Skip to content
Normal view History Permalink
Dockerfile 2.06 KiB
Newer Older
Stefano Alberto Russo's avatar
Added the Postgres and Proxy services. Minor fixes in the docker-compose.
Stefano Alberto Russo committed
1 2 3 4 5 6 7 8 9 10 11 12 
FROM rosetta/base
MAINTAINER Stefano Alberto Russo <stefano.russo@gmail.com>

# Always start with an apt-get update when extending Reyns images,
# otherwise apt repositories might get outdated (404 not found)
# and building without cache does not re-build Reyns services.
RUN apt-get update

# Install Apache
RUN apt-get install -y apache2
RUN apt-get install apache2-utils
Stefano Alberto Russo's avatar
Moved to obtaining SSL certificates with Let's Encrypt. Minor fixes.  
Stefano Alberto Russo committed
13 14 15 16 
# Install Certbot
RUN apt-get install certbot python3-certbot-apache -y

# Supervisord scripts
Stefano Alberto Russo's avatar
Added the Postgres and Proxy services. Minor fixes in the docker-compose.
Stefano Alberto Russo committed
17 
COPY supervisord_apache.conf /etc/supervisor/conf.d/
Stefano Alberto Russo's avatar
Moved to obtaining SSL certificates with Let's Encrypt. Minor fixes.  
Stefano Alberto Russo committed
18 19 20 21 22 23 
COPY run_apache.sh /etc/supervisor/conf.d/
RUN chmod 755 /etc/supervisor/conf.d/run_apache.sh

COPY supervisord_certbot.conf /etc/supervisor/conf.d/
COPY run_certbot.sh /etc/supervisor/conf.d/
RUN chmod 755 /etc/supervisor/conf.d/run_certbot.sh
Stefano Alberto Russo's avatar
Added the Postgres and Proxy services. Minor fixes in the docker-compose.
Stefano Alberto Russo committed
24 25 26 27 28 29 30 31 

# Enable mod_proxy and SSL
RUN a2enmod proxy
RUN a2enmod proxy_http
RUN sudo a2enmod ssl
RUN a2enmod rewrite
RUN a2enmod headers
RUN a2enmod proxy_wstunnel
Stefano Alberto Russo's avatar
Moved to obtaining SSL certificates with Let's Encrypt. Minor fixes.  
Stefano Alberto Russo committed
32
Stefano Alberto Russo's avatar
Fixed potential security issues in the proxy service and renamed some env vars for clarity.  
Stefano Alberto Russo committed
33 34 35 36 37 
# Clean up default stuff
RUN rm /etc/apache2/sites-available/000-default.conf
RUN rm /etc/apache2/sites-enabled/000-default.conf
RUN rm /etc/apache2/sites-available/default-ssl.conf
#RUN rm /etc/apache2/sites-enabled/default-ssl.conf
Stefano Alberto Russo's avatar
Added the Postgres and Proxy services. Minor fixes in the docker-compose.
Stefano Alberto Russo committed
38
Stefano Alberto Russo's avatar
Moved to obtaining SSL certificates with Let's Encrypt. Minor fixes.  
Stefano Alberto Russo committed
39 40 41 42 43 44 45 46 
# Apache conf
COPY apache2.conf /etc/apache2/apache2.conf 

# Copy self-signed (snakeoil) certificates
RUN mkdir /root/certificates
COPY certificates/selfsigned.crt /root/certificates/selfsigned.crt
COPY certificates/selfsigned.key /root/certificates/selfsigned.key
COPY certificates/selfsigned.ca-bundle /root/certificates/selfsigned.ca-bundle
Stefano Alberto Russo's avatar
Finalized first implementation of the task proxy.  
Stefano Alberto Russo committed
47
Stefano Alberto Russo's avatar
Added the Postgres and Proxy services. Minor fixes in the docker-compose.
Stefano Alberto Russo committed
48 49 50 51 52 53 54 
# Copy index and norobots.txt
COPY index.html /var/www/html/
COPY norobots.txt /var/www/html/

# Prestartup
COPY prestartup_proxy.sh /prestartup/
Stefano Alberto Russo's avatar
Fixed potential security issues in the proxy service and renamed some env vars for clarity.  
Stefano Alberto Russo committed
55 56 57 58 59 60 61 
# Copy and enable conf for proxy and ssl. Warning: there are issues with precedences if splitting
# the conf over multiple files (including task proxy files), as the first conf found in files which
# are read in alphabetical order wins. You can cheeck ordering with "apachectl -t -D DUMP_VHOSTS".
COPY proxy-global.conf /etc/apache2/sites-available/
RUN ln -s /etc/apache2/sites-available/proxy-global.conf /etc/apache2/sites-enabled/proxy-global.conf