fraport/fradrive
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(docker): wrap within tini

Browse Source 
Also cleanup environment within container
This commit is contained in:
Gregor Kleen 2023-04-27 07:13:35 +00:00
parent bd29a204fa
commit c86f36b2f6
1 changed files with 42 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

71
nix/docker/default.nix
View File

@ -1,4 +1,4 @@
# SPDX-FileCopyrightText: 2022 Gregor Kleen <gregor.kleen@ifi.lmu.de>,Sarah Vaupel <sarah.vaupel@ifi.lmu.de>,Steffen Jost <jost@cip.ifi.lmu.de>,Steffen Jost <jost@tcs.ifi.lmu.de> # SPDX-FileCopyrightText: 2022-2023 Gregor Kleen <gregor@kleen.consulting>, Sarah Vaupel <sarah.vaupel@ifi.lmu.de>, Steffen Jost <jost@tcs.ifi.lmu.de>
# #
# SPDX-License-Identifier: AGPL-3.0-or-later # SPDX-License-Identifier: AGPL-3.0-or-later
@ -13,38 +13,47 @@ let
printf '%s' $(date -Is -d '@${toString self.lastModified}') > $out printf '%s' $(date -Is -d '@${toString self.lastModified}') > $out
''); '');
in if self ? lastModified then fromDate else "1970-01-01T00:00:01Z"; in if self ? lastModified then fromDate else "1970-01-01T00:00:01Z";
mkUniworxDocker = { isDemo }: prev.dockerTools.buildImage { mkUniworxDocker = { isDemo }: prev.dockerTools.buildImage {
name = "uniworx${optionalString isDemo "-demo"}"; name = "uniworx${optionalString isDemo "-demo"}";
tag = tag =
let let
versionFile = if isDemo then ./demo-version.json else ./version.json; versionFile = if isDemo then ./demo-version.json else ./version.json;
in (builtins.fromJSON (prev.lib.readFile versionFile)).version; in (builtins.fromJSON (prev.lib.readFile versionFile)).version;
inherit created; inherit created;
contents = with final; [ copyToRoot = prev.buildEnv {
uniworx.uniworx.components.exes.uniworx name = "uniworx${optionalString isDemo "-demo"}-root";
prev.dockerTools.binSh findutils coreutils paths = with final; [
iana-etc uniworx.uniworx.components.exes.uniworx
# for PDF creation with Pandoc and LuaTeX prev.dockerTools.binSh findutils coreutils
#cups # needed for interface with print center -- did not work as intended, requires lpd running iana-etc
busybox # should provide a working lpr -- to be tested # just for manual testing within the pod, may be removed for production?
htop curl wget netcat openldap
pdftk # for encrypting pdfs unixtools.netstat htop gnugrep
#texlive.combined.scheme-medium # too large for container in LMU build environment. locale
(texlive.combine { ] ++ optionals isDemo [ postgresql_12 memcached uniworx.uniworx.components.exes.uniworxdb ];
inherit (texlive) scheme-basic
babel-german babel-english booktabs textpos nativeBuildInputs = with prev; [ makeWrapper ];
enumitem eurosym koma-script parskip xcolor dejavu postBuild = ''
# required fro LuaTeX wrapProgram $out/bin/uniworx \
luatexbase lualatex-math unicode-math selnolig --set-default LOCALE_ARCHIVE ${final.glibcLocalesUtf8}/lib/locale/locale-archive \
; --set-default LOCALE_ARCHIVE_2_27 ${final.glibcLocalesUtf8}/lib/locale/locale-archive \
}) --set-default LANG en_DK.UTF-8 \
# just for manual testing within the pod, may be removef for production? --suffix PATH : ${makeBinPath (with final; [
curl wget netcat openldap busybox
unixtools.netstat htop gnugrep pdftk
locale (texlive.combine {
] ++ optionals isDemo [ postgresql_12 memcached uniworx.uniworx.components.exes.uniworxdb ]; inherit (texlive) scheme-basic
babel-german babel-english booktabs textpos
enumitem eurosym koma-script parskip xcolor dejavu
# required fro LuaTeX
luatexbase lualatex-math unicode-math selnolig
;
})
])}
'';
};
runAsRoot = '' runAsRoot = ''
#!${final.stdenv.shell} #!${final.stdenv.shell}
@ -61,7 +70,7 @@ let
install -d -g uniworx -o uniworx -m 0755 /var/log/uniworx install -d -g uniworx -o uniworx -m 0755 /var/log/uniworx
# just to see how to create directories here # just to see how to create directories here
mkdir -p /testdir mkdir -p /testdir
${optionalString isDemo '' ${optionalString isDemo ''
install -d -g uniworx -o uniworx -m 0750 /var/lib/postgres install -d -g uniworx -o uniworx -m 0750 /var/lib/postgres
@ -134,7 +143,7 @@ let
approot: "_env:APPROOT:http://localhost:8080" approot: "_env:APPROOT:http://localhost:8080"
''; '';
in { in {
Cmd = [ "${entrypoint}/bin/uniworx-entrypoint" ]; Cmd = [ "${final.tini}/bin/tini" "${entrypoint}/bin/uniworx-entrypoint" ];
User = "uniworx:uniworx"; User = "uniworx:uniworx";
ExposedPorts = { ExposedPorts = {
"8080/tcp" = {}; "8080/tcp" = {};
@ -145,6 +154,10 @@ let
} // optionalAttrs isDemo { } // optionalAttrs isDemo {
"/var/lib/postgres" = {}; "/var/lib/postgres" = {};
}; };
Env = [
"TINI_SUBREAPER=yes"
"TINI_VERBOSITY=2"
];
}; };
}; };
in in
@ -160,7 +173,7 @@ in
minio-client minio-client
xz xz
]; ];
runAsRoot = '' runAsRoot = ''
#!${final.stdenv.shell} #!${final.stdenv.shell}