From 3970d2891f53fca1d6bf5c88eacbcb65fc1149a7 Mon Sep 17 00:00:00 2001 From: Jamie Curnow Date: Wed, 20 Jun 2018 09:53:18 +1000 Subject: [PATCH] Docker build changes --- Dockerfile | 27 +++++++++++++------ Jenkinsfile | 17 ++++++------ rootfs/etc/nginx/conf.d/default.conf | 4 +-- .../include/letsencrypt-acme-challenge.conf | 2 +- rootfs/etc/services.d/manager/run | 6 ++--- rootfs/etc/services.d/nginx/run | 2 +- rootfs/root/.config/letsencrypt/cli.ini | 2 +- rootfs/var/www/html/index.html | 2 +- 8 files changed, 37 insertions(+), 25 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6816e531..ba507504 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM jc21/nginx-proxy-manager-base +FROM jc21/node MAINTAINER Jamie Curnow LABEL maintainer="Jamie Curnow " @@ -7,6 +7,19 @@ ENV SUPPRESS_NO_CONFIG_WARNING=1 ENV S6_FIX_ATTRS_HIDDEN=1 RUN echo "fs.file-max = 65535" > /etc/sysctl.conf +# Nginx, letsencrypt and other packages +RUN apt-get update \ + && apt-get install --no-install-recommends --no-install-suggests -y curl ca-certificates apt-transport-https \ + && apt-key adv --fetch-keys http://dl.yarnpkg.com/debian/pubkey.gpg \ + && echo "deb https://dl.yarnpkg.com/debian/ stable main" > /etc/apt/sources.list.d/yarn.list \ + && echo "deb http://ftp.debian.org/debian jessie-backports main" > /etc/apt/sources.list.d/backports.list \ + && apt-get update \ + && apt-get install --no-install-recommends --no-install-suggests -y \ + gnupg openssl dirmngr apt-transport-https wget nginx-full \ + inetutils-ping letsencrypt build-essential apache2-utils yarn \ + && apt-get install --no-install-recommends --no-install-suggests -y certbot -t jessie-backports \ + && apt-get clean + # root filesystem COPY rootfs / @@ -17,15 +30,13 @@ RUN curl -L -o /tmp/s6-overlay-amd64.tar.gz "https://github.com/just-containers/ # App ENV NODE_ENV=production -#ADD LICENCE /srv/manager/LICENCE -#ADD README.md /srv/manager/README.md -ADD manager/dist /srv/manager/dist -ADD manager/node_modules /srv/manager/node_modules -ADD manager/src/backend /srv/manager/src/backend -ADD manager/package.json /srv/manager/package.json +ADD dist /srv/app/dist +ADD node_modules /srv/app/node_modules +ADD src/backend /srv/app/src/backend +ADD package.json /srv/app/package.json # Volumes -VOLUME [ "/config", "/etc/letsencrypt" ] +VOLUME [ "/data", "/etc/letsencrypt" ] CMD [ "/init" ] HEALTHCHECK --interval=15s --timeout=3s CMD curl -f http://localhost:9876/health || exit 1 diff --git a/Jenkinsfile b/Jenkinsfile index aa8381ef..086bec03 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -1,6 +1,6 @@ pipeline { options { - buildDiscarder(logRotator(artifactDaysToKeepStr: '', artifactNumToKeepStr: '', daysToKeepStr: '', numToKeepStr: '10')) + buildDiscarder(logRotator(numToKeepStr: '10')) disableConcurrentBuilds() } agent any @@ -13,16 +13,17 @@ pipeline { stage('Prepare') { steps { sh 'docker pull jc21/$IMAGE_NAME-base' + sh 'docker pull jc21/node' sh 'docker pull $DOCKER_CI_TOOLS' } } stage('Build') { steps { - sh 'docker run --rm -v $(pwd)/manager:/srv/manager -w /srv/manager jc21/$IMAGE_NAME-base yarn --registry=$NPM_REGISTRY install' - sh 'docker run --rm -v $(pwd)/manager:/srv/manager -w /srv/manager jc21/$IMAGE_NAME-base gulp build' + sh 'docker run --rm -v $(pwd):/srv/app -w /srv/app jc21/node yarn --registry=$NPM_REGISTRY install' + sh 'docker run --rm -v $(pwd):/srv/app -w /srv/app jc21/node bin/build' sh 'rm -rf node_modules' - sh 'docker run --rm -v $(pwd)/manager:/srv/manager -w /srv/manager jc21/$IMAGE_NAME-base yarn --registry=$NPM_REGISTRY install --prod' - sh 'docker run --rm -v $(pwd)/manager:/data $DOCKER_CI_TOOLS node-prune' + sh 'docker run --rm -v $(pwd):/srv/app -w /srv/app jc21/node yarn --registry=$NPM_REGISTRY install --prod' + sh 'docker run --rm -v $(pwd):/data $DOCKER_CI_TOOLS node-prune' sh 'docker build --squash --compress -t $TEMP_IMAGE_NAME .' } } @@ -51,11 +52,11 @@ pipeline { } post { success { - slackSend color: "#72c900", message: "SUCCESS: <${BUILD_URL}|${JOB_NAME}> build #${BUILD_NUMBER} - ${currentBuild.durationString}" + juxtapose event: 'success' sh 'figlet "SUCCESS"' } failure { - slackSend color: "#d61111", message: "FAILED: <${BUILD_URL}|${JOB_NAME}> build #${BUILD_NUMBER} - ${currentBuild.durationString}" + juxtapose event: 'failure' sh 'figlet "FAILURE"' } always { @@ -65,6 +66,6 @@ pipeline { } def getPackageVersion() { - ver = sh(script: 'docker run --rm -v $(pwd)/manager:/data $DOCKER_CI_TOOLS bash -c "cat /data/package.json|jq -r \'.version\'"', returnStdout: true) + ver = sh(script: 'docker run --rm -v $(pwd):/data $DOCKER_CI_TOOLS bash -c "cat /data/package.json|jq -r \'.version\'"', returnStdout: true) return ver.trim() } diff --git a/rootfs/etc/nginx/conf.d/default.conf b/rootfs/etc/nginx/conf.d/default.conf index c363c552..2baadb84 100644 --- a/rootfs/etc/nginx/conf.d/default.conf +++ b/rootfs/etc/nginx/conf.d/default.conf @@ -4,7 +4,7 @@ server { listen 9876 default; server_name localhost; - access_log /config/logs/manager.log proxy; + access_log /data/logs/manager.log proxy; set $server 127.0.0.1; set $port 81; @@ -26,7 +26,7 @@ server { listen 80 default; server_name localhost; - access_log /config/logs/default.log proxy; + access_log /data/logs/default.log proxy; include conf.d/include/assets.conf; include conf.d/include/block-exploits.conf; diff --git a/rootfs/etc/nginx/conf.d/include/letsencrypt-acme-challenge.conf b/rootfs/etc/nginx/conf.d/include/letsencrypt-acme-challenge.conf index c2c21b54..750c9b29 100644 --- a/rootfs/etc/nginx/conf.d/include/letsencrypt-acme-challenge.conf +++ b/rootfs/etc/nginx/conf.d/include/letsencrypt-acme-challenge.conf @@ -15,7 +15,7 @@ location ^~ /.well-known/acme-challenge/ { # there to "webroot". # Do NOT use alias, use root! Target directory is located here: # /var/www/common/letsencrypt/.well-known/acme-challenge/ - root /config/letsencrypt-acme-challenge; + root /data/letsencrypt-acme-challenge; } # Hide /acme-challenge subdirectory and return 404 on all requests. diff --git a/rootfs/etc/services.d/manager/run b/rootfs/etc/services.d/manager/run index a6f66329..64beac83 100755 --- a/rootfs/etc/services.d/manager/run +++ b/rootfs/etc/services.d/manager/run @@ -1,6 +1,6 @@ #!/usr/bin/with-contenv bash -mkdir -p /config/letsencrypt-acme-challenge +mkdir -p /data/letsencrypt-acme-challenge -cd /srv/manager -node --abort_on_uncaught_exception --max_old_space_size=250 /srv/manager/src/backend/index.js +cd /srv/app +node --abort_on_uncaught_exception --max_old_space_size=250 /srv/app/src/backend/index.js diff --git a/rootfs/etc/services.d/nginx/run b/rootfs/etc/services.d/nginx/run index 29663be5..3d2c9f97 100755 --- a/rootfs/etc/services.d/nginx/run +++ b/rootfs/etc/services.d/nginx/run @@ -1,5 +1,5 @@ #!/usr/bin/with-contenv bash -mkdir -p /tmp/nginx /config/{nginx,logs,access} /config/nginx/stream /var/lib/nginx/cache/{public,private} +mkdir -p /tmp/nginx /data/{nginx,logs,access} /data/nginx/stream /var/lib/nginx/cache/{public,private} chown root /tmp/nginx exec nginx diff --git a/rootfs/root/.config/letsencrypt/cli.ini b/rootfs/root/.config/letsencrypt/cli.ini index 561b770d..3565d6e5 100644 --- a/rootfs/root/.config/letsencrypt/cli.ini +++ b/rootfs/root/.config/letsencrypt/cli.ini @@ -1,4 +1,4 @@ text = True non-interactive = True authenticator = webroot -webroot-path = /config/letsencrypt-acme-challenge +webroot-path = /data/letsencrypt-acme-challenge diff --git a/rootfs/var/www/html/index.html b/rootfs/var/www/html/index.html index bb292b47..8478b47f 100644 --- a/rootfs/var/www/html/index.html +++ b/rootfs/var/www/html/index.html @@ -18,7 +18,7 @@

If you're seeing this site then you're trying to access a host that isn't set up yet.

Log in to the Admin panel to get started.

-

Powered by Nginx Proxy Manager

+

Powered by Nginx Proxy Manager