diff --git a/reviewboard/centos7/Dockerfile b/reviewboard/centos7/Dockerfile new file mode 100644 index 00000000..37da6279 --- /dev/null +++ b/reviewboard/centos7/Dockerfile @@ -0,0 +1,20 @@ +FROM registry.centos.org/centos/centos:7 + +MAINTAINER Mohammed Zeeshan Ahmed + +# RUN yum -y update && yum clean all + +RUN mkdir -p /opt/scripts /opt/data mkdir -p /var/www/reviewboard && touch /opt/data/database.sqllite3 && touch /opt/data/cachefile + +WORKDIR /var/www/reviewboard + +ADD install.sh fix-permissions.sh run.sh passwd.template /opt/scripts/ + +RUN . /opt/scripts/install.sh + +EXPOSE 8080 8443 + +USER apache + +ENTRYPOINT ["/opt/scripts/run.sh"] +CMD ["review"] diff --git a/reviewboard/centos7/fix-permissions.sh b/reviewboard/centos7/fix-permissions.sh new file mode 100755 index 00000000..ea55d486 --- /dev/null +++ b/reviewboard/centos7/fix-permissions.sh @@ -0,0 +1,9 @@ +#!/usr/bin/env bash + +# Fix permissions on the given directory to allow group read/write of +# regular files and execute of directories. +set -eux +find "$1" -exec chown ${2} {} \; +find "$1" -exec chgrp 0 {} \; +find "$1" -exec chmod g+rw {} \; +find "$1" -type d -exec chmod g+x {} + diff --git a/reviewboard/centos7/install.sh b/reviewboard/centos7/install.sh new file mode 100755 index 00000000..1a3550a6 --- /dev/null +++ b/reviewboard/centos7/install.sh @@ -0,0 +1,38 @@ +#!/usr/bin/env bash + +set -eux; + +# Initialize variables +HTTPD_CONF="/etc/httpd/conf/httpd.conf" +HTTPD_WELCOME="/etc/httpd/conf.d/welcome.conf" +WSGI_CONFIG="/etc/httpd/conf.d/reviewboard.conf" + +EPEL="epel-release" +TMP_PKGS="wget"; +BASIC_PKGS="httpd mod_wsgi nss_wrapper gettext"; +CORE_PKGS="ReviewBoard memcached python-memcached cvs git subversion python-subvertpy" + +# Install Begins + +#* Setup basic +yum -y install ${EPEL} && yum -y install ${BASIC_PKGS} && yum -y install ${CORE_PKGS}; + +# Fixup Configurations +rm -rf ${HTTPD_WELCOME}; +sed -i 's/^Listen 80/Listen 8080\\\nListen 8443/g' ${HTTPD_CONF}; +sed -i 's/^Listen 8080\\/Listen 8080/g' ${HTTPD_CONF}; +sed -i 's/^Group apache/Group root/g' ${HTTPD_CONF}; +sed -i 's/logs\/error_log/\/dev\/stderr/g' ${HTTPD_CONF}; +sed -i 's/logs\/access_log/\/dev\/stdout/g' ${HTTPD_CONF}; +mkdir -p /etc/httpd/logs && touch /etc/httpd/logs/error_log && touch /etc/httpd/logs/access_log && touch ${WSGI_CONFIG}; + +# Fix the permissions +for item in "/etc/httpd" "/var/www" "/opt/data"; do + . /opt/scripts/fix-permissions.sh ${item} apache; + chmod -R g+s ${item}; +done + +chmod -R 777 /etc/httpd/logs; + +# Cleanup +yum clean all; diff --git a/reviewboard/centos7/passwd.template b/reviewboard/centos7/passwd.template new file mode 100644 index 00000000..d0f03619 --- /dev/null +++ b/reviewboard/centos7/passwd.template @@ -0,0 +1,14 @@ +root:x:0:0:root:/root:/bin/bash +bin:x:1:1:bin:/bin:/sbin/nologin +daemon:x:2:2:daemon:/sbin:/sbin/nologin +adm:x:3:4:adm:/var/adm:/sbin/nologin +lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin +sync:x:5:0:sync:/sbin:/bin/sync +shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown +halt:x:7:0:halt:/sbin:/sbin/halt +mail:x:8:12:mail:/var/spool/mail:/sbin/nologin +operator:x:11:0:operator:/root:/sbin/nologin +games:x:12:100:games:/usr/games:/sbin/nologin +ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin +nobody:x:99:99:Nobody:/:/sbin/nologin +apache:x:${USER_ID}:${GROUP_ID}:Apache User:${HOME}:/bin/bash diff --git a/reviewboard/centos7/run.sh b/reviewboard/centos7/run.sh new file mode 100755 index 00000000..bf6c957c --- /dev/null +++ b/reviewboard/centos7/run.sh @@ -0,0 +1,51 @@ +#!/usr/bin/env bash + +# Permissions +export USER_ID=$(id -u); +export GROUP_ID=$(id -g); +envsubst < /opt/scripts/passwd.template > /tmp/passwd; +export LD_PRELOAD=libnss_wrapper.so; +export NSS_WRAPPER_PASSWD=/tmp/passwd; +export NSS_WRAPPER_GROUP=/etc/group; + +# Main Begins + +if [ $1 == "review" ]; then + DOMAIN_NAME=${DOMAIN_NAME:-"`hostname -i`"}; + SITE_ROOT=${SITE_ROOT:-"/"}; + + DB_TYPE=${DB_TYPE:-"sqlite3"}; + DB_HOST=${DB_HOST:-"localhost"} + DB_NAME=${DB_NAME:-"/opt/data/database.sqllite3"}; + DB_USER=${DB_USER:-""}; + DB_PASSWD=${DB_PASSWD:-""}; + + CACHE_TYPE=${CACHE_TYPE:-"file"}; + CACHE_INFO=${CACHE_INFO:-"/opt/data/cachefile"}; + + ADMIN_USER=${ADMIN_USER:-"admin"}; + ADMIN_PASSWD=${ADMIN_PASSWD:-"admin"}; + ADMIN_EMAIL=${ADMIN_EMAIL:-"admin@example.com"}; + + SITE_OPTIONS="--domain-name ${DOMAIN_NAME} --site-root ${SITE_ROOT}"; + + DB_OPTIONS="--db-type ${DB_TYPE} --db-name ${DB_NAME} --db-host ${DB_HOST}"; + if [ ! -z ${DB_USER} ]; then + DB_OPTIONS="${DB_OPTIONS} --db-user ${DB_USER}" + fi + if [ ! -z ${DB_PASSWD} ]; then + DB_OPTIONS="${DB_OPTIONS} --db-pass ${DB_PASSWD}" + fi + + CACHE_OPTIONS="--cache-type ${CACHE_TYPE} --cache-info ${CACHE_INFO}"; + ADMIN_OPTIONS="--admin-user ${ADMIN_USER} --admin-password ${ADMIN_PASSWD} --admin-email ${ADMIN_EMAIL}" + + OPTIONS="${SITE_OPTIONS} ${DB_OPTIONS} ${CACHE_OPTIONS} ${ADMIN_OPTIONS}" + INSTALL_CMD1="rb-site install --noinput --web-server-port=8080 ${OPTIONS} /var/www/reviewboard"; + + ${INSTALL_CMD1} && cat /var/www/reviewboard/conf/apache-wsgi.conf > /etc/httpd/conf.d/reviewboard.conf; + + exec /usr/sbin/httpd -DFOREGROUND; +else + exec $@ +fi \ No newline at end of file