | \ | |
34 | ## set DB, default sqlite |
|
34 | ## set DB, default sqlite | |
35 | RHODECODE_DB=${RHODECODE_DB} \ |
|
35 | RHODECODE_DB=${RHODECODE_DB} \ | |
36 | \ |
|
36 | \ | |
37 | ## set app bootstrap required data |
|
37 | ## set app bootstrap required data | |
38 | RHODECODE_USER_NAME=${RHODECODE_USER_NAME} \ |
|
38 | RHODECODE_USER_NAME=${RHODECODE_USER_NAME} \ | |
39 | RHODECODE_USER_PASS=${RHODECODE_USER_PASS} \ |
|
39 | RHODECODE_USER_PASS=${RHODECODE_USER_PASS} \ | |
40 | RHODECODE_USER_EMAIL=${RHODECODE_USER_EMAIL} \ |
|
40 | RHODECODE_USER_EMAIL=${RHODECODE_USER_EMAIL} \ | |
41 | \ |
|
41 | \ | |
42 | RC_USER=rhodecode \ |
|
42 | RC_USER=rhodecode \ | |
43 | \ |
|
43 | \ | |
44 | # SVN CONFIG |
|
44 | # SVN CONFIG | |
45 | MOD_DAV_SVN_CONF_FILE=/etc/rhodecode/conf/svn/mod_dav_svn.conf \ |
|
45 | MOD_DAV_SVN_CONF_FILE=/etc/rhodecode/conf/svn/mod_dav_svn.conf \ | |
46 | MOD_DAV_SVN_PORT=8090 \ |
|
46 | MOD_DAV_SVN_PORT=8090 \ | |
|
47 | MOD_DAV_SVN_LOG_LEVEL=info \ | |||
47 | MOD_DAV_CORE_MODULES_DIR=/usr/lib/apache2/modules \ |
|
48 | MOD_DAV_CORE_MODULES_DIR=/usr/lib/apache2/modules \ | |
48 | MOD_DAV_SVN_MODULE=/usr/lib/apache2/modules/mod_dav_svn.so \ |
|
49 | MOD_DAV_SVN_MODULE=/usr/lib/apache2/modules/mod_dav_svn.so \ | |
49 | \ |
|
50 | \ | |
50 | # SSHD CONFIG |
|
51 | # SSHD CONFIG | |
51 | SSHD_CONF_FILE=/etc/rhodecode/sshd_config \ |
|
52 | SSHD_CONF_FILE=/etc/rhodecode/sshd_config \ | |
52 | \ |
|
53 | \ | |
53 | SHARED_CONF_DIR=/etc/rhodecode/conf \ |
|
54 | SHARED_CONF_DIR=/etc/rhodecode/conf \ | |
54 | BUILD_CONF=/etc/rhodecode/conf_build \ |
|
55 | BUILD_CONF=/etc/rhodecode/conf_build \ | |
55 | BUILD_BIN_DIR=/usr/local/bin/rhodecode_bin \ |
|
56 | BUILD_BIN_DIR=/usr/local/bin/rhodecode_bin \ | |
56 | RHODECODE_DATA_DIR=/var/opt/rhodecode_data \ |
|
57 | RHODECODE_DATA_DIR=/var/opt/rhodecode_data \ | |
57 | RHODECODE_REPO_DIR=/var/opt/rhodecode_repo_store \ |
|
58 | RHODECODE_REPO_DIR=/var/opt/rhodecode_repo_store \ | |
58 | RHODECODE_HTTP_PORT=10020 \ |
|
59 | RHODECODE_HTTP_PORT=10020 \ | |
59 | RHODECODE_VCS_PORT=10010 \ |
|
60 | RHODECODE_VCS_PORT=10010 \ | |
60 | RHODECODE_HOST=0.0.0.0 \ |
|
61 | RHODECODE_HOST=0.0.0.0 \ | |
61 | RHODECODE_VCS_HOST=127.0.0.1 |
|
62 | RHODECODE_VCS_HOST=127.0.0.1 | |
62 |
|
63 | |||
63 | ENV \ |
|
64 | ENV \ | |
64 | # make application scripts visible |
|
65 | # make application scripts visible | |
65 | PATH=$PATH:/home/$RC_USER/.rccontrol-profile/bin \ |
|
66 | PATH=$PATH:/home/$RC_USER/.rccontrol-profile/bin \ | |
66 | RCCONTROL=/home/$RC_USER/.rccontrol-profile/bin/rccontrol \ |
|
67 | RCCONTROL=/home/$RC_USER/.rccontrol-profile/bin/rccontrol \ | |
67 | SUPERVISOR_CONF=/home/$RC_USER/.rccontrol/supervisor/supervisord.ini |
|
68 | SUPERVISOR_CONF=/home/$RC_USER/.rccontrol/supervisor/supervisord.ini | |
68 |
|
69 | |||
69 |
|
70 | |||
70 | ENV SVN_LOCALE_DEPS apache2 apache2-utils libapache2-mod-svn |
|
71 | ENV SVN_LOCALE_DEPS apache2 apache2-utils libapache2-mod-svn | |
71 | ENV SSH_LOCALE_DEPS openssh-server |
|
72 | ENV SSH_LOCALE_DEPS openssh-server | |
72 | ENV PYTHON_DEPS python2 |
|
73 | ENV PYTHON_DEPS python2 | |
73 | ENV EXTRA_DEPS "" |
|
74 | ENV EXTRA_DEPS "" | |
74 |
|
75 | |||
75 | ENV \ |
|
76 | ENV \ | |
76 | NIX_BLD_USER=nixbld \ |
|
77 | NIX_BLD_USER=nixbld \ | |
77 | NIX_PATH=/nix/var/nix/profiles/per-user/$RC_USER/channels \ |
|
78 | NIX_PATH=/nix/var/nix/profiles/per-user/$RC_USER/channels \ | |
78 | NIX_SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt \ |
|
79 | NIX_SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt \ | |
79 | PATH=$PATH:/nix/var/nix/profiles/per-user/$RC_USER/profile/bin:/home/$RC_USER/rhodecode-enterprise-ee/profile/bin |
|
80 | PATH=$PATH:/nix/var/nix/profiles/per-user/$RC_USER/profile/bin:/home/$RC_USER/rhodecode-enterprise-ee/profile/bin | |
80 |
|
81 | |||
81 | RUN \ |
|
82 | RUN \ | |
82 | echo "** install base packages **" && \ |
|
83 | echo "** install base packages **" && \ | |
83 | set -eux; \ |
|
84 | set -eux; \ | |
84 | \ |
|
85 | \ | |
85 | savedAptMark="$(apt-mark showmanual)"; \ |
|
86 | savedAptMark="$(apt-mark showmanual)"; \ | |
86 | apt-get update; \ |
|
87 | apt-get update; \ | |
87 | DEBIAN_FRONTEND="noninteractive" \ |
|
88 | DEBIAN_FRONTEND="noninteractive" \ | |
88 | apt-get install -y --no-install-recommends \ |
|
89 | apt-get install -y --no-install-recommends \ | |
89 | tini \ |
|
90 | tini \ | |
90 | bash \ |
|
91 | bash \ | |
91 | binutils \ |
|
92 | binutils \ | |
92 | tzdata \ |
|
93 | tzdata \ | |
93 | locales \ |
|
94 | locales \ | |
94 | openssl \ |
|
95 | openssl \ | |
95 | curl \ |
|
96 | curl \ | |
96 | sudo \ |
|
97 | sudo \ | |
97 | gosu \ |
|
98 | gosu \ | |
98 | bzip2 unzip \ |
|
99 | bzip2 unzip \ | |
99 | ca-certificates \ |
|
100 | ca-certificates \ | |
100 | $PYTHON_DEPS \ |
|
101 | $PYTHON_DEPS \ | |
101 | $SSH_LOCALE_DEPS \ |
|
