| 1 | # NAME: discourse/base |
| 2 | # VERSION: release |
| 3 | FROM ubuntu:16.04 |
| 4 | |
| 5 | ENV PG_MAJOR 10 |
| 6 | ENV RUBY_ALLOCATOR /usr/lib/libjemalloc.so.1 |
| 7 | |
| 8 | #LABEL maintainer="Sam Saffron \"https://twitter.com/samsaffron\"" |
| 9 | |
| 10 | RUN echo 2.0.`date +%Y%m%d` > /VERSION |
| 11 | |
| 12 | RUN apt-get update && apt-get install -y lsb-release sudo curl |
| 13 | RUN echo "debconf debconf/frontend select Teletype" | debconf-set-selections |
| 14 | RUN echo "deb http://archive.ubuntu.com/ubuntu $(lsb_release -sc) main restricted universe" > /etc/apt/sources.list |
| 15 | RUN echo "deb http://archive.ubuntu.com/ubuntu $(lsb_release -sc)-updates main restricted universe" >> /etc/apt/sources.list |
| 16 | RUN echo "deb http://archive.ubuntu.com/ubuntu $(lsb_release -sc)-security main restricted universe" >> /etc/apt/sources.list |
| 17 | RUN apt-get update && apt-get -y install fping |
| 18 | RUN sh -c "fping proxy && echo 'Acquire { Retries \"0\"; HTTP { Proxy \"http://proxy:3128\";}; };' > /etc/apt/apt.conf.d/40proxy && apt-get update || true" |
| 19 | RUN apt-get -y install software-properties-common |
| 20 | RUN apt-mark hold initscripts |
| 21 | RUN apt-get -y upgrade |
| 22 | RUN curl http://apt.postgresql.org/pub/repos/apt/ACCC4CF8.asc | apt-key add - |
| 23 | RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -sc)-pgdg main" | \ |
| 24 | tee /etc/apt/sources.list.d/postgres.list |
| 25 | RUN curl --silent --location https://deb.nodesource.com/setup_8.x | sudo bash - |
| 26 | RUN apt-get -y update |
| 27 | RUN apt-get -y install build-essential git wget \ |
| 28 | libxslt-dev libcurl4-openssl-dev \ |
| 29 | libssl-dev libyaml-dev libtool \ |
| 30 | libxml2-dev gawk parallel \ |
| 31 | postgresql-${PG_MAJOR} postgresql-client-${PG_MAJOR} \ |
| 32 | postgresql-contrib-${PG_MAJOR} libpq-dev libreadline-dev \ |
| 33 | language-pack-en cron anacron \ |
| 34 | psmisc rsyslog vim whois brotli libunwind-dev \ |
| 35 | libtcmalloc-minimal4 |
| 36 | RUN sed -i -e 's/start -q anacron/anacron -s/' /etc/cron.d/anacron |
| 37 | RUN sed -i.bak 's/$ModLoad imklog/#$ModLoad imklog/' /etc/rsyslog.conf |
| 38 | RUN dpkg-divert --local --rename --add /sbin/initctl |
| 39 | RUN sh -c "test -f /sbin/initctl || ln -s /bin/true /sbin/initctl" |
| 40 | RUN apt-get -y install haproxy openssh-server |
| 41 | RUN cd / &&\ |
| 42 | apt-get -y install runit monit socat &&\ |
| 43 | mkdir -p /etc/runit/1.d &&\ |
| 44 | apt-get clean &&\ |
| 45 | rm -f /etc/apt/apt.conf.d/40proxy &&\ |
| 46 | locale-gen en_US &&\ |
| 47 | apt-get install -y nodejs &&\ |
| 48 | npm install -g uglify-js@"<3" &&\ |
| 49 | npm install -g svgo |
| 50 | |
| 51 | ADD install-nginx /tmp/install-nginx |
| 52 | RUN /tmp/install-nginx |
| 53 | |
| 54 | RUN apt-get -y install advancecomp jhead jpegoptim libjpeg-turbo-progs optipng |
| 55 | |
| 56 | RUN mkdir /jemalloc-stable && cd /jemalloc-stable &&\ |
| 57 | wget https://github.com/jemalloc/jemalloc/releases/download/3.6.0/jemalloc-3.6.0.tar.bz2 &&\ |
| 58 | tar -xjf jemalloc-3.6.0.tar.bz2 && cd jemalloc-3.6.0 && ./configure --prefix=/usr && make && make install &&\ |
| 59 | cd / && rm -rf /jemalloc-stable |
| 60 | |
| 61 | RUN mkdir /jemalloc-new && cd /jemalloc-new &&\ |
| 62 | wget https://github.com/jemalloc/jemalloc/releases/download/5.1.0/jemalloc-5.1.0.tar.bz2 &&\ |
| 63 | tar -xjf jemalloc-5.1.0.tar.bz2 && cd jemalloc-5.1.0 && ./configure --prefix=/usr --with-install-suffix=5.1.0 && make build_lib && make install_lib &&\ |
