Blame - docker/Keystone/Dockerfile - osm/devops

blob: 95738fd013c7ad48cfe196b4c986d665e6ee9268 [file] [log] [blame]

bravof	62c8116	2021-10-20 11:48:16 -0300	[diff] [blame]	1	# Copyright 2021 Whitestack, LLC
Eduardo Sousa	3c76174	2019-02-05 16:19:31 +0000	[diff] [blame]	2	#
				3	# Licensed under the Apache License, Version 2.0 (the "License"); you may
				4	# not use this file except in compliance with the License. You may obtain
				5	# a copy of the License at
				6	#
				7	# http://www.apache.org/licenses/LICENSE-2.0
				8	#
				9	# Unless required by applicable law or agreed to in writing, software
				10	# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
				11	# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
				12	# License for the specific language governing permissions and limitations
				13	# under the License.
				14	#
				15	# For those usages not covered by the Apache License, Version 2.0 please
bravof	62c8116	2021-10-20 11:48:16 -0300	[diff] [blame]	16	# contact: fbravo@whitestack.com or glavado@whitestack.com
Eduardo Sousa	3c76174	2019-02-05 16:19:31 +0000	[diff] [blame]	17	##
				18
bravof	62c8116	2021-10-20 11:48:16 -0300	[diff] [blame]	19	FROM ubuntu:20.04
Eduardo Sousa	09a1e97	2018-09-21 11:06:32 +0100	[diff] [blame]	20
				21	EXPOSE 5000
				22
sousaedu	3d77c0d	2022-01-21 14:01:53 +0000	[diff] [blame]	23	WORKDIR /app
Eduardo Sousa	09a1e97	2018-09-21 11:06:32 +0100	[diff] [blame]	24
sousaedu	3d77c0d	2022-01-21 14:01:53 +0000	[diff] [blame]	25	COPY scripts/start.sh /app/start.sh
Eduardo Sousa	09a1e97	2018-09-21 11:06:32 +0100	[diff] [blame]	26
bravof	62c8116	2021-10-20 11:48:16 -0300	[diff] [blame]	27	RUN DEBIAN_FRONTEND=noninteractive apt-get update && \
				28	DEBIAN_FRONTEND=noninteractive apt-get upgrade -y && \
				29	DEBIAN_FRONTEND=noninteractive apt-get autoremove -y && \
				30	DEBIAN_FRONTEND=noninteractive apt-get install -y software-properties-common && \
				31	add-apt-repository -y cloud-archive:victoria && \
				32	DEBIAN_FRONTEND=noninteractive apt-get update && \
				33	DEBIAN_FRONTEND=noninteractive apt-get dist-upgrade -y && \
				34	DEBIAN_FRONTEND=noninteractive apt-get install -y \
				35	apache2=2.4.* \
				36	keystone=2:18.0.* \
				37	libapache2-mod-wsgi-py3=4.6.* \
				38	python3-pip=20.0.* \
				39	build-essential=12.8* \
				40	python3-dev=3.8.* \
				41	libldap2-dev=2.4.* \
				42	libsasl2-dev=2.1.* \
				43	libssl-dev=1.1.* \
				44	libffi-dev=3.3* \
				45	libxml2-dev=2.9.* \
				46	libxslt1-dev=1.1.* \
				47	zlib1g-dev=1:1.2.* \
				48	ldap-utils=2.4.* \
				49	curl=7.68.* \
				50	net-tools=1.60* \
				51	mysql-client=8.0.* \
				52	dnsutils=1:9.16.* && \
Eduardo Sousa	09a1e97	2018-09-21 11:06:32 +0100	[diff] [blame]	53	rm -rf /var/lib/apt/lists/* && \
				54	chmod +x start.sh
				55
sousaedu	dffc3a0	2021-11-16 23:16:09 +0000	[diff] [blame]	56	RUN pip3 install -U pip==21.3.1 && \
				57	pip3 install python-ldap==3.2.0 ldappool==3.0.0 python-openstackclient==5.7.0
bravof	62c8116	2021-10-20 11:48:16 -0300	[diff] [blame]	58
sousaedu	3d77c0d	2022-01-21 14:01:53 +0000	[diff] [blame]	59	# Creating the user for the app
				60	RUN groupadd -g 1000 appuser && \
				61	useradd -u 1000 -g 1000 -d /app appuser && \