102 | $SSH_LOCALE_DEPS \ | |
102 | $SVN_LOCALE_DEPS \ |
|
103 | $SVN_LOCALE_DEPS \ | |
103 | $EXTRA_DEPS \ |
|
104 | $EXTRA_DEPS \ | |
104 | ; \ |
|
105 | ; \ | |
105 | rm -rf /var/lib/apt/lists/*; |
|
106 | rm -rf /var/lib/apt/lists/*; | |
106 |
|
107 | |||
107 | RUN \ |
|
108 | RUN \ | |
108 | echo "** Configure the python executable for py2/3 compat **" && \ |
|
109 | echo "** Configure the python executable for py2/3 compat **" && \ | |
109 | IS_PY=$(which python3 || which python2) && \ |
|
110 | IS_PY=$(which python3 || which python2) && \ | |
110 | if [ -n $IS_PY ] ; then ln -s $IS_PY /usr/bin/python ; fi |
|
111 | if [ -n $IS_PY ] ; then ln -s $IS_PY /usr/bin/python ; fi | |
111 |
|
112 | |||
112 | RUN \ |
|
113 | RUN \ | |
113 | echo "** Configure the locales **" && \ |
|
114 | echo "** Configure the locales **" && \ | |
114 | sed -i "s/^# ${LOCALE_TYPE}/${LOCALE_TYPE}/g" /etc/locale.gen && \ |
|
115 | sed -i "s/^# ${LOCALE_TYPE}/${LOCALE_TYPE}/g" /etc/locale.gen && \ | |
115 | locale-gen |
|
116 | locale-gen | |
116 |
|
117 | |||
117 | RUN \ |
|
118 | RUN \ | |
118 | echo "Fix python link" && \ |
|
119 | echo "Fix python link" && \ | |
119 | ln -fs /usr/lib/python2.7/plat-x86_64-linux-gnu/_sysconfigdata_nd.py /usr/lib/python2.7/ |
|
120 | ln -fs /usr/lib/python2.7/plat-x86_64-linux-gnu/_sysconfigdata_nd.py /usr/lib/python2.7/ | |
120 |
|
121 | |||
121 |
|
122 | |||
122 | # locale-archive is a fix for old nix glibc2.26 locales available |
|
123 | # locale-archive is a fix for old nix glibc2.26 locales available | |
123 | ENV \ |
|
124 | ENV \ | |
124 | LOCALE_ARCHIVE=/var/opt/locale-archive \ |
|
125 | LOCALE_ARCHIVE=/var/opt/locale-archive \ | |
125 | LANG=${LOCALE_TYPE} \ |
|
126 | LANG=${LOCALE_TYPE} \ | |
126 | LANGUAGE=${LOCALE_TYPE} \ |
|
127 | LANGUAGE=${LOCALE_TYPE} \ | |
127 | LC_ALL=${LOCALE_TYPE} |
|
128 | LC_ALL=${LOCALE_TYPE} | |
128 |
|
129 | |||
129 | # configure the system user |
|
130 | # configure the system user | |
130 | # explicitly set uid/gid to guarantee that it won't change in the future |
|
131 | # explicitly set uid/gid to guarantee that it won't change in the future | |
131 | # the values 999:999 are identical to the current user/group id assigned |
|
132 | # the values 999:999 are identical to the current user/group id assigned | |
132 | RUN \ |
|
133 | RUN \ | |
133 | echo "** Create system user $RC_USER **" && \ |
|
134 | echo "** Create system user $RC_USER **" && \ | |
134 | groupadd --system --gid 999 $RC_USER && \ |
|
135 | groupadd --system --gid 999 $RC_USER && \ | |
135 | useradd --system --gid $RC_USER --uid 999 --shell /bin/bash $RC_USER && \ |
|
136 | useradd --system --gid $RC_USER --uid 999 --shell /bin/bash $RC_USER && \ | |
136 | usermod -G $RC_USER $RC_USER |
|
137 | usermod -G $RC_USER $RC_USER | |
137 |
|
138 | |||
138 | RUN \ |
|
139 | RUN \ | |
139 | echo "** Create nix-build user $NIX_BLD_USER **" && \ |
|
140 | echo "** Create nix-build user $NIX_BLD_USER **" && \ | |
140 | groupadd --system --gid 1099 $NIX_BLD_USER && \ |
|
141 | groupadd --system --gid 1099 $NIX_BLD_USER && \ | |
141 | useradd --system --gid $NIX_BLD_USER --uid 1099 --shell /bin/bash $NIX_BLD_USER && \ |
|
142 | useradd --system --gid $NIX_BLD_USER --uid 1099 --shell /bin/bash $NIX_BLD_USER && \ | |
142 | usermod -G $NIX_BLD_USER $NIX_BLD_USER |
|
143 | usermod -G $NIX_BLD_USER $NIX_BLD_USER | |
143 |
|
144 | |||
144 | RUN \ |
|
145 | RUN \ | |
145 | echo "** disable nix sandboxing **" && \ |
|
146 | echo "** disable nix sandboxing **" && \ | |
146 | mkdir /etc/nix && echo 'sandbox = false' > /etc/nix/nix.conf |
|
147 | mkdir /etc/nix && echo 'sandbox = false' > /etc/nix/nix.conf | |
147 |
|
148 | |||
148 |
|
149 | |||
149 | # set the defult bash shell |
|
150 | # set the defult bash shell | |
150 | SHELL ["/bin/bash", "-c"] |
|
151 | SHELL ["/bin/bash", "-c"] | |
151 |
|
152 | |||
152 | # Fix and set a timezone |
|
153 | # Fix and set a timezone | |
153 | RUN \ |
|
154 | RUN \ | |
154 | echo "** configure the timezone **" && \ |
|
155 | echo "** configure the timezone **" && \ | |
155 | rm /etc/localtime && cp /usr/share/zoneinfo/$TZ /etc/localtime && \ |
|
156 | rm /etc/localtime && cp /usr/share/zoneinfo/$TZ /etc/localtime && \ | |
156 | echo $TZ > /etc/timezone |
|
157 | echo $TZ > /etc/timezone | |
157 |
|
158 | |||
158 |
|
159 | |||
159 | RUN \ |
|
160 | RUN \ | |
160 | echo "** prepare rhodecode store and cache **" && \ |
|
161 | echo "** prepare rhodecode store and cache **" && \ | |
161 | install -d -m 0700 -o $RC_USER -g $RC_USER /nix && \ |
|
162 | install -d -m 0700 -o $RC_USER -g $RC_USER /nix && \ | |
162 | install -d -m 0755 -o $RC_USER -g $RC_USER /opt/rhodecode && \ |
|
163 | install -d -m 0755 -o $RC_USER -g $RC_USER /opt/rhodecode && \ | |
163 | install -d -m 0755 -o $RC_USER -g $RC_USER /usr/local/bin/rhodecode_bin && \ |
|
