-
Notifications
You must be signed in to change notification settings - Fork 171
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
41ff6e8
commit b68b80a
Showing
5 changed files
with
588 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,121 @@ | ||
# | ||
# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" | ||
# | ||
# PLEASE DO NOT EDIT IT DIRECTLY. | ||
# | ||
|
||
FROM ruby:3.1-alpine3.18 | ||
|
||
# explicitly set uid/gid to guarantee that it won't change in the future | ||
# the values 999:999 are identical to the current user/group id assigned | ||
# alpine already has a gid 999, so we'll use the next id | ||
RUN addgroup -S -g 1000 redmine && adduser -S -H -G redmine -u 999 redmine | ||
|
||
RUN set -eux; \ | ||
apk add --no-cache \ | ||
bash \ | ||
ca-certificates \ | ||
findutils \ | ||
su-exec \ | ||
tini \ | ||
tzdata \ | ||
wget \ | ||
\ | ||
breezy \ | ||
git \ | ||
mercurial \ | ||
openssh-client \ | ||
subversion \ | ||
\ | ||
# we need "gsfonts" for generating PNGs of Gantt charts | ||
# and "ghostscript" for creating PDF thumbnails (in 4.1+) | ||
ghostscript \ | ||
ghostscript-fonts \ | ||
imagemagick \ | ||
; | ||
|
||
ENV RAILS_ENV production | ||
WORKDIR /usr/src/redmine | ||
|
||
# https://github.com/docker-library/redmine/issues/138#issuecomment-438834176 | ||
# (bundler needs this for running as an arbitrary user) | ||
ENV HOME /home/redmine | ||
RUN set -eux; \ | ||
[ ! -d "$HOME" ]; \ | ||
mkdir -p "$HOME"; \ | ||
chown redmine:redmine "$HOME"; \ | ||
chmod 1777 "$HOME" | ||
|
||
ENV REDMINE_VERSION 5.1.0 | ||
ENV REDMINE_DOWNLOAD_URL https://www.redmine.org/releases/redmine-5.1.0.tar.gz | ||
ENV REDMINE_DOWNLOAD_SHA256 a94d6ecde5a100a6271503fef154818212dac01cf5e45e37e2beb4059365ba93 | ||
|
||
RUN set -eux; \ | ||
wget -O redmine.tar.gz "$REDMINE_DOWNLOAD_URL"; \ | ||
echo "$REDMINE_DOWNLOAD_SHA256 *redmine.tar.gz" | sha256sum -c -; \ | ||
tar -xf redmine.tar.gz --strip-components=1; \ | ||
rm redmine.tar.gz files/delete.me log/delete.me; \ | ||
mkdir -p log public/plugin_assets sqlite tmp/pdf tmp/pids; \ | ||
chown -R redmine:redmine ./; \ | ||
# log to STDOUT (https://github.com/docker-library/redmine/issues/108) | ||
echo 'config.logger = Logger.new(STDOUT)' > config/additional_environment.rb; \ | ||
# fix permissions for running as an arbitrary user | ||
chmod -R ugo=rwX config db sqlite; \ | ||
find log tmp -type d -exec chmod 1777 '{}' + | ||
|
||
# build for musl-libc, not glibc (see https://github.com/sparklemotion/nokogiri/issues/2075, https://github.com/rubygems/rubygems/issues/3174) | ||
ENV BUNDLE_FORCE_RUBY_PLATFORM 1 | ||
RUN set -eux; \ | ||
\ | ||
apk add --no-cache --virtual .build-deps \ | ||
coreutils \ | ||
freetds-dev \ | ||
gcc \ | ||
make \ | ||
mariadb-dev \ | ||
musl-dev \ | ||
patch \ | ||
postgresql-dev \ | ||
sqlite-dev \ | ||
ttf2ufm \ | ||
zlib-dev \ | ||
; \ | ||
\ | ||
su-exec redmine bundle config --local without 'development test'; \ | ||
# https://github.com/redmine/redmine/commit/23dc108e70a0794f444803ac827a690085dcd557 | ||
# ("gem puma" already exists in the Gemfile, but under "group :test" and we want it all the time) | ||
puma="$(grep -E "^[[:space:]]*gem [:'\"]puma['\",[:space:]].*\$" Gemfile)"; \ | ||
{ echo; echo "$puma"; } | sed -re 's/^[[:space:]]+//' >> Gemfile; \ | ||
# fill up "database.yml" with bogus entries so the redmine Gemfile will pre-install all database adapter dependencies | ||
# https://github.com/redmine/redmine/blob/e9f9767089a4e3efbd73c35fc55c5c7eb85dd7d3/Gemfile#L50-L79 | ||
echo '# the following entries only exist to force `bundle install` to pre-install all database adapter dependencies -- they can be safely removed/ignored' > ./config/database.yml; \ | ||
