forked from BirgerK/docker-apache-letsencrypt
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile-rpi
70 lines (56 loc) · 2.59 KB
/
Dockerfile-rpi
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
FROM balenalib/raspberrypi3-ubuntu:latest-run
# Enable building ARM container on x86 machinery on the web (comment out next line if built on Raspberry)
RUN [ "cross-build-start" ]
MAINTAINER Nicolas Richeton <[email protected]>
ENV DEBIAN_FRONTEND noninteractive
ENV LETSENCRYPT_HOME /etc/letsencrypt
ENV DOMAINS ""
ENV WEBMASTER_MAIL ""
# Manually set the apache environment variables in order to get apache to work immediately.
#RUN echo $WEBMASTER_MAIL > /etc/container_environment/WEBMASTER_MAIL && \
# echo $DOMAINS > /etc/container_environment/DOMAINS && \
# echo $LETSENCRYPT_HOME > /etc/container_environment/LETSENCRYPT_HOME
# Base setup
RUN apt-get -y update && \
apt-get -y dist-upgrade && \
apt-get install -q -y curl apache2 software-properties-common dumb-init && \
# add-apt-repository ppa:certbot/certbot && \
apt-get -y update && \
apt-get install -q -y python3-certbot-apache && \
# Add modsecurity
apt-get install -q -y --no-install-recommends libapache2-mod-security2 modsecurity-crs && \
# Add cron & python
apt-get install -q -y --no-install-recommends cron python-setuptools python3-pip rsyslog git && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
# Add supervisor
RUN pip install wheel && pip install supervisor git+https://github.com/coderanger/supervisor-stdout
# configure apache
ADD config/mods-available/proxy_html.conf /etc/apache2/mods-available/
ADD config/conf-available/security.conf /etc/apache2/conf-available/
RUN echo "ServerName localhost" >> /etc/apache2/conf-enabled/hostname.conf && \
a2enmod ssl headers proxy proxy_http proxy_html xml2enc rewrite usertrack remoteip && \
a2dissite 000-default default-ssl && \
mkdir -p /var/lock/apache2 && \
mkdir -p /var/run/apache2
# configure runit
RUN mkdir -p /etc/service/apache
ADD config/scripts/run_apache.sh /etc/service/apache/run
ADD config/scripts/init_letsencrypt.sh /init_letsencrypt.sh
ADD config/scripts/run_letsencrypt.sh /run_letsencrypt.sh
RUN chmod +x /*.sh && chmod +x /etc/service/apache/*
# Cron
ADD config/crontab /etc/crontab
# Supervisor
ADD config/supervisord.conf /etc/supervisord.conf
ADD config/rsyslog.conf /etc/rsyslog.conf
RUN mkdir /var/log/supervisor/
# Stuff
EXPOSE 80
EXPOSE 443
ENTRYPOINT ["/usr/bin/dumb-init", "--"]
CMD ["supervisord","-n","-c","/etc/supervisord.conf"]
#VOLUME [ "$LETSENCRYPT_HOME", "/etc/apache2/sites-available", "/var/log/apache2" ]
HEALTHCHECK CMD curl --fail http://localhost/ || exit 1
# stop processing ARM emulation (comment out next line if built on Raspberry)
RUN [ "cross-build-end" ]