From c6784522a4fb18abe3295d7b741373bb27367f85 Mon Sep 17 00:00:00 2001 From: ZhangXiao Date: Tue, 17 Aug 2021 11:19:20 +0800 Subject: [PATCH] stx tool: Create initial aptly container Dockerfile Create the initial Dockerfile of aptly used to manage Debian repository. Story: 2008846 Task: 43026 Signed-off-by: ZhangXiao Change-Id: I4a2fe2d7922c9f535275f7c56c06a062de446ca4 --- stx/dockerfiles/stx-aptly.Dockerfile | 80 +++++++++++++++++++++++++ stx/toCOPY/aptly/aptly.conf | 21 +++++++ stx/toCOPY/aptly/entrypoint.sh | 42 +++++++++++++ stx/toCOPY/aptly/nginx.conf.template | 16 +++++ stx/toCOPY/aptly/supervisord.aptly.conf | 4 ++ stx/toCOPY/aptly/supervisord.nginx.conf | 4 ++ 6 files changed, 167 insertions(+) create mode 100644 stx/dockerfiles/stx-aptly.Dockerfile create mode 100644 stx/toCOPY/aptly/aptly.conf create mode 100755 stx/toCOPY/aptly/entrypoint.sh create mode 100644 stx/toCOPY/aptly/nginx.conf.template create mode 100644 stx/toCOPY/aptly/supervisord.aptly.conf create mode 100644 stx/toCOPY/aptly/supervisord.nginx.conf diff --git a/stx/dockerfiles/stx-aptly.Dockerfile b/stx/dockerfiles/stx-aptly.Dockerfile new file mode 100644 index 00000000..cedc01a9 --- /dev/null +++ b/stx/dockerfiles/stx-aptly.Dockerfile @@ -0,0 +1,80 @@ +# +# MIT License +# +# Copyright (c) 2021 Mark Asselstine +# +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to deal +# in the Software without restriction, including without limitation the rights +# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in all +# copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +# SOFTWARE. +# + +FROM golang:1.16.5-buster AS builder +LABEL stage=builder + + +# Build Aptly with mirror API support +RUN mkdir -p $GOPATH/src/github.com/aptly-dev/aptly && \ + git clone https://github.com/masselstine/aptly $GOPATH/src/github.com/aptly-dev/aptly && \ + cd $GOPATH/src/github.com/aptly-dev/aptly && \ + go mod init && go mod download && go mod vendor && go mod verify && \ + make install && \ + cd $GOPATH && \ + curl -O https://nginx.org/keys/nginx_signing.key && apt-key add ./nginx_signing.key + +# Build our actual container +FROM debian:buster + +MAINTAINER mark.asselstine@windriver.com + +COPY --from=builder /go/nginx_signing.key nginx_signing.key + +# Add Nginx repository and install required packages +RUN apt-get -q update && apt-get -y install gnupg2 && \ + echo "deb http://nginx.org/packages/debian/ buster nginx" > /etc/apt/sources.list.d/nginx.list && \ + apt-key add ./nginx_signing.key && \ + apt-get -q update && apt-get -y install \ + aptly \ + supervisor \ + gettext-base \ + nginx && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* && \ + rm -rf /usr/share/man && \ + rm -rf /usr/share/doc && \ + rm -rf /usr/share/grub2 && \ + rm -rf /usr/share/texmf/fonts && \ + rm -rf /usr/share/texmf/doc + +# Copy our Aptly build and configure Aptly +COPY --from=builder /go/bin/aptly /usr/bin/aptly +COPY stx/toCOPY/aptly/aptly.conf /etc/aptly.conf +COPY stx/toCOPY/aptly/supervisord.aptly.conf /etc/supervisor/conf.d/aptly.conf + +# Configure Nginx +RUN echo "daemon off;" >> /etc/nginx/nginx.conf +COPY stx/toCOPY/aptly/nginx.conf.template /etc/nginx/nginx.conf.template +COPY stx/toCOPY/aptly/supervisord.nginx.conf /etc/supervisor/conf.d/nginx.conf + +# Bind mount locations +VOLUME [ "/var/aptly" ] + +# Ports +EXPOSE 80 8080 + +# Configure startup +COPY stx/toCOPY/aptly/entrypoint.sh /bin/entrypoint.sh +ENTRYPOINT [ "/bin/entrypoint.sh" ] diff --git a/stx/toCOPY/aptly/aptly.conf b/stx/toCOPY/aptly/aptly.conf new file mode 100644 index 00000000..3239c6ff --- /dev/null +++ b/stx/toCOPY/aptly/aptly.conf @@ -0,0 +1,21 @@ +{ + "rootDir": "/var/aptly", + "downloadConcurrency": 4, + "downloadSpeedLimit": 0, + "architectures": [], + "dependencyFollowSuggests": false, + "dependencyFollowRecommends": false, + "dependencyFollowAllVariants": false, + "dependencyFollowSource": false, + "dependencyVerboseResolve": false, + "gpgDisableSign": true, + "gpgDisableVerify": true, + "gpgProvider": "gpg", + "downloadSourcePackages": false, + "skipLegacyPool": true, + "ppaDistributorID": "ubuntu", + "ppaCodename": "", + "FileSystemPublishEndpoints": {}, + "S3PublishEndpoints": {}, + "SwiftPublishEndpoints": {} +} diff --git a/stx/toCOPY/aptly/entrypoint.sh b/stx/toCOPY/aptly/entrypoint.sh new file mode 100755 index 00000000..321af57f --- /dev/null +++ b/stx/toCOPY/aptly/entrypoint.sh @@ -0,0 +1,42 @@ +#! /bin/bash +# +# MIT License +# +# Copyright (c) 2021 Mark Asselstine +# +# Permission is hereby granted, free of charge, to any person obtaining a copy +# of this software and associated documentation files (the "Software"), to deal +# in the Software without restriction, including without limitation the rights +# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the Software is +# furnished to do so, subject to the following conditions: +# +# The above copyright notice and this permission notice shall be included in all +# copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +# AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +# LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +# OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +# SOFTWARE. +# + +# Copy user aptly.conf +if [ -f /var/aptly/aptly.conf ]; then + cp /var/aptly/aptly.conf /etc/aptly.conf +else + cp /etc/aptly.conf /var/aptly/aptly.conf +fi + +# Setup default nginx config +if [ -f /var/aptly/nginx.conf ]; then + cp /var/aptly/nginx.conf /etc/nginx/conf.d/default.conf +else + envsubst '$HOSTNAME' < /etc/nginx/nginx.conf.template > /etc/nginx/conf.d/default.conf + cp /etc/nginx/conf.d/default.conf /var/aptly/nginx.conf +fi + +# Start Supervisor +/usr/bin/supervisord -n -c /etc/supervisor/supervisord.conf diff --git a/stx/toCOPY/aptly/nginx.conf.template b/stx/toCOPY/aptly/nginx.conf.template new file mode 100644 index 00000000..cca169ef --- /dev/null +++ b/stx/toCOPY/aptly/nginx.conf.template @@ -0,0 +1,16 @@ +server { + listen 80 default_server; + listen [::]:80 default_server; + server_name $HOSTNAME; + + if ( $https = "on" ) { + return 301 http://$host$request_uri; + } + + root /var/aptly/public; + + location / { + autoindex on; + try_files $uri $uri/ =404; + } +} diff --git a/stx/toCOPY/aptly/supervisord.aptly.conf b/stx/toCOPY/aptly/supervisord.aptly.conf new file mode 100644 index 00000000..9b04b16b --- /dev/null +++ b/stx/toCOPY/aptly/supervisord.aptly.conf @@ -0,0 +1,4 @@ +[program:aptly] +command=/usr/bin/aptly api serve --no-lock --listen=":8080" +redirect_stderr=true +stdout_logfile_maxbytes=1MB diff --git a/stx/toCOPY/aptly/supervisord.nginx.conf b/stx/toCOPY/aptly/supervisord.nginx.conf new file mode 100644 index 00000000..dbd9b95d --- /dev/null +++ b/stx/toCOPY/aptly/supervisord.nginx.conf @@ -0,0 +1,4 @@ +[program:nginx] +command=/usr/sbin/nginx +redirect_stderr=true +stdout_logfile_maxbytes=1MB