for adapter in mysql2 postgresql sqlserver sqlite3; do \ | ||
echo "$adapter:" >> ./config/database.yml; \ | ||
echo " adapter: $adapter" >> ./config/database.yml; \ | ||
done; \ | ||
su-exec redmine bundle install --jobs "$(nproc)"; \ | ||
rm ./config/database.yml; \ | ||
# fix permissions for running as an arbitrary user | ||
chmod -R ugo=rwX Gemfile.lock "$GEM_HOME"; \ | ||
# this requires coreutils because "chmod +X" in busybox will remove +x on files (and coreutils leaves files alone with +X) | ||
rm -rf ~redmine/.bundle; \ | ||
\ | ||
# https://github.com/naitoh/rbpdf/issues/31 | ||
rm /usr/local/bundle/gems/rbpdf-font-1.19.*/lib/fonts/ttf2ufm/ttf2ufm; \ | ||
\ | ||
runDeps="$( \ | ||
scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/bundle/gems \ | ||
| tr ',' '\n' \ | ||
| sort -u \ | ||
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ | ||
)"; \ | ||
apk add --no-network --virtual .redmine-rundeps $runDeps; \ | ||
apk del --no-network .build-deps | ||
|
||
VOLUME /usr/src/redmine/files | ||
|
||
COPY docker-entrypoint.sh / | ||
ENTRYPOINT ["/docker-entrypoint.sh"] | ||
|
||
EXPOSE 3000 | ||
CMD ["rails", "server", "-b", "0.0.0.0"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,165 @@ | ||
#!/usr/bin/env bash | ||
set -Eeo pipefail | ||
# TODO add "-u" | ||
|
||
# usage: file_env VAR [DEFAULT] | ||
# ie: file_env 'XYZ_DB_PASSWORD' 'example' | ||
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of | ||
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) | ||
file_env() { | ||
local var="$1" | ||
local fileVar="${var}_FILE" | ||
local def="${2:-}" | ||
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then | ||
echo >&2 "error: both $var and $fileVar are set (but are exclusive)" | ||
exit 1 | ||
fi | ||
local val="$def" | ||
if [ "${!var:-}" ]; then | ||
val="${!var}" | ||
elif [ "${!fileVar:-}" ]; then | ||
val="$(< "${!fileVar}")" | ||
fi | ||
export "$var"="$val" | ||
unset "$fileVar" | ||
} | ||
|
||
isLikelyRedmine= | ||
case "$1" in | ||
rails | rake | passenger ) isLikelyRedmine=1 ;; | ||
esac | ||
|
||
_fix_permissions() { | ||
# https://www.redmine.org/projects/redmine/wiki/RedmineInstall#Step-8-File-system-permissions | ||
local dirs=( config log public/plugin_assets tmp ) args=() | ||
if [ "$(id -u)" = '0' ]; then | ||
args+=( ${args[@]:+,} '(' '!' -user redmine -exec chown redmine:redmine '{}' + ')' ) | ||
|
||
# https://github.com/docker-library/redmine/issues/268 - scanning "files" might be *really* expensive, so we should skip it if it seems like it's "already correct" | ||
local filesOwnerMode | ||
filesOwnerMode="$(stat -c '%U:%a' files)" | ||
if [ "$files" != 'redmine:755' ]; then | ||
dirs+=( files ) | ||
fi | ||
fi | ||
# directories 755, files 644: | ||
args+=( ${args[@]:+,} '(' -type d '!' -perm 755 -exec sh -c 'chmod 755 "$@" 2>/dev/null || :' -- '{}' + ')' ) | ||
args+=( ${args[@]:+,} '(' -type f '!' -perm 644 -exec sh -c 'chmod 644 "$@" 2>/dev/null || :' -- '{}' + ')' ) | ||
find "${dirs[@]}" "${args[@]}" | ||
} | ||
|
||
# allow the container to be started with `--user` | ||
if [ -n "$isLikelyRedmine" ] && [ "$(id -u)" = '0' ]; then | ||
_fix_permissions | ||
exec su-exec redmine "$BASH_SOURCE" "$@" | ||
fi | ||
|
||
if [ -n "$isLikelyRedmine" ]; then | ||
_fix_permissions | ||
if [ ! -f './config/database.yml' ]; then | ||
