File: Dockerfile.common

package info (click to toggle)
python-trame 3.12.0-2
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 101,620 kB
  • sloc: python: 13,515; sh: 183; javascript: 93; makefile: 7
file content (75 lines) | stat: -rw-r--r-- 2,766 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
 
ARG BASE_IMAGE=ubuntu:20.04
FROM ${BASE_IMAGE}

# Necessary to install tzdata. It will default to UTC.
ENV DEBIAN_FRONTEND=noninteractive

# Make sure we enable all GPU if we have one
ENV NVIDIA_DRIVER_CAPABILITIES=all

RUN apt-get update && \
    apt-get install -y \
      wget \
      apache2 \
      apache2-dev \
      libapr1-dev \
      apache2-utils && \
    rm -rf /var/lib/apt/lists/*

COPY --from=tianon/gosu /gosu /usr/local/bin/

# Set up needed permissions and users
# - User groups:
#   - trame-user: non-priviledge user for running and accessing data
#     => (optional) Provide runtime env TRAME_USER_DATA=/docker/path to query which user to map trame-user to
#   - docker: group to be remapped to docker host group to allow docker in docker.
#     - trame-user can perform docker operaction by allowing access to /var/run/docker.sock
#   - proxy-mapping: group for r/w on mapping file
#     - trame-user so the launcher can update the mapping file (w)
#     - www-data so that apache can read the file and handle the network routing (r)
#   - www-data: apache user
#     - added to proxy-mapping so it can read the mapping file for routing network
#     - added to trame-user so it can serve user data
# - Magic numbers:
#   - 1000: Default first user
#   - 5001/5002: Large id to prevent conflict with existing host uid/gid
RUN groupadd trame-user -g 1000 && \
    groupadd proxy-mapping -g 5001 && \
    groupadd docker -g 5002 && \
    useradd -u 1000 -g trame-user -G proxy-mapping -s /sbin/nologin trame-user && \
    usermod -a -G proxy-mapping www-data && \
    usermod -a -G trame-user www-data && \
    usermod -a -G docker trame-user && \
    mkdir -p /opt/trame && \
    chown -R trame-user:trame-user /opt/trame && \
    mkdir -p /home/trame-user && \
    chown -R trame-user:trame-user /home/trame-user && \
    touch /opt/trame/proxy-mapping.txt && \
    chown trame-user:proxy-mapping /opt/trame/proxy-mapping.txt && \
    chmod 660 /opt/trame/proxy-mapping.txt && \
    mkdir -p /deploy && \
    chown -R trame-user:trame-user /deploy

# Copy the apache configuration file into place
COPY config/apache/001-trame.conf /etc/apache2/sites-available/001-trame.conf
COPY config/apache/001-trame.tpl  /opt/trame/apache.tpl
COPY config/default-launcher.json /opt/trame/default-launcher.json

# Configure the apache web server
RUN a2enmod vhost_alias && \
    a2enmod proxy && \
    a2enmod proxy_http && \
    a2enmod proxy_wstunnel && \
    a2enmod rewrite && \
    a2enmod headers && \
    a2dissite 000-default.conf && \
    a2ensite 001-trame && \
    a2dismod autoindex -f

# Copy the scripts into place
COPY scripts/* /opt/trame/

# Open port 80 to the world outside the container
EXPOSE 80

ENTRYPOINT ["/opt/trame/entrypoint.sh"]