164 | install -d -m 0755 -o $RC_USER -g $RC_USER /usr/local/bin/rhodecode_bin && \ | |
164 | install -d -m 0755 -o $RC_USER -g $RC_USER $RHODECODE_REPO_DIR && \ |
|
165 | install -d -m 0755 -o $RC_USER -g $RC_USER $RHODECODE_REPO_DIR && \ | |
165 | install -d -m 0755 -o $RC_USER -g $RC_USER $RHODECODE_DATA_DIR && \ |
|
166 | install -d -m 0755 -o $RC_USER -g $RC_USER $RHODECODE_DATA_DIR && \ | |
166 | install -d -m 0755 -o $RC_USER -g $RC_USER $BUILD_CONF && \ |
|
167 | install -d -m 0755 -o $RC_USER -g $RC_USER $BUILD_CONF && \ | |
167 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/rhodecode-vcsserver && \ |
|
168 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/rhodecode-vcsserver && \ | |
168 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/rhodecode-enterprise-ce && \ |
|
169 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/rhodecode-enterprise-ce && \ | |
169 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/rhodecode-enterprise-ee && \ |
|
170 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/rhodecode-enterprise-ee && \ | |
170 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/ && \ |
|
171 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/ && \ | |
171 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol && \ |
|
172 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol && \ | |
172 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/cache && \ |
|
173 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/cache && \ | |
173 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/bootstrap && \ |
|
174 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/bootstrap && \ | |
174 | install -d -m 0700 -o $RC_USER -g $RC_USER /home/$RC_USER/.ssh && \ |
|
175 | install -d -m 0700 -o $RC_USER -g $RC_USER /home/$RC_USER/.ssh && \ | |
175 | install -d -m 0700 -o $RC_USER -g $RC_USER /home/$RC_USER/.rhoderc |
|
176 | install -d -m 0700 -o $RC_USER -g $RC_USER /home/$RC_USER/.rhoderc | |
176 |
|
177 | |||
177 | # expose our custom sshd config |
|
178 | # expose our custom sshd config | |
178 | COPY service/sshd/sshd_config $SSHD_CONF_FILE |
|
179 | COPY service/sshd/sshd_config $SSHD_CONF_FILE | |
179 |
|
180 | |||
180 | # Apache SVN setup |
|
181 | # Apache SVN setup | |
181 | RUN \ |
|
182 | RUN \ | |
182 | echo "**** Apache config cleanup ****" && \ |
|
183 | echo "**** Apache config cleanup ****" && \ | |
183 | rm -f /etc/apache2/conf.d/info.conf \ |
|
184 | rm -f /etc/apache2/conf.d/info.conf \ | |
184 | /etc/apache2/conf.d/mpm.conf \ |
|
185 | /etc/apache2/conf.d/mpm.conf \ | |
185 | /etc/apache2/conf.d/userdir.conf && \ |
|
186 | /etc/apache2/conf.d/userdir.conf && \ | |
186 | rm -f /etc/apache2/sites-enabled/* && \ |
|
187 | rm -f /etc/apache2/sites-enabled/* && \ | |
187 | rm -f /etc/apache2/sites-available/* |
|
188 | rm -f /etc/apache2/sites-available/* | |
188 |
|
189 | |||
189 | # custom SVN virtualhost |
|
190 | # custom SVN virtualhost | |
190 | COPY service/svn/virtualhost.conf /etc/apache2/sites-enabled/ |
|
191 | COPY service/svn/virtualhost.conf /etc/apache2/sites-enabled/ | |
191 |
|
192 | |||
192 | RUN \ |
|
193 | RUN \ | |
193 | echo "**** Apache config ****" && \ |
|
194 | echo "**** Apache config ****" && \ | |
194 | echo $(strings /usr/lib/apache2/modules/mod_dav_svn.so | grep 'Powered by') > /var/opt/dav.version && \ |
|
195 | echo $(strings /usr/lib/apache2/modules/mod_dav_svn.so | grep 'Powered by') > /var/opt/dav.version && \ | |
195 | mkdir -p /run/apache2 && \ |
|
196 | mkdir -p /run/apache2 && \ | |
196 | mkdir -p /var/opt/www && \ |
|
197 | mkdir -p /var/opt/www && \ | |
197 | echo "unset HOME" > /etc/apache2/envvars && \ |
|
198 | echo "unset HOME" > /etc/apache2/envvars && \ | |
198 | echo "export APACHE_RUN_USER=${RC_USER}" >> /etc/apache2/envvars && \ |
|
199 | echo "export APACHE_RUN_USER=${RC_USER}" >> /etc/apache2/envvars && \ | |
199 | echo "export APACHE_PID_FILE=/var/run/apache2/apache2.pid" >> /etc/apache2/envvars && \ |
|
200 | echo "export APACHE_PID_FILE=/var/run/apache2/apache2.pid" >> /etc/apache2/envvars && \ | |
200 | echo "export APACHE_RUN_DIR=/var/run/apache2" >> /etc/apache2/envvars && \ |
|
201 | echo "export APACHE_RUN_DIR=/var/run/apache2" >> /etc/apache2/envvars && \ | |
201 | echo "export APACHE_LOCK_DIR=/var/lock/apache2" >> /etc/apache2/envvars && \ |
|
202 | echo "export APACHE_LOCK_DIR=/var/lock/apache2" >> /etc/apache2/envvars && \ | |
202 | echo "export APACHE_RUN_USER=${RC_USER}" >> /etc/apache2/envvars && \ |
|
203 | echo "export APACHE_RUN_USER=${RC_USER}" >> /etc/apache2/envvars && \ | |
203 | echo "export APACHE_RUN_GROUP=${RC_USER}" >> /etc/apache2/envvars && \ |
|
204 | echo "export APACHE_RUN_GROUP=${RC_USER}" >> /etc/apache2/envvars && \ | |
204 | sed -i "s/Listen 80/Listen ${MOD_DAV_SVN_PORT}/g" /etc/apache2/ports.conf |
|
205 | sed -i "s/Listen 80/Listen ${MOD_DAV_SVN_PORT}/g" /etc/apache2/ports.conf | |
205 |
|