file_env 'REDMINE_DB_MYSQL' | ||
file_env 'REDMINE_DB_POSTGRES' | ||
file_env 'REDMINE_DB_SQLSERVER' | ||
|
||
if [ "$MYSQL_PORT_3306_TCP" ] && [ -z "$REDMINE_DB_MYSQL" ]; then | ||
export REDMINE_DB_MYSQL='mysql' | ||
elif [ "$POSTGRES_PORT_5432_TCP" ] && [ -z "$REDMINE_DB_POSTGRES" ]; then | ||
export REDMINE_DB_POSTGRES='postgres' | ||
fi | ||
|
||
if [ "$REDMINE_DB_MYSQL" ]; then | ||
adapter='mysql2' | ||
host="$REDMINE_DB_MYSQL" | ||
file_env 'REDMINE_DB_PORT' '3306' | ||
file_env 'REDMINE_DB_USERNAME' "${MYSQL_ENV_MYSQL_USER:-root}" | ||
file_env 'REDMINE_DB_PASSWORD' "${MYSQL_ENV_MYSQL_PASSWORD:-${MYSQL_ENV_MYSQL_ROOT_PASSWORD:-}}" | ||
file_env 'REDMINE_DB_DATABASE' "${MYSQL_ENV_MYSQL_DATABASE:-${MYSQL_ENV_MYSQL_USER:-redmine}}" | ||
file_env 'REDMINE_DB_ENCODING' '' | ||
elif [ "$REDMINE_DB_POSTGRES" ]; then | ||
adapter='postgresql' | ||
host="$REDMINE_DB_POSTGRES" | ||
file_env 'REDMINE_DB_PORT' '5432' | ||
file_env 'REDMINE_DB_USERNAME' "${POSTGRES_ENV_POSTGRES_USER:-postgres}" | ||
file_env 'REDMINE_DB_PASSWORD' "${POSTGRES_ENV_POSTGRES_PASSWORD}" | ||
file_env 'REDMINE_DB_DATABASE' "${POSTGRES_ENV_POSTGRES_DB:-${REDMINE_DB_USERNAME:-}}" | ||
file_env 'REDMINE_DB_ENCODING' 'utf8' | ||
elif [ "$REDMINE_DB_SQLSERVER" ]; then | ||
adapter='sqlserver' | ||
host="$REDMINE_DB_SQLSERVER" | ||
file_env 'REDMINE_DB_PORT' '1433' | ||
file_env 'REDMINE_DB_USERNAME' '' | ||
file_env 'REDMINE_DB_PASSWORD' '' | ||
file_env 'REDMINE_DB_DATABASE' '' | ||
file_env 'REDMINE_DB_ENCODING' '' | ||
else | ||
echo >&2 | ||
echo >&2 'warning: missing REDMINE_DB_MYSQL, REDMINE_DB_POSTGRES, or REDMINE_DB_SQLSERVER environment variables' | ||
echo >&2 | ||
echo >&2 '*** Using sqlite3 as fallback. ***' | ||
echo >&2 | ||
|
||
adapter='sqlite3' | ||
host='localhost' | ||
file_env 'REDMINE_DB_PORT' '' | ||
file_env 'REDMINE_DB_USERNAME' 'redmine' | ||
file_env 'REDMINE_DB_PASSWORD' '' | ||
file_env 'REDMINE_DB_DATABASE' 'sqlite/redmine.db' | ||
file_env 'REDMINE_DB_ENCODING' 'utf8' | ||
|
||
mkdir -p "$(dirname "$REDMINE_DB_DATABASE")" | ||
if [ "$(id -u)" = '0' ]; then | ||
find "$(dirname "$REDMINE_DB_DATABASE")" \! -user redmine -exec chown redmine '{}' + | ||
fi | ||
fi | ||
|
||
REDMINE_DB_ADAPTER="$adapter" | ||
REDMINE_DB_HOST="$host" | ||
echo "$RAILS_ENV:" > config/database.yml | ||
for var in \ | ||
adapter \ | ||
host \ | ||
port \ | ||
username \ | ||
password \ | ||
database \ | ||
encoding \ | ||
; do | ||
env="REDMINE_DB_${var^^}" | ||
val="${!env}" | ||
[ -n "$val" ] || continue | ||
echo " $var: \"$val\"" >> config/database.yml | ||
done | ||
fi | ||
|
||
# install additional gems for Gemfile.local and plugins | ||
bundle check || bundle install | ||
|
||
if [ ! -s config/secrets.yml ]; then | ||
file_env 'REDMINE_SECRET_KEY_BASE' | ||
if [ -n "$REDMINE_SECRET_KEY_BASE" ]; then | ||
cat > 'config/secrets.yml' <<-YML | ||
$RAILS_ENV: | ||
secret_key_base: "$REDMINE_SECRET_KEY_BASE" | ||
YML | ||
elif [ ! -f config/initializers/secret_token.rb ]; then | ||
rake generate_secret_token | ||
fi | ||
fi | ||
if [ "$1" != 'rake' -a -z "$REDMINE_NO_DB_MIGRATE" ]; then | ||
rake db:migrate | ||
fi | ||
|
||
if [ "$1" != 'rake' -a -n "$REDMINE_PLUGINS_MIGRATE" ]; then | ||
rake redmine:plugins:migrate | ||
fi | ||
|
||
# remove PID file to enable restarting the container | ||
rm -f tmp/pids/server.pid | ||
|
||
if [ "$1" = 'passenger' ]; then | ||
# Don't fear the reaper. | ||
set -- tini -- "$@" | ||
fi | ||
fi | ||
|
||
exec "$@" |
Oops, something went wrong.