				62	usermod -a -G keystone appuser && \
				63	usermod -a -G adm appuser && \
				64	chown -R appuser:appuser /app && \
				65	chown root:keystone /etc/keystone && \
				66	chmod 770 /etc/keystone && \
				67	chown root:keystone /etc/ssl/certs && \
				68	chmod 770 /etc/ssl/certs && \
				69	chown root:keystone /etc/apache2/apache2.conf && \
				70	chmod 664 /etc/apache2/apache2.conf && \
				71	sed -i 's/Listen 80/Listen 8080/g' /etc/apache2/ports.conf && \
				72	chown root:keystone /var/spool && \
				73	chmod 775 /var/spool && \
				74	chmod 770 /var/log/apache2 && \
				75	chmod 660 /var/log/apache2/* && \
				76	chmod 770 /var/log/keystone && \
				77	chown root:keystone /var/run/apache2 && \
				78	chmod 775 /var/run/apache2 && \
				79	mkdir -p /etc/sudoers.d && \
				80	echo "%appuser ALL= NOPASSWD: /sbin/service apache2 *" > /etc/sudoers.d/appuser
				81
				82	USER appuser
				83
Eduardo Sousa	e8d792a	2018-10-24 00:26:58 +0100	[diff] [blame]	84	# database
				85	ENV DB_HOST keystone-db
				86	ENV DB_PORT 3306
				87	ENV ROOT_DB_USER root
				88	ENV ROOT_DB_PASSWORD admin
Eduardo Sousa	e8d792a	2018-10-24 00:26:58 +0100	[diff] [blame]	89	ENV KEYSTONE_DB_PASSWORD admin
Eduardo Sousa	c50ed8f	2019-04-08 17:17:54 +0100	[diff] [blame]	90	# keystone
				91	ENV REGION_ID RegionOne
				92	ENV KEYSTONE_HOST keystone
				93	# admin user
				94	ENV ADMIN_USERNAME admin
Eduardo Sousa	e8d792a	2018-10-24 00:26:58 +0100	[diff] [blame]	95	ENV ADMIN_PASSWORD admin
Eduardo Sousa	c50ed8f	2019-04-08 17:17:54 +0100	[diff] [blame]	96	ENV ADMIN_PROJECT admin
				97	# nbi service user
				98	ENV SERVICE_USERNAME nbi
				99	ENV SERVICE_PASSWORD nbi
				100	ENV SERVICE_PROJECT service
David Garcia	6fff9af	2020-03-23 15:32:43 +0100	[diff] [blame]	101	# ldap
				102	# ENV LDAP_AUTHENTICATION_DOMAIN_NAME no default
				103	# ENV LDAP_URL ldap://localhost
sousaedu	126a443	2020-09-23 13:28:25 +0100	[diff] [blame]	104	# ENV LDAP_BIND_USER no default
David Garcia	6fff9af	2020-03-23 15:32:43 +0100	[diff] [blame]	105	# ENV LDAP_BIND_PASSWORD no default
sousaedu	bb631be	2020-10-20 01:15:37 +0100	[diff] [blame]	106	# ENV LDAP_CHASE_REFERRALS no default
				107	# ENV LDAP_PAGE_SIZE 0
David Garcia	6fff9af	2020-03-23 15:32:43 +0100	[diff] [blame]	108	# ENV LDAP_USER_TREE_DN no default
				109	# ENV LDAP_USER_OBJECTCLASS inetOrgPerson
				110	# ENV LDAP_USER_ID_ATTRIBUTE cn
				111	# ENV LDAP_USER_NAME_ATTRIBUTE sn
				112	# ENV LDAP_USER_PASS_ATTRIBUTE userPassword
				113	# ENV LDAP_USER_FILTER no default
				114	# ENV LDAP_USER_ENABLED_ATTRIBUTE enabled
				115	# ENV LDAP_USER_ENABLED_MASK 0
				116	# ENV LDAP_USER_ENABLED_DEFAULT true
				117	# ENV LDAP_USER_ENABLED_INVERT false
sousaedu	bb631be	2020-10-20 01:15:37 +0100	[diff] [blame]	118	# ENV LDAP_GROUP_OBJECTCLASS groupOfNames
				119	# ENV LDAP_GROUP_TREE_DN no default
David Garcia	6fff9af	2020-03-23 15:32:43 +0100	[diff] [blame]	120	# ENV LDAP_USE_STARTTLS false
				121	# ENV LDAP_TLS_CACERT_BASE64 no default
				122	# ENV LDAP_TLS_REQ_CERT demand
Eduardo Sousa	09a1e97	2018-09-21 11:06:32 +0100	[diff] [blame]	123
bravof	62c8116	2021-10-20 11:48:16 -0300	[diff] [blame]	124	ENTRYPOINT ["./start.sh"]