forked from openremote/proxy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
72 lines (59 loc) · 2.51 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
FROM debian:stretch-slim
MAINTAINER [email protected]
# Install utilities
RUN apt-get update && apt-get install -y --no-install-recommends \
apt-transport-https \
gnupg2 \
software-properties-common \
procps \
ca-certificates \
curl \
wget \
&& rm -rf /var/lib/apt/lists/*
RUN apt-get update \
&& apt-get install -y --no-install-recommends \
curl certbot rsyslog cron inotify-tools make gcc g++ libreadline-dev libssl-dev libpcre3-dev libz-dev \
&& rm -rf /var/lib/apt/lists/*
ARG HA_PROXY_MINOR_VERSION=2.1
ARG HA_PROXY_VERSION=2.1.2
ARG LUA_VERSION=5.3.5
ARG ACME_PLUGIN_VERSION=0.1.1
ARG DOMAINNAME
ARG LOCAL_CERT_FILE
ENV DOMAINNAME ${DOMAINNAME:-localhost}
ENV LOCAL_CERT_FILE ${LOCAL_CERT_FILE}
ENV TERM xterm
ENV PROXY_LOGLEVEL ${PROXY_LOGLEVEL:-notice}
ENV MANAGER_HOST ${MANAGER_HOST:-manager}
ENV MANAGER_WEB_PORT ${MANAGER_WEB_PORT:-8080}
ENV MANAGER_MQTT_PORT ${MANAGER_MQTT_PORT:-1883}
ENV KEYCLOAK_HOST ${KEYCLOAK_HOST:-keycloak}
ENV KEYCLOAK_PORT ${KEYCLOAK_PORT:-8080}
ENV LOGFILE ${PROXY_LOGFILE:-/var/log/proxy.log}
RUN mkdir /tmp/lua && cd /tmp/lua \
&& curl -sSL https://www.lua.org/ftp/lua-${LUA_VERSION}.tar.gz -o lua.tar.gz \
&& tar xfv lua.tar.gz --strip-components=1 \
&& make linux && make install \
&& cd /tmp && rm -r lua
RUN mkdir /tmp/haproxy && cd /tmp/haproxy \
&& curl -sSL http://www.haproxy.org/download/${HA_PROXY_MINOR_VERSION}/src/haproxy-${HA_PROXY_VERSION}.tar.gz -o haproxy.tar.gz \
&& tar xfv haproxy.tar.gz --strip-components=1 \
&& make -j $(nproc) TARGET=linux-glibc USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 USE_LUA=1 && make install \
&& cd /tmp && rm -r haproxy
RUN mkdir /etc/haproxy && cd /etc/haproxy \
&& curl -sSL https://github.com/janeczku/haproxy-acme-validation-plugin/archive/${ACME_PLUGIN_VERSION}.tar.gz -o acme-plugin.tar.gz \
&& tar xvf acme-plugin.tar.gz --strip-components=1 --no-anchored acme-http01-webroot.lua \
&& rm *.tar.gz && cd
RUN apt-get purge --auto-remove -y make gcc g++ libreadline-dev libssl-dev libpcre3-dev libz-dev
RUN mkdir /opt/selfsigned
ADD rsyslog.conf /etc/rsyslog.conf
ADD haproxy-init.cfg /etc/haproxy/haproxy-init.cfg
ADD haproxy.cfg /etc/haproxy/haproxy.cfg
ADD selfsigned /opt/selfsigned
ADD cli.ini /root/.config/letsencrypt/
EXPOSE 80 443 8883
HEALTHCHECK --interval=3s --timeout=3s --start-period=2s --retries=30 CMD curl --fail --silent http://localhost:80 || exit 1
COPY entrypoint.sh /
RUN chmod +x /entrypoint.sh
ENTRYPOINT ["/entrypoint.sh"]
CMD ["run"]