Public-System-Design/Public-Dockerfiles
2
Fork 0
Code Issues Pull requests 4 Projects Releases Packages Wiki Activity Actions

Update livekit_middleware_dockerfile.txt

Browse source
This commit is contained in:
holzi1005 2024-11-15 08:32:40 +01:00
parent 575683a36a
commit 60e8ced8d9
1 changed files with 53 additions and 53 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

106
jitsi_admin_middleware_dockerfile.txt → livekit_middleware_dockerfile.txt
View file

@ -1,54 +1,54 @@
FROM erseco/alpine-php-webserver:3.20.5 FROM erseco/alpine-php-webserver:3.20.5
ARG VERSION= ARG VERSION=
ARG WEBDIR=/var/www/html ARG WEBDIR=/var/www/html
LABEL version="${VERSION}" \ LABEL version="${VERSION}" \
Maintainer="H2 invent GmbH" \ Maintainer="H2 invent GmbH" \
Description="Meetling Livekit Middleware" \ Description="Meetling Livekit Middleware" \
org.opencontainers.version="${VERSION}" \ org.opencontainers.version="${VERSION}" \
org.opencontainers.image.title="Meetling Livekit Middleware" \ org.opencontainers.image.title="Meetling Livekit Middleware" \
org.opencontainers.image.license="INTERN" \ org.opencontainers.image.license="INTERN" \
org.opencontainers.image.vendor="H2 invent GmbH" \ org.opencontainers.image.vendor="H2 invent GmbH" \
org.opencontainers.image.authors="Andreas Holzmann <support@h2-invent.com>" \ org.opencontainers.image.authors="Andreas Holzmann <support@h2-invent.com>" \
org.opencontainers.image.source="https://github.com/h2-invent/livekit" \ org.opencontainers.image.source="https://github.com/h2-invent/livekit" \
org.opencontainers.image.documentation="https://meetling.de" \ org.opencontainers.image.documentation="https://meetling.de" \
org.opencontainers.image.url="https://meetling.de" org.opencontainers.image.url="https://meetling.de"
USER root USER root
RUN apk --no-cache add \ RUN apk --no-cache add \
unzip \ unzip \
cronie \ cronie \
openssl openssl
RUN echo "#!/bin/sh" > /docker-entrypoint-init.d/02-openssl.sh \ RUN echo "#!/bin/sh" > /docker-entrypoint-init.d/02-openssl.sh \
&& echo "openssl genrsa -out ${WEBDIR}/private.pem" >> /docker-entrypoint-init.d/02-openssl.sh \ && echo "openssl genrsa -out ${WEBDIR}/private.pem" >> /docker-entrypoint-init.d/02-openssl.sh \
&& echo "openssl rsa -in ${WEBDIR}/private.pem -pubout -out ${WEBDIR}/public/public.pem" >> /docker-entrypoint-init.d/02-openssl.sh \ && echo "openssl rsa -in ${WEBDIR}/private.pem -pubout -out ${WEBDIR}/public/public.pem" >> /docker-entrypoint-init.d/02-openssl.sh \
&& echo "chown nobody ${WEBDIR}/private.pem" >> /docker-entrypoint-init.d/02-openssl.sh \ && echo "chown nobody ${WEBDIR}/private.pem" >> /docker-entrypoint-init.d/02-openssl.sh \
&& chmod +x /docker-entrypoint-init.d/* && chmod +x /docker-entrypoint-init.d/*
RUN --mount=type=secret,id=ARTIFACT_USER \ RUN --mount=type=secret,id=ARTIFACT_USER \
--mount=type=secret,id=ARTIFACT_SECRET \ --mount=type=secret,id=ARTIFACT_SECRET \
--mount=type=secret,id=ARTIFACT_URL \ --mount=type=secret,id=ARTIFACT_URL \
ARTIFACT_USER=$(cat /run/secrets/ARTIFACT_USER) \ ARTIFACT_USER=$(cat /run/secrets/ARTIFACT_USER) \
ARTIFACT_SECRET=$(cat /run/secrets/ARTIFACT_SECRET) \ ARTIFACT_SECRET=$(cat /run/secrets/ARTIFACT_SECRET) \
ARTIFACT_URL=$(cat /run/secrets/ARTIFACT_URL) \ ARTIFACT_URL=$(cat /run/secrets/ARTIFACT_URL) \
&& wget https://${ARTIFACT_USER}:${ARTIFACT_SECRET}@${ARTIFACT_URL}-${VERSION}.zip -O artifact.zip \ && wget https://${ARTIFACT_USER}:${ARTIFACT_SECRET}@${ARTIFACT_URL}-${VERSION}.zip -O artifact.zip \
&& unzip artifact.zip -d ${WEBDIR} \ && unzip artifact.zip -d ${WEBDIR} \
&& chown -R nobody ${WEBDIR}/public \ && chown -R nobody ${WEBDIR}/public \
&& chown -R nobody ${WEBDIR}/var \ && chown -R nobody ${WEBDIR}/var \
&& chmod -R 700 ${WEBDIR}/public \ && chmod -R 700 ${WEBDIR}/public \
&& chmod -R 700 ${WEBDIR}/var && chmod -R 700 ${WEBDIR}/var
RUN apk del unzip \ RUN apk del unzip \
&& rm artifact.zip \ && rm artifact.zip \
&& rm ${WEBDIR}/private.pem \ && rm ${WEBDIR}/private.pem \
&& rm ${WEBDIR}/public/public.pem \ && rm ${WEBDIR}/public/public.pem \
&& rm -r ${WEBDIR}/var/cache \ && rm -r ${WEBDIR}/var/cache \
&& rm -rf /var/cache/apk/* && rm -rf /var/cache/apk/*
USER nobody USER nobody
ENV nginx_root_directory=/var/www/html/public \ ENV nginx_root_directory=/var/www/html/public \
upload_max_filesize=10M upload_max_filesize=10M