206 | |||
206 |
|
207 | |||
207 | # Copy artifacts |
|
208 | # Copy artifacts | |
208 |
|
209 | |||
209 | COPY --chown=$RC_USER:$RC_USER .cache/locale-archive /var/opt/ |
|
210 | COPY --chown=$RC_USER:$RC_USER .cache/locale-archive /var/opt/ | |
210 | COPY --chown=$RC_USER:$RC_USER .cache/RhodeCode* /home/$RC_USER/.rccontrol/cache/ |
|
211 | COPY --chown=$RC_USER:$RC_USER .cache/RhodeCode* /home/$RC_USER/.rccontrol/cache/ | |
211 | COPY --chown=$RC_USER:$RC_USER config/_shared/rhodecode_enterprise.license /home/$RC_USER/.rccontrol/bootstrap/ |
|
212 | COPY --chown=$RC_USER:$RC_USER config/_shared/rhodecode_enterprise.license /home/$RC_USER/.rccontrol/bootstrap/ | |
212 | COPY --chown=$RC_USER:$RC_USER service/rhodecode/bootstrap/* /home/$RC_USER/.rccontrol/bootstrap/ |
|
213 | COPY --chown=$RC_USER:$RC_USER service/rhodecode/bootstrap/* /home/$RC_USER/.rccontrol/bootstrap/ | |
213 | COPY --chown=$RC_USER:$RC_USER .source/ /home/$RC_USER/ |
|
214 | COPY --chown=$RC_USER:$RC_USER .source/ /home/$RC_USER/ | |
214 |
|
215 | |||
215 |
|
216 | |||
216 | RUN \ |
|
217 | RUN \ | |
217 | echo "** prepare rhodecode dirs **" && \ |
|
218 | echo "** prepare rhodecode dirs **" && \ | |
218 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/vcsserver-1 && \ |
|
219 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/vcsserver-1 && \ | |
219 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/community-1 && \ |
|
220 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/community-1 && \ | |
220 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/enterprise-1 && \ |
|
221 | install -d -m 0755 -o $RC_USER -g $RC_USER /home/$RC_USER/.rccontrol/enterprise-1 && \ | |
221 | echo "Done rhodecode dirs" |
|
222 | echo "Done rhodecode dirs" | |
222 |
|
223 | |||
223 | # change to non-root user for RUN commands |
|
224 | # change to non-root user for RUN commands | |
224 | USER $RC_USER |
|
225 | USER $RC_USER | |
225 | WORKDIR /home/$RC_USER |
|
226 | WORKDIR /home/$RC_USER | |
226 |
|
227 | |||
227 | RUN \ |
|
228 | RUN \ | |
228 | echo "** save nix config **" && \ |
|
229 | echo "** save nix config **" && \ | |
229 | touch /home/$RC_USER/.rhoderc && \ |
|
230 | touch /home/$RC_USER/.rhoderc && \ | |
230 | mkdir -p /home/$RC_USER/.nixpkgs && touch /home/$RC_USER/.nixpkgs/config.nix && \ |
|
231 | mkdir -p /home/$RC_USER/.nixpkgs && touch /home/$RC_USER/.nixpkgs/config.nix && \ | |
231 | printf '{\n rc = {\n sources = {\n rhodecode-vcsserver = "/home/'$RC_USER'/rhodecode-vcsserver";\n rhodecode-enterprise-ce = "/home/'$RC_USER'/rhodecode-enterprise-ce";\n rhodecode-enterprise-ee = "/home/'$RC_USER'/rhodecode-enterprise-ee";\n };\n };\n}\n' > /home/$RC_USER/.nixpkgs/config.nix |
|
232 | printf '{\n rc = {\n sources = {\n rhodecode-vcsserver = "/home/'$RC_USER'/rhodecode-vcsserver";\n rhodecode-enterprise-ce = "/home/'$RC_USER'/rhodecode-enterprise-ce";\n rhodecode-enterprise-ee = "/home/'$RC_USER'/rhodecode-enterprise-ee";\n };\n };\n}\n' > /home/$RC_USER/.nixpkgs/config.nix | |
232 |
|
233 | |||
233 | RUN \ |
|
234 | RUN \ | |
234 | echo "** download and install nix ** from $DEV_NIX_VERSION/install" && \ |
|
235 | echo "** download and install nix ** from $DEV_NIX_VERSION/install" && \ | |
235 | curl -L https://releases.nixos.org/nix/nix-$DEV_NIX_VERSION/install | USER=$RC_USER /bin/bash && \ |
|
236 | curl -L https://releases.nixos.org/nix/nix-$DEV_NIX_VERSION/install | USER=$RC_USER /bin/bash && \ | |
236 | echo "Done nix install" |
|
237 | echo "Done nix install" | |
237 |
|
238 | |||
238 | RUN \ |
|
239 | RUN \ | |
239 | echo "** update nix package database and set channel to $DEV_NIX_CHANNEL **" && \ |
|
240 | echo "** update nix package database and set channel to $DEV_NIX_CHANNEL **" && \ | |
240 | . /home/rhodecode/.nix-profile/etc/profile.d/nix.sh && \ |
|
241 | . /home/rhodecode/.nix-profile/etc/profile.d/nix.sh && \ | |
241 | nix-channel --add https://channels.nixos.org/$DEV_NIX_CHANNEL nixpkgs && \ |
|
242 | nix-channel --add https://channels.nixos.org/$DEV_NIX_CHANNEL nixpkgs && \ | |
242 | nix-channel --update && \ |
|
243 | nix-channel --update && \ | |
243 | echo "done nix package updates" |
|
244 | echo "done nix package updates" | |
244 |
|
245 | |||
245 | RUN \ |
|
246 | RUN \ | |
246 | echo "** install rhodecode control **" && \ |
|
247 | echo "** install rhodecode control **" && \ | |
247 | # cd /home/$RC_USER/.rccontrol/cache && \ |
|
248 | # cd /home/$RC_USER/.rccontrol/cache && \ | |
248 | # INSTALLER=$(ls -Art /home/$RC_USER/.rccontrol/cache/RhodeCode-installer-* | tail -n 1) && \ |
|
249 | # INSTALLER=$(ls -Art /home/$RC_USER/.rccontrol/cache/RhodeCode-installer-* | tail -n 1) && \ | |
249 | # chmod +x ${INSTALLER} && \ |
|
250 | # chmod +x ${INSTALLER} && \ | |
250 | # ${INSTALLER} --accept-license && \ |
|
251 | # ${INSTALLER} --accept-license && \ | |
251 | # ${RCCONTROL} self-init && \ |
