| 1 | # NAME: discourse/base |
| 2 | # VERSION: release |
| 3 | FROM ubuntu:16.04 |
| 4 | |
| 5 | ENV PG_MAJOR 9.5 |
| 6 | ENV RUBY_ALLOCATOR /usr/lib/libjemalloc.so.1 |
| 7 | ENV COMPRESS_BROTLI 1 |
| 8 | |
| 9 | #LABEL maintainer="Sam Saffron \"https://twitter.com/samsaffron\"" |
| 10 | |
| 11 | RUN echo 2.0.`date +%Y%m%d` > /VERSION |
| 12 | |
| 13 | RUN apt-get update && apt-get install -y lsb-release sudo curl |
| 14 | RUN echo "debconf debconf/frontend select Teletype" | debconf-set-selections |
| 15 | RUN echo "deb http://archive.ubuntu.com/ubuntu $(lsb_release -sc) main restricted universe" > /etc/apt/sources.list |
| 16 | RUN echo "deb http://archive.ubuntu.com/ubuntu $(lsb_release -sc)-updates main restricted universe" >> /etc/apt/sources.list |
| 17 | RUN echo "deb http://archive.ubuntu.com/ubuntu $(lsb_release -sc)-security main restricted universe" >> /etc/apt/sources.list |
| 18 | RUN apt-get update && apt-get -y install fping |
| 19 | RUN sh -c "fping proxy && echo 'Acquire { Retries \"0\"; HTTP { Proxy \"http://proxy:3128\";}; };' > /etc/apt/apt.conf.d/40proxy && apt-get update || true" |
| 20 | RUN apt-get -y install software-properties-common |
| 21 | RUN apt-mark hold initscripts |
| 22 | RUN apt-get -y upgrade |
| 23 | RUN curl http://apt.postgresql.org/pub/repos/apt/ACCC4CF8.asc | apt-key add - |
| 24 | RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -sc)-pgdg main" | \ |
| 25 | tee /etc/apt/sources.list.d/postgres.list |
| 26 | RUN curl --silent --location https://deb.nodesource.com/setup_8.x | sudo bash - |
| 27 | RUN apt-get -y update |
| 28 | RUN apt-get -y install build-essential git wget \ |
| 29 | libxslt-dev libcurl4-openssl-dev \ |
| 30 | libssl-dev libyaml-dev libtool \ |
| 31 | libxml2-dev gawk parallel \ |
| 32 | postgresql-${PG_MAJOR} postgresql-client-${PG_MAJOR} \ |
| 33 | postgresql-contrib-${PG_MAJOR} libpq-dev libreadline-dev \ |
| 34 | language-pack-en cron anacron \ |
| 35 | psmisc rsyslog vim whois brotli libunwind-dev |
| 36 | RUN sed -i -e 's/start -q anacron/anacron -s/' /etc/cron.d/anacron |
| 37 | RUN sed -i.bak 's/$ModLoad imklog/#$ModLoad imklog/' /etc/rsyslog.conf |
| 38 | RUN dpkg-divert --local --rename --add /sbin/initctl |
| 39 | RUN sh -c "test -f /sbin/initctl || ln -s /bin/true /sbin/initctl" |
| 40 | RUN apt-get -y install redis-server haproxy openssh-server |
| 41 | RUN cd / &&\ |
| 42 | apt-get -y install runit monit socat &&\ |
| 43 | mkdir -p /etc/runit/1.d &&\ |
| 44 | apt-get clean &&\ |
| 45 | rm -f /etc/apt/apt.conf.d/40proxy &&\ |
| 46 | locale-gen en_US &&\ |
| 47 | apt-get install -y nodejs &&\ |
| 48 | npm install -g uglify-js@"<3" &&\ |
| 49 | npm install svgo -g |
| 50 | |
| 51 | ADD install-nginx /tmp/install-nginx |
| 52 | RUN /tmp/install-nginx |
| 53 | |
| 54 | RUN apt-get -y install advancecomp jhead jpegoptim libjpeg-turbo-progs optipng |
| 55 | |
| 56 | RUN mkdir /jemalloc-stable && cd /jemalloc-stable &&\ |
| 57 | wget https://github.com/jemalloc/jemalloc/releases/download/3.6.0/jemalloc-3.6.0.tar.bz2 &&\ |
| 58 | tar -xjf jemalloc-3.6.0.tar.bz2 && cd jemalloc-3.6.0 && ./configure --prefix=/usr && make && make install &&\ |
| 59 | cd / && rm -rf /jemalloc-stable |
| 60 | |
| 61 | RUN mkdir /jemalloc-new && cd /jemalloc-new &&\ |
| 62 | wget https://github.com/jemalloc/jemalloc/releases/download/5.0.1/jemalloc-5.0.1.tar.bz2 &&\ |
| 63 | tar -xjf jemalloc-5.0.1.tar.bz2 && cd jemalloc-5.0.1 && ./configure --prefix=/usr --with-install-suffix=5.0.1 && make build_lib && make install_lib &&\ |
| 64 | cd / && rm -rf /jemalloc-new |
| 65 | |
| 66 | RUN mkdir /gperftools && git clone https://github.com/gperftools/gperftools.git /gperftools &&\ |
| 67 | cd /gperftools && git checkout gperftools-2.5 && ./autogen.sh && ./configure --prefix=$PWD/lib &&\ |
| 68 | make install && mv lib/lib/libtcmalloc_minimal.so.4.3.0 /usr/lib && cd / && rm -rf /gperftools |
| 69 | |
| 70 | RUN mkdir /lockless && cd /lockless && curl -O https://locklessinc.com/downloads/lockless_allocator_linux.tgz &&\ |
| 71 | tar zxf lockless_allocator_linux.tgz && mv lockless_allocator_linux/64bit/libllalloc.so.1.4 /usr/lib &&\ |
| 72 | cd / && rm -rf /lockless |
| 73 | |
| 74 | RUN echo 'gem: --no-document' >> /usr/local/etc/gemrc &&\ |
| 75 | mkdir /src && cd /src && git clone https://github.com/sstephenson/ruby-build.git &&\ |
| 76 | cd /src/ruby-build && ./install.sh &&\ |
| 77 | cd / && rm -rf /src/ruby-build && (ruby-build 2.4.2 /usr/local) |
| 78 | |
| 79 | RUN gem update --system |
| 80 | |
| 81 | RUN gem install bundler --force &&\ |
| 82 | rm -rf /usr/local/share/ri/2.4.2/system &&\ |
| 83 | cd / && git clone https://github.com/SamSaffron/pups.git |
| 84 | |
| 85 | ADD install-imagemagick /tmp/install-imagemagick |
| 86 | RUN /tmp/install-imagemagick |
| 87 | |
| 88 | # Validate install |
| 89 | RUN ruby -Eutf-8 -e "v = \`convert -version\`; %w{png tiff jpeg freetype}.each { |f| unless v.include?(f); STDERR.puts('no ' + f + ' support in imagemagick'); exit(-1); end }" |
| 90 | |
| 91 | ADD install-pngcrush /tmp/install-pngcrush |
| 92 | RUN /tmp/install-pngcrush |
| 93 | |
| 94 | ADD install-gifsicle /tmp/install-gifsicle |
| 95 | RUN /tmp/install-gifsicle |
| 96 | |
| 97 | ADD install-pngquant /tmp/install-pngquant |
| 98 | RUN /tmp/install-pngquant |
| 99 | |
| 100 | # clean up for docker squash |
| 101 | RUN rm -fr /usr/share/man &&\ |
| 102 | rm -fr /usr/share/doc &&\ |
| 103 | rm -fr /usr/share/vim/vim74/tutor &&\ |
| 104 | rm -fr /usr/share/vim/vim74/doc &&\ |
| 105 | rm -fr /usr/share/vim/vim74/lang &&\ |
| 106 | rm -fr /usr/local/share/doc &&\ |
| 107 | rm -fr /usr/local/share/ruby-build &&\ |
| 108 | rm -fr /root/.gem &&\ |
| 109 | rm -fr /root/.npm &&\ |
| 110 | rm -fr /tmp/* &&\ |
| 111 | rm -fr /usr/share/vim/vim74/spell/en* |
| 112 | |
| 113 | |
| 114 | # this can probably be done, but I worry that people changing PG locales will have issues |
| 115 | # cd /usr/share/locale && rm -fr `ls -d */ | grep -v en` |
| 116 | |
| 117 | RUN mkdir -p /etc/runit/3.d |
| 118 | |
| 119 | ADD runit-1 /etc/runit/1 |
| 120 | ADD runit-1.d-cleanup-pids /etc/runit/1.d/cleanup-pids |
| 121 | ADD runit-1.d-anacron /etc/runit/1.d/anacron |
| 122 | ADD runit-1.d-00-fix-var-logs /etc/runit/1.d/00-fix-var-logs |
| 123 | ADD runit-2 /etc/runit/2 |
| 124 | ADD runit-3 /etc/runit/3 |
| 125 | ADD boot /sbin/boot |
| 126 | |
| 127 | ADD cron /etc/service/cron/run |
| 128 | ADD rsyslog /etc/service/rsyslog/run |
| 129 | ADD cron.d_anacron /etc/cron.d/anacron |
| 130 | |
| 131 | |
| 132 | # Discourse specific bits |
| 133 | RUN useradd discourse -s /bin/bash -m -U &&\ |
| 134 | mkdir -p /var/www &&\ |
| 135 | cd /var/www &&\ |
| 136 | git clone https://github.com/discourse/discourse.git &&\ |
| 137 | cd discourse &&\ |
| 138 | git remote set-branches --add origin tests-passed &&\ |
| 139 | chown -R discourse:discourse /var/www/discourse &&\ |
| 140 | cd /var/www/discourse &&\ |
| 141 | sudo -u discourse bundle install --deployment \ |
| 142 | --without test --without development &&\ |
| 143 | find /var/www/discourse/vendor/bundle -name tmp -type d -exec rm -rf {} + |