Updating dockerfile to be friendly to volume usage, as well as pre-filling with uuids rather than static secrets.

2022-07-08 18:33:07 +01:00 · 2022-07-08 18:33:07 +01:00 · 33e8600d62
parent 187f1965e2
commit 33e8600d62
5 changed files with 44 additions and 11 deletions
--- a/.yarnrc
+++ b/.yarnrc
@ -0,0 +1 @@
 network-timeout 100000
--- a/hosting/single/Dockerfile
+++ b/hosting/single/Dockerfile
@ -34,18 +34,10 @@ ENV \
  ARCHITECTURE=amd \
  BUDIBASE_ENVIRONMENT=PRODUCTION \
  CLUSTER_PORT=80 \
  COUCHDB_PASSWORD=budibase \
  COUCHDB_USER=budibase \
  COUCH_DB_URL=http://budibase:budibase@localhost:5984 \
  # CUSTOM_DOMAIN=budi001.custom.com \
  DEPLOYMENT_ENVIRONMENT=docker \
  INTERNAL_API_KEY=budibase \
  JWT_SECRET=testsecret \
  MINIO_ACCESS_KEY=budibase \
  MINIO_SECRET_KEY=budibase \
  MINIO_URL=http://localhost:9000 \
  POSTHOG_TOKEN=phc_fg5I3nDOf6oJVMHSaycEhpPdlgS8rzXG2r6F2IpxCHS \
  REDIS_PASSWORD=budibase \
  REDIS_URL=localhost:6379 \
  SELF_HOSTED=1 \
  TARGETBUILD=$TARGETBUILD \
@ -53,9 +45,21 @@ ENV \
  WORKER_URL=http://localhost:4002 \
  APPS_URL=http://localhost:4001
 # These secret env variables are generated by the runner at startup
 # their values can be overriden by the user, they will be written
 # to the .env file in the /data directory for use later on
 #  REDIS_PASSWORD=budibase \
 #  COUCHDB_PASSWORD=budibase \
 #  COUCHDB_USER=budibase \
 #  COUCH_DB_URL=http://budibase:budibase@localhost:5984 \
 #  INTERNAL_API_KEY=budibase \
 #  JWT_SECRET=testsecret \
 #  MINIO_ACCESS_KEY=budibase \
 #  MINIO_SECRET_KEY=budibase \
 # install base dependencies
 RUN apt-get update && \
-  apt-get install -y software-properties-common wget nginx && \
+  apt-get install -y software-properties-common wget nginx uuid-runtime && \
  apt-add-repository 'deb http://security.debian.org/debian-security stretch/updates main' && \
  apt-get update
@ -94,8 +98,6 @@ RUN chmod +x ./bin/clouseau
 # setup CouchDB
 WORKDIR /opt/couchdb
 ADD hosting/single/couch/vm.args hosting/single/couch/local.ini ./etc/
 RUN mkdir -p /data/couch/dbs /data/couch/views
 RUN chown couchdb:couchdb /data/couch /data/couch/dbs /data/couch/views
 # setup minio
 WORKDIR /minio
--- a/hosting/single/runner.sh
+++ b/hosting/single/runner.sh
@ -1,3 +1,31 @@
 #!/bin/bash
 declare -a ENV_VARS=("COUCHDB_USER" "COUCHDB_PASSWORD" "MINIO_ACCESS_KEY" "MINIO_SECRET_KEY" "INTERNAL_API_KEY" "JWT_SECRET" "REDIS_PASSWORD")
 if [ -f "/data/.env" ]; then
    export $(cat /data/.env | xargs)
 fi
 # first randomise any unset environment variables
 for ENV_VAR in "${ENV_VARS[@]}"
 do
    temp=$(eval "echo \$$ENV_VAR")
    if [[ -z "${temp}" ]]; then
        eval "export $ENV_VAR=$(uuidgen | sed -e 's/-//g')"
    fi
 done
 if [[ -z "${COUCH_DB_URL}" ]]; then
    export COUCH_DB_URL=http://$COUCHDB_USER:$COUCHDB_PASSWORD@localhost:5984
 fi
 if [ ! -f "/data/.env" ]; then
    touch /data/.env
    for ENV_VAR in "${ENV_VARS[@]}"
    do
        temp=$(eval "echo \$$ENV_VAR")
        echo "$ENV_VAR=$temp" >> /data/.env
    done
 fi
 # make these directories in runner, incase of mount
 mkdir -p /data/couch/dbs /data/couch/views
 chown couchdb:couchdb /data/couch /data/couch/dbs /data/couch/views
 redis-server --requirepass $REDIS_PASSWORD &
 /opt/clouseau/bin/clouseau &
 /minio/minio server /data/minio &
--- a/packages/server/.yarnrc
+++ b/packages/server/.yarnrc
@ -0,0 +1 @@
 network-timeout 100000
--- a/packages/worker/.yarnrc
+++ b/packages/worker/.yarnrc
@ -0,0 +1 @@
 network-timeout 100000