|
252 | # ${RCCONTROL} self-init && \ | |
252 | # cp -v /home/$RC_USER/.rccontrol-profile/etc/ca-bundle.crt $BUILD_CONF/ && \ |
|
253 | # cp -v /home/$RC_USER/.rccontrol-profile/etc/ca-bundle.crt $BUILD_CONF/ && \ | |
253 | echo "Done installing rhodecode control" |
|
254 | echo "Done installing rhodecode control" | |
254 |
|
255 | |||
255 | RUN \ |
|
256 | RUN \ | |
256 | echo "** install vcsserver ${RHODECODE_VERSION} **" && \ |
|
257 | echo "** install vcsserver ${RHODECODE_VERSION} **" && \ | |
257 | . /home/rhodecode/.nix-profile/etc/profile.d/nix.sh && \ |
|
258 | . /home/rhodecode/.nix-profile/etc/profile.d/nix.sh && \ | |
258 | nix-build --show-trace --cores 0 --max-jobs 4 --no-build-output --out-link /home/$RC_USER/.rccontrol/vcsserver-1/profile rhodecode-vcsserver/default.nix && \ |
|
259 | nix-build --show-trace --cores 0 --max-jobs 4 --no-build-output --out-link /home/$RC_USER/.rccontrol/vcsserver-1/profile rhodecode-vcsserver/default.nix && \ | |
259 | nix-shell --command 'echo COMMAND FROM NIX-SHELL TEST' rhodecode-vcsserver/default.nix && \ |
|
260 | nix-shell --command 'echo COMMAND FROM NIX-SHELL TEST' rhodecode-vcsserver/default.nix && \ | |
260 | echo "Done installing vcsserver" |
|
261 | echo "Done installing vcsserver" | |
261 |
|
262 | |||
262 | RUN \ |
|
263 | RUN \ | |
263 | echo "** copy config of vcsserver ${RHODECODE_VERSION} **" && \ |
|
264 | echo "** copy config of vcsserver ${RHODECODE_VERSION} **" && \ | |
264 | VCSSERVER_PATH=/home/$RC_USER/rhodecode-vcsserver && \ |
|
265 | VCSSERVER_PATH=/home/$RC_USER/rhodecode-vcsserver && \ | |
265 | rm -rf $BUILD_BIN_DIR/vcs_bin && \ |
|
266 | rm -rf $BUILD_BIN_DIR/vcs_bin && \ | |
266 | cp -rv --preserve=links /home/$RC_USER/.rccontrol/vcsserver-1/profile/bin $BUILD_BIN_DIR/vcs_bin && \ |
|
267 | cp -rv --preserve=links /home/$RC_USER/.rccontrol/vcsserver-1/profile/bin $BUILD_BIN_DIR/vcs_bin && \ | |
267 | cp -v ${VCSSERVER_PATH}/configs/production.ini $BUILD_CONF/vcsserver.ini && \ |
|
268 | cp -v ${VCSSERVER_PATH}/configs/production.ini $BUILD_CONF/vcsserver.ini && \ | |
268 | cp -v ${VCSSERVER_PATH}/configs/gunicorn_config.py $BUILD_CONF/gunicorn_conf_vcs.py && \ |
|
269 | cp -v ${VCSSERVER_PATH}/configs/gunicorn_config.py $BUILD_CONF/gunicorn_conf_vcs.py && \ | |
269 | echo "Done copy config of vcsserver" |
|
270 | echo "Done copy config of vcsserver" | |
270 |
|
271 | |||
271 | RUN \ |
|
272 | RUN \ | |
272 | echo "** install build Community ${RHODECODE_VERSION} **" && \ |
|
273 | echo "** install build Community ${RHODECODE_VERSION} **" && \ | |
273 | . /home/rhodecode/.nix-profile/etc/profile.d/nix.sh && \ |
|
274 | . /home/rhodecode/.nix-profile/etc/profile.d/nix.sh && \ | |
274 | echo "done" |
|
275 | echo "done" | |
275 |
|
276 | |||
276 | RUN \ |
|
277 | RUN \ | |
277 | echo "** install rhodecode ${RHODECODE_VERSION} **" && \ |
|
278 | echo "** install rhodecode ${RHODECODE_VERSION} **" && \ | |
278 | . /home/rhodecode/.nix-profile/etc/profile.d/nix.sh && \ |
|
279 | . /home/rhodecode/.nix-profile/etc/profile.d/nix.sh && \ | |
279 | nix-build --show-trace --cores 0 --max-jobs 4 --no-build-output --out-link /home/$RC_USER/.rccontrol/enterprise-1/profile rhodecode-enterprise-ee/default.nix && \ |
|
280 | nix-build --show-trace --cores 0 --max-jobs 4 --no-build-output --out-link /home/$RC_USER/.rccontrol/enterprise-1/profile rhodecode-enterprise-ee/default.nix && \ | |
280 | nix-shell --command 'echo ok' rhodecode-enterprise-ee/default.nix && \ |
|
281 | nix-shell --command 'echo ok' rhodecode-enterprise-ee/default.nix && \ | |
281 | echo "Done installing rhodecode" |
|
282 | echo "Done installing rhodecode" | |
282 |
|
283 | |||
283 |
|
284 | |||
284 | RUN \ |
|
285 | RUN \ | |
285 | echo "** copy config of rhodecode ${RHODECODE_VERSION} **" && \ |
|
286 | echo "** copy config of rhodecode ${RHODECODE_VERSION} **" && \ | |
286 | RHODECODE_PATH=/home/$RC_USER/rhodecode-enterprise-ee && \ |
|
287 | RHODECODE_PATH=/home/$RC_USER/rhodecode-enterprise-ee && \ | |
287 | rm -rf $BUILD_BIN_DIR/bin && \ |
|
288 | rm -rf $BUILD_BIN_DIR/bin && \ | |
288 | cp -rv --preserve=links /home/$RC_USER/.rccontrol/enterprise-1/profile/bin $BUILD_BIN_DIR/ && \ |
|
289 | cp -rv --preserve=links /home/$RC_USER/.rccontrol/enterprise-1/profile/bin $BUILD_BIN_DIR/ && \ | |
289 | cp -v ${RHODECODE_PATH}/configs/production.ini $BUILD_CONF/rhodecode.ini && \ |
|
290 | cp -v ${RHODECODE_PATH}/configs/production.ini $BUILD_CONF/rhodecode.ini && \ | |
290 | cp -v ${RHODECODE_PATH}/configs/gunicorn_config.py $BUILD_CONF/gunicorn_conf_rc.py && \ |
|
291 | cp -v ${RHODECODE_PATH}/configs/gunicorn_config.py $BUILD_CONF/gunicorn_conf_rc.py && \ | |
291 | mkdir -p $RHODECODE_DATA_DIR/static && cp -r /home/$RC_USER/.rccontrol/enterprise-1/profile/etc/static/* $RHODECODE_DATA_DIR/static/ && \ |
|
