-
Notifications
You must be signed in to change notification settings - Fork 9
Expand file tree
/
Copy pathwpt-server-tot.Dockerfile
More file actions
83 lines (68 loc) · 2.83 KB
/
wpt-server-tot.Dockerfile
File metadata and controls
83 lines (68 loc) · 2.83 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
FROM ubuntu:22.04
# No interactive frontend during docker build
ENV DEBIAN_FRONTEND=noninteractive \
DEBCONF_NONINTERACTIVE_SEEN=true
# Search for the packages with the "jammy" distribution (aka 22.04) selected on https://packages.ubuntu.com/.
RUN \
apt-get -qqy update && \
apt-get -qqy install \
apt-transport-https \
ca-certificates \
curl \
gettext-base \
git \
gnupg \
locales \
python3.10 \
python3.10-dev \
python3.10-venv \
python3-pip \
supervisor \
tzdata && \
sed -i 's/chmod=0700/chmod=0770\nchown=root:wpt-sync/' /etc/supervisor/supervisord.conf
RUN useradd -ms /bin/bash -u 1000 wpt-server && \
useradd -ms /bin/bash -u 1001 wpt-sync && \
usermod -aG wpt-sync wpt-server
# For Google Cloud, look under https://packages.cloud.google.com/apt/dists/cloud-sdk/main/binary-amd64/Packages
# https://cloud.google.com/storage/docs/gsutil_install
# Copy the "Docker Tip" instructions from gsutil_install link and then pin the version
RUN echo "deb [signed-by=/usr/share/keyrings/cloud.google.gpg] http://packages.cloud.google.com/apt cloud-sdk main" | tee -a /etