Dockerfile

FROM ubuntu:20.04

# N.B. passenger --install_dir=/var/lib/gems/m.n.o must agree with ruby version

ENV GEM_HOME="/srv/gems" \
    LANG=C.UTF-8 \
    LC_ALL=C.UTF-8

RUN apt-get update && \
    apt-get install -y curl software-properties-common apt-utils && \
    mkdir -p /etc/apt/keyrings && \
    curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | \
      gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg && \
      echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_18.x nodistro main" > \
      /etc/apt/sources.list.d/nodesource.list && \
    apt-get update && \
    DEBIAN_FRONTEND='noninteractive' apt-get install -y \
      apache2 \
      subversion \
      git \
      build-essential \
      libgmp3-dev \
      libldap2-dev \
      libsasl2-dev \
      python3-pip \
      ruby-dev \
      zlib1g-dev \
      imagemagick \
      img2pdf \
      nodejs \
      procmail \
      poppler-utils \
      texlive-extra-utils \
      gnupg2 \
      libcurl4-openssl-dev \
      libssl-dev \
      apache2-dev \
      libapr1-dev \
      libaprutil1-dev && \
    gem update --system 3.4.22 &&\
    gem install bundler:2.4.22 passenger --install_dir=/var/lib/gems/2.7.0 && \
    passenger-install-apache2-module --auto && \
    passenger-install-apache2-module --snippet > \
      /etc/apache2/conf-enabled/passenger.conf && \
    pip3 install img2pdf && \
    a2enmod cgi && \
    a2enmod headers && \
    a2enmod rewrite && \
    a2enmod authnz_ldap && \
    a2enmod speling && \
    a2enmod remoteip && \
    a2enmod expires && \
    a2enmod proxy_wstunnel &&\
    echo "ServerName whimsy.local" > /etc/apache2/conf-enabled/servername.conf

RUN echo 'SetEnv GEM_HOME /srv/gems' > /etc/apache2/conf-enabled/gemhome.conf

# Add new items at the end so previous layers can be re-used

# for editing/viewing files only in the container
RUN DEBIAN_FRONTEND='noninteractive' apt-get install -y vim

# for checking ldap settings etc
RUN DEBIAN_FRONTEND='noninteractive' apt-get install -y ldap-utils

# Install puppeteer
COPY docker-config/puppeteer-install.sh /tmp/puppeteer-install.sh
RUN bash /tmp/puppeteer-install.sh && rm /tmp/puppeteer-install.sh

# Fix for psych 5.0.0
RUN DEBIAN_FRONTEND='noninteractive' apt-get install -y libyaml-dev

#  For testing agenda, you may need the following:
# Find the chrome version:
# google-chrome --version
# Install chromedriver:
# e.g. curl -o chromedriver.zip https://chromedriver.storage.googleapis.com/99.0.4844.51/chromedriver_linux64.zip
# unzip it:
# unzip chromedriver.zip
# mv chromedriver /usr/bin/chromedriver
# chown root:root /usr/bin/chromedriver
# chmod +x /usr/bin/chromedriver

# Allow www-data user to use Git repo owned by root
COPY docker-config/gitconfig-www /var/www/.gitconfig

COPY docker-config/maintenance_banner.lua /etc/apache2
COPY docker-config/logformat.conf /etc/apache2/conf-enabled/logformat.conf

# disable security check and telemetry
# Must use the same user and group as apache
RUN sed -i -e '$i  PassengerDisableSecurityUpdateCheck on' /etc/apache2/conf-enabled/passenger.conf && \
    sed -i -e '$i  PassengerDisableAnonymousTelemetry on' /etc/apache2/conf-enabled/passenger.conf && \
    sed -i -e '$i  PassengerUser www-data' /etc/apache2/conf-enabled/passenger.conf && \
    sed -i -e '$i  PassengerGroup www-data' /etc/apache2/conf-enabled/passenger.conf

# For running SVN in the container
RUN apt-get install libapache2-mod-svn

# for maintenance banner
RUN DEBIAN_FRONTEND='noninteractive' apt-get install -y \
  lua5.2 && \
  a2enmod lua

# For /usr/bin/host (used in acreq.erb)
RUN DEBIAN_FRONTEND='noninteractive' apt-get install -y host

WORKDIR /srv/whimsy
RUN git config --global --add safe.directory /srv/whimsy
EXPOSE 80

# Note: the httpd and LDAP config is now done in the container as part of startup
# This is to avoid storing any credentials in the image
CMD ["/usr/local/bin/rake", "docker:entrypoint"]