292 | mkdir -p $RHODECODE_DATA_DIR/static && cp -r /home/$RC_USER/.rccontrol/enterprise-1/profile/etc/static/* $RHODECODE_DATA_DIR/static/ && \ | |
292 | echo "Done copy config of rhodecode" |
|
293 | echo "Done copy config of rhodecode" | |
293 |
|
294 | |||
294 |
|
295 | |||
295 | #RUN \ |
|
296 | #RUN \ | |
296 | #echo "** configure supervisord **" && \ |
|
297 | #echo "** configure supervisord **" && \ | |
297 | # cp -v ${SUPERVISOR_CONF} $BUILD_CONF/ && \ |
|
298 | # cp -v ${SUPERVISOR_CONF} $BUILD_CONF/ && \ | |
298 | # sed -i "s/self_managed_supervisor = False/self_managed_supervisor = True/g" /home/$RC_USER/.rccontrol.ini && \ |
|
299 | # sed -i "s/self_managed_supervisor = False/self_managed_supervisor = True/g" /home/$RC_USER/.rccontrol.ini && \ | |
299 | # echo "Done installing supervisord" |
|
300 | # echo "Done installing supervisord" | |
300 |
|
301 | |||
301 | USER root |
|
302 | USER root | |
302 |
|
303 | |||
303 | RUN \ |
|
304 | RUN \ | |
304 | echo "**** cleanup ****" && \ |
|
305 | echo "**** cleanup ****" && \ | |
305 | apt-get remove -y $PYTHON_DEPS && \ |
|
306 | apt-get remove -y $PYTHON_DEPS && \ | |
306 | apt-get autoclean -y && \ |
|
307 | apt-get autoclean -y && \ | |
307 | rm -f /tmp/* && \ |
|
308 | rm -f /tmp/* && \ | |
308 | rm -f /home/$RC_USER/.rccontrol/cache/RhodeCode-* && \ |
|
309 | rm -f /home/$RC_USER/.rccontrol/cache/RhodeCode-* && \ | |
309 | rm -rf /var/lib/apt/lists/* && \ |
|
310 | rm -rf /var/lib/apt/lists/* && \ | |
310 | rm -rf /var/cache/apk/* && \ |
|
311 | rm -rf /var/cache/apk/* && \ | |
311 | rm -f ${SUPERVISOR_CONF} && \ |
|
312 | rm -f ${SUPERVISOR_CONF} && \ | |
312 | echo "Done cleanup" |
|
313 | echo "Done cleanup" | |
313 |
|
314 | |||
314 | RUN \ |
|
315 | RUN \ | |
315 | echo "**** cleanup source ****" && \ |
|
316 | echo "**** cleanup source ****" && \ | |
316 | rm -rf /home/$RC_USER/rhodecode-vcsserver && \ |
|
317 | rm -rf /home/$RC_USER/rhodecode-vcsserver && \ | |
317 | rm -rf /home/$RC_USER/rhodecode-enterprise-ce && \ |
|
318 | rm -rf /home/$RC_USER/rhodecode-enterprise-ce && \ | |
318 | rm -rf /home/$RC_USER/rhodecode-enterprise-ee && \ |
|
319 | rm -rf /home/$RC_USER/rhodecode-enterprise-ee && \ | |
319 | echo "Done cleanup source" |
|
320 | echo "Done cleanup source" | |
320 |
|
321 | |||
321 | # copy entrypoints |
|
322 | # copy entrypoints | |
322 | COPY entrypoints.d/entrypoint.sh /opt/entrypoints.d/entrypoint.sh |
|
323 | COPY entrypoints.d/entrypoint.sh /opt/entrypoints.d/entrypoint.sh | |
323 |
|
324 | |||
324 | RUN chmod +x /opt/entrypoints.d/entrypoint.sh |
|
325 | RUN chmod +x /opt/entrypoints.d/entrypoint.sh | |
325 |
|
326 | |||
326 | # config volume |
|
327 | # config volume | |
327 | VOLUME /etc/rhodecode/conf |
|
328 | VOLUME /etc/rhodecode/conf | |
328 |
|
329 | |||
329 | # repo store volume |
|
330 | # repo store volume | |
330 | VOLUME /var/opt/rhodecode_repo_store |
|
331 | VOLUME /var/opt/rhodecode_repo_store | |
331 |
|
332 | |||
332 | # data volume |
|
333 | # data volume | |
333 | VOLUME /var/opt/rhodecode_data |
|
334 | VOLUME /var/opt/rhodecode_data | |
334 |
|
335 | |||
335 | ENTRYPOINT ["/opt/entrypoints.d/entrypoint.sh"] |
|
336 | ENTRYPOINT ["/opt/entrypoints.d/entrypoint.sh"] | |
336 |
|
337 | |||
337 | # compose can override this |
|
338 | # compose can override this | |
338 | CMD [ "$BUILD_BIN_DIR/bin/gunicorn", "--error-logfile=-", "--paster=/etc/rhodecode/conf_build/rhodecode.ini", "--config=/etc/rhodecode/conf_build/gunicorn_conf_rc.py" ] |
|
339 | CMD [ "$BUILD_BIN_DIR/bin/gunicorn", "--error-logfile=-", "--paster=/etc/rhodecode/conf_build/rhodecode.ini", "--config=/etc/rhodecode/conf_build/gunicorn_conf_rc.py" ] |
@@ -1,97 +1,98 b'' | |||||
1 | FROM ubuntu:22.04 |
|
1 | FROM ubuntu:22.04 | |
2 | # Using 22.04 LTS Release |
|
2 | # Using 22.04 LTS Release | |
3 | MAINTAINER RhodeCode Inc. <support@rhodecode.com> |
|
3 | MAINTAINER RhodeCode Inc. <support@rhodecode.com> | |
4 |
|
4 | |||
5 |
|
5 | |||
6 | ENV \ |
|
6 | ENV \ | |
7 | RC_USER=rhodecode \ |
|
7 | RC_USER=rhodecode \ | |
8 | # SVN CONFIG |
|
8 | # SVN CONFIG | |
9 | MOD_DAV_SVN_CONF_FILE=/etc/rhodecode/conf/svn/mod_dav_svn.conf \ |
|
9 | MOD_DAV_SVN_CONF_FILE=/etc/rhodecode/conf/svn/mod_dav_svn.conf \ | |
10 | MOD_DAV_SVN_PORT=8090 |
|
10 | MOD_DAV_SVN_PORT=8090 \ | |
|
11 | MOD_DAV_SVN_LOG_LEVEL=info | |||
11 |
|
12 | |||
12 | ENV SVN_LOCALE_DEPS apache2 apache2-utils libapache2-mod-svn subversion |
|
13 | ENV SVN_LOCALE_DEPS apache2 apache2-utils libapache2-mod-svn subversion | |
13 | #apache2-webdav |
|
14 | #apache2-webdav | |
14 |
|
15 | |||
15 | RUN \ |
|
16 | RUN \ | |
16 | echo "** install svn base packages **" && \ |
|
17 | echo "** install svn base packages **" && \ | |
17 | set -eux; \ |
|
18 | set -eux; \ | |
18 | \ |
|
19 | \ | |
19 | savedAptMark="$(apt-mark showmanual)"; \ |
|
20 | savedAptMark="$(apt-mark showmanual)"; \ | |
20 | apt-get update; \ |
|
21 | apt-get update; \ | |