| 64 | cd / && rm -rf /jemalloc-new |
| 65 | |
| 66 | RUN echo 'gem: --no-document' >> /usr/local/etc/gemrc &&\ |
| 67 | mkdir /src && cd /src && git clone https://github.com/sstephenson/ruby-build.git &&\ |
| 68 | cd /src/ruby-build && ./install.sh &&\ |
| 69 | cd / && rm -rf /src/ruby-build && (ruby-build 2.6.2 /usr/local) |
| 70 | |
| 71 | RUN gem update --system |
| 72 | |
| 73 | RUN gem install bundler --force &&\ |
| 74 | rm -rf /usr/local/share/ri/2.6.2/system &&\ |
| 75 | cd / && git clone https://github.com/discourse/pups.git |
| 76 | |
| 77 | ADD install-redis /tmp/install-redis |
| 78 | RUN /tmp/install-redis |
| 79 | |
| 80 | ADD install-imagemagick /tmp/install-imagemagick |
| 81 | RUN /tmp/install-imagemagick |
| 82 | |
| 83 | # Validate install |
| 84 | RUN ruby -Eutf-8 -e "v = \`convert -version\`; %w{png tiff jpeg freetype}.each { |f| unless v.include?(f); STDERR.puts('no ' + f + ' support in imagemagick'); exit(-1); end }" |
| 85 | |
| 86 | ADD install-pngcrush /tmp/install-pngcrush |
| 87 | RUN /tmp/install-pngcrush |
| 88 | |
| 89 | ADD install-gifsicle /tmp/install-gifsicle |
| 90 | RUN /tmp/install-gifsicle |
| 91 | |
| 92 | ADD install-pngquant /tmp/install-pngquant |
| 93 | RUN /tmp/install-pngquant |
| 94 | |
| 95 | # This tool allows us to disable huge page support for our current process |
| 96 | # since the flag is preserved through forks and execs it can be used on any |
| 97 | # process |
| 98 | ADD thpoff.c /src/thpoff.c |
| 99 | RUN gcc -o /usr/local/sbin/thpoff /src/thpoff.c && rm /src/thpoff.c |
| 100 | |
| 101 | # clean up for docker squash |
| 102 | RUN rm -fr /usr/share/man &&\ |
| 103 | rm -fr /usr/share/doc &&\ |
| 104 | rm -fr /usr/share/vim/vim74/tutor &&\ |
| 105 | rm -fr /usr/share/vim/vim74/doc &&\ |
| 106 | rm -fr /usr/share/vim/vim74/lang &&\ |
| 107 | rm -fr /usr/local/share/doc &&\ |
| 108 | rm -fr /usr/local/share/ruby-build &&\ |
| 109 | rm -fr /root/.gem &&\ |
| 110 | rm -fr /root/.npm &&\ |
| 111 | rm -fr /tmp/* &&\ |
| 112 | rm -fr /usr/share/vim/vim74/spell/en* |
| 113 | |
| 114 | |
| 115 | # this can probably be done, but I worry that people changing PG locales will have issues |
| 116 | # cd /usr/share/locale && rm -fr `ls -d */ | grep -v en` |
| 117 | |
| 118 | RUN mkdir -p /etc/runit/3.d |
| 119 | |
| 120 | ADD runit-1 /etc/runit/1 |
| 121 | ADD runit-1.d-cleanup-pids /etc/runit/1.d/cleanup-pids |
| 122 | ADD runit-1.d-anacron /etc/runit/1.d/anacron |
| 123 | ADD runit-1.d-00-fix-var-logs /etc/runit/1.d/00-fix-var-logs |
| 124 | ADD runit-2 /etc/runit/2 |
| 125 | ADD runit-3 /etc/runit/3 |
| 126 | ADD boot /sbin/boot |
| 127 | |
| 128 | ADD cron /etc/service/cron/run |
| 129 | ADD rsyslog /etc/service/rsyslog/run |
| 130 | ADD cron.d_anacron /etc/cron.d/anacron |
| 131 | |
| 132 | # Discourse specific bits |
| 133 | RUN useradd discourse -s /bin/bash -m -U &&\ |
| 134 | mkdir -p /var/www &&\ |
| 135 | cd /var/www &&\ |
| 136 | git clone https://github.com/discourse/discourse.git &&\ |
| 137 | cd discourse &&\ |
| 138 | git remote set-branches --add origin tests-passed &&\ |
| 139 | chown -R discourse:discourse /var/www/discourse &&\ |
| 140 | cd /var/www/discourse &&\ |
| 141 | sudo -u discourse bundle install --deployment \ |
| 142 | --without test --without development --jobs=4 &&\ |
| 143 | bundle exec rake maxminddb:get &&\ |
| 144 | find /var/www/discourse/vendor/bundle -name tmp -type d -exec rm -rf {} + |