21 | DEBIAN_FRONTEND="noninteractive" \ |
|
22 | DEBIAN_FRONTEND="noninteractive" \ | |
22 | apt-get install -y --no-install-recommends \ |
|
23 | apt-get install -y --no-install-recommends \ | |
23 | tini \ |
|
24 | tini \ | |
24 | bash \ |
|
25 | bash \ | |
25 | binutils \ |
|
26 | binutils \ | |
26 | tzdata \ |
|
27 | tzdata \ | |
27 | locales \ |
|
28 | locales \ | |
28 | openssl \ |
|
29 | openssl \ | |
29 | curl \ |
|
30 | curl \ | |
30 | sudo \ |
|
31 | sudo \ | |
31 | gosu \ |
|
32 | gosu \ | |
32 | bzip2 \ |
|
33 | bzip2 \ | |
33 | ca-certificates \ |
|
34 | ca-certificates \ | |
34 | $SVN_LOCALE_DEPS \ |
|
35 | $SVN_LOCALE_DEPS \ | |
35 | ; \ |
|
36 | ; \ | |
36 | rm -rf /var/lib/apt/lists/*; |
|
37 | rm -rf /var/lib/apt/lists/*; | |
37 |
|
38 | |||
38 |
|
39 | |||
39 | # configure the system user |
|
40 | # configure the system user | |
40 | # explicitly set uid/gid to guarantee that it won't change in the future |
|
41 | # explicitly set uid/gid to guarantee that it won't change in the future | |
41 | # the values 999:999 are identical to the current user/group id assigned |
|
42 | # the values 999:999 are identical to the current user/group id assigned | |
42 | RUN \ |
|
43 | RUN \ | |
43 | echo "** Create system user $RC_USER **" && \ |
|
44 | echo "** Create system user $RC_USER **" && \ | |
44 | groupadd --system --gid 999 $RC_USER && \ |
|
45 | groupadd --system --gid 999 $RC_USER && \ | |
45 | useradd --system --gid $RC_USER --uid 999 --shell /bin/bash $RC_USER && \ |
|
46 | useradd --system --gid $RC_USER --uid 999 --shell /bin/bash $RC_USER && \ | |
46 | usermod -G $RC_USER $RC_USER |
|
47 | usermod -G $RC_USER $RC_USER | |
47 |
|
48 | |||
48 | # Apache SVN setup |
|
49 | # Apache SVN setup | |
49 | RUN \ |
|
50 | RUN \ | |
50 | echo "**** Apache config cleanup ****" && \ |
|
51 | echo "**** Apache config cleanup ****" && \ | |
51 | rm -f /etc/apache2/conf.d/info.conf \ |
|
52 | rm -f /etc/apache2/conf.d/info.conf \ | |
52 | /etc/apache2/conf.d/mpm.conf \ |
|
53 | /etc/apache2/conf.d/mpm.conf \ | |
53 | /etc/apache2/conf.d/userdir.conf && \ |
|
54 | /etc/apache2/conf.d/userdir.conf && \ | |
54 | rm -f /etc/apache2/sites-enabled/* && \ |
|
55 | rm -f /etc/apache2/sites-enabled/* && \ | |
55 | rm -f /etc/apache2/sites-available/* |
|
56 | rm -f /etc/apache2/sites-available/* | |
56 |
|
57 | |||
57 | # custom SVN virtualhost |
|
58 | # custom SVN virtualhost | |
58 | COPY service/svn/virtualhost.conf /etc/apache2/sites-enabled/ |
|
59 | COPY service/svn/virtualhost.conf /etc/apache2/sites-enabled/ | |
59 |
|
60 | |||
60 | RUN \ |
|
61 | RUN \ | |
61 | echo "**** Apache config ****" && \ |
|
62 | echo "**** Apache config ****" && \ | |
62 | echo $(strings /usr/lib/apache2/modules/mod_dav_svn.so | grep 'Powered by') > /var/opt/dav.version && \ |
|
63 | echo $(strings /usr/lib/apache2/modules/mod_dav_svn.so | grep 'Powered by') > /var/opt/dav.version && \ | |
63 | mkdir -p /run/apache2 && \ |
|
64 | mkdir -p /run/apache2 && \ | |
64 | mkdir -p /var/opt/www && \ |
|
65 | mkdir -p /var/opt/www && \ | |
65 | echo "unset HOME" > /etc/apache2/envvars && \ |
|
66 | echo "unset HOME" > /etc/apache2/envvars && \ | |
66 | echo "export APACHE_RUN_USER=${RC_USER}" >> /etc/apache2/envvars && \ |
|
67 | echo "export APACHE_RUN_USER=${RC_USER}" >> /etc/apache2/envvars && \ | |
67 | echo "export APACHE_PID_FILE=/var/run/apache2/apache2.pid" >> /etc/apache2/envvars && \ |
|
68 | echo "export APACHE_PID_FILE=/var/run/apache2/apache2.pid" >> /etc/apache2/envvars && \ | |
68 | echo "export APACHE_RUN_DIR=/var/run/apache2" >> /etc/apache2/envvars && \ |
|
69 | echo "export APACHE_RUN_DIR=/var/run/apache2" >> /etc/apache2/envvars && \ | |
69 | echo "export APACHE_LOCK_DIR=/var/lock/apache2" >> /etc/apache2/envvars && \ |
|
70 | echo "export APACHE_LOCK_DIR=/var/lock/apache2" >> /etc/apache2/envvars && \ | |
70 | echo "export APACHE_RUN_USER=${RC_USER}" >> /etc/apache2/envvars && \ |
|
71 | echo "export APACHE_RUN_USER=${RC_USER}" >> /etc/apache2/envvars && \ | |
71 | echo "export APACHE_RUN_GROUP=${RC_USER}" >> /etc/apache2/envvars && \ |
|
72 | echo "export APACHE_RUN_GROUP=${RC_USER}" >> /etc/apache2/envvars && \ | |
72 | sed -i "s/Listen 80/Listen ${MOD_DAV_SVN_PORT}/g" /etc/apache2/ports.conf |
|
73 | sed -i "s/Listen 80/Listen ${MOD_DAV_SVN_PORT}/g" /etc/apache2/ports.conf | |
73 |
|
74 | |||
74 | USER root |
|
75 | USER root | |
75 |
|
76 | |||
76 | RUN \ |
|
77 | RUN \ | |
77 | echo "**** cleanup ****" && \ |
|
78 | echo "**** cleanup ****" && \ | |
78 | apt-get autoclean -y && \ |
|
79 | apt-get autoclean -y && \ | |
79 | rm -f /tmp/* && \ |
|
80 | rm -f /tmp/* && \ | |
80 | rm -rf /var/lib/apt/lists/* \ |
|
81 | rm -rf /var/lib/apt/lists/* \ | |
81 | rm -rf /var/cache/apk/* |
|
82 | rm -rf /var/cache/apk/* | |
82 |
|
83 | |||
83 |
|
84 | |||
84 | # copy entrypoints |
|
85 | # copy entrypoints | |
85 | COPY entrypoints.d/svn-entrypoint.sh /opt/entrypoints.d/svn-entrypoint.sh |
|
86 | COPY entrypoints.d/svn-entrypoint.sh /opt/entrypoints.d/svn-entrypoint.sh | |
86 | RUN chmod +x /opt/entrypoints.d/svn-entrypoint.sh |
|
87 | RUN chmod +x /opt/entrypoints.d/svn-entrypoint.sh | |
87 |
|
88 | |||
88 | # config volume |
|
89 | # config volume | |
89 | VOLUME /etc/rhodecode/conf |
|
90 | VOLUME /etc/rhodecode/conf | |
90 |
|
91 | |||
91 | # repo store volume |
|
92 | # repo store volume | |
92 | VOLUME /var/opt/rhodecode_repo_store |
|
93 | VOLUME /var/opt/rhodecode_repo_store | |
93 |
|
94 | |||
94 |
|
95 | |||
95 | ENTRYPOINT ["/opt/entrypoints.d/svn-entrypoint.sh"] |
|
96 | ENTRYPOINT ["/opt/entrypoints.d/svn-entrypoint.sh"] | |
96 |
|
97 | |||
97 | CMD ["apachectl", "-D", "FOREGROUND"] No newline at end of file |
|
98 | CMD ["apachectl", "-D", "FOREGROUND"] |
@@ -1,34 +1,30 b'' | |||||
1 | LoadModule headers_module ${MOD_DAV_CORE_MODULES_DIR}/mod_headers.so |
|
1 | LoadModule headers_module ${MOD_DAV_CORE_MODULES_DIR}/mod_headers.so | |
2 | LoadModule authn_anon_module ${MOD_DAV_CORE_MODULES_DIR}/mod_authn_anon.so |
|
2 | LoadModule authn_anon_module ${MOD_DAV_CORE_MODULES_DIR}/mod_authn_anon.so | |
3 | LoadModule dav_module ${MOD_DAV_CORE_MODULES_DIR}/mod_dav.so |
|
3 | LoadModule dav_module ${MOD_DAV_CORE_MODULES_DIR}/mod_dav.so | |
4 | LoadModule dav_svn_module ${MOD_DAV_SVN_MODULE} |
|
4 | LoadModule dav_svn_module ${MOD_DAV_SVN_MODULE} | |
5 |
|
5 | |||
6 | ErrorLogFormat "{ \"time\":\"%{%Y-%m-%d}tT%{%T}t.%{msec_frac}tZ\", \"function\" : \"[%-m:%l]\" , \"process\" : \"[pid %P:tid %T]\" , \"message\" : \"%M\" ,\ \"referer\"\ : \"%{Referer}i\" }" |
|
6 | ErrorLogFormat "{ \"time\":\"%{%Y-%m-%d}tT%{%T}t.%{msec_frac}tZ\", \"function\" : \"[%-m:%l]\" , \"process\" : \"[pid %P:tid %T]\" , \"message\" : \"%M\" ,\ \"referer\"\ : \"%{Referer}i\" }" | |
7 | LogFormat "{ \"time\":\"%{%Y-%m-%d}tT%{%T}t.%{msec_frac}tZ\", \"process\":\"%D\", \"filename\":\"%f\", \"remoteIP\":\"%a\", \"host\":\"%V\", \"request\":\"%U\", \"query\":\"%q\", \"method\":\"%m\", \"status\":\"%>s\", \"userAgent\":\"%{User-agent}i\", \"referer\":\"%{Referer}i\" }" combined |
|
7 | LogFormat "{ \"time\":\"%{%Y-%m-%d}tT%{%T}t.%{msec_frac}tZ\", \"process\":\"%D\", \"filename\":\"%f\", \"remoteIP\":\"%a\", \"host\":\"%V\", \"request\":\"%U\", \"query\":\"%q\", \"method\":\"%m\", \"status\":\"%>s\", \"userAgent\":\"%{User-agent}i\", \"referer\":\"%{Referer}i\" }" combined | |
8 |
|
8 | |||
9 | ErrorLog /dev/stderr |
|
9 | ErrorLog /proc/self/fd/2 | |
10 | TransferLog /dev/stdout |
|
10 | CustomLog /proc/self/fd/1 combined | |
11 | CustomLog /dev/stdout combined |
|
11 | LogLevel ${MOD_DAV_SVN_LOG_LEVEL} | |
12 |
|
12 | |||
13 | <VirtualHost *:${MOD_DAV_SVN_PORT}> |
|
13 | <VirtualHost *:${MOD_DAV_SVN_PORT}> | |
14 | ServerAdmin admin@localhost |
|
14 | ServerAdmin admin@localhost | |
15 | DocumentRoot /var/opt/www |
|
15 | DocumentRoot /var/opt/www | |
16 |
|
16 | |||
17 | ErrorLogFormat "{ \"time\":\"%{%Y-%m-%d}tT%{%T}t.%{msec_frac}tZ\", \"function\" : \"[%-m:%l]\" , \"process\" : \"[pid %P:tid %T]\" , \"message\" : \"%M\" ,\ \"referer\"\ : \"%{Referer}i\" }" |
|
17 | ErrorLogFormat "{ \"time\":\"%{%Y-%m-%d}tT%{%T}t.%{msec_frac}tZ\", \"function\" : \"[%-m:%l]\" , \"process\" : \"[pid %P:tid %T]\" , \"message\" : \"%M\" ,\ \"referer\"\ : \"%{Referer}i\" }" | |
18 | LogFormat "{ \"time\":\"%{%Y-%m-%d}tT%{%T}t.%{msec_frac}tZ\", \"process\":\"%D\", \"filename\":\"%f\", \"remoteIP\":\"%a\", \"host\":\"%V\", \"request\":\"%U\", \"query\":\"%q\", \"method\":\"%m\", \"status\":\"%>s\", \"userAgent\":\"%{User-agent}i\", \"referer\":\"%{Referer}i\" }" combined |
|
18 | LogFormat "{ \"time\":\"%{%Y-%m-%d}tT%{%T}t.%{msec_frac}tZ\", \"process\":\"%D\", \"filename\":\"%f\", \"remoteIP\":\"%a\", \"host\":\"%V\", \"request\":\"%U\", \"query\":\"%q\", \"method\":\"%m\", \"status\":\"%>s\", \"userAgent\":\"%{User-agent}i\", \"referer\":\"%{Referer}i\" }" combined | |
19 |
|
19 | |||
20 | ErrorLog /dev/stderr |
|
|||
21 | CustomLog /dev/stdout combined |
|
|||
22 | LogLevel info |
|
|||
23 |
|
||||
24 | <Location /_server_status> |
|
20 | <Location /_server_status> | |
25 | Require ip 127 |
|
21 | Require ip 127 | |
26 | SetHandler server-status |
|
22 | SetHandler server-status | |
27 | Require all granted |
|
23 | Require all granted | |
28 | </Location> |
|
24 | </Location> | |
29 |
|
25 | |||
30 | # allows custom host names, prevents 400 errors on checkout |
|
26 | # allows custom host names, prevents 400 errors on checkout | |
31 | HttpProtocolOptions Unsafe |
|
27 | HttpProtocolOptions Unsafe | |
32 |
|
28 | |||
33 | Include ${MOD_DAV_SVN_CONF_FILE} |
|
29 | Include ${MOD_DAV_SVN_CONF_FILE} | |
34 | </VirtualHost> No newline at end of file |
|
30 | </VirtualHost> |
General Comments 0
You need to be logged in to leave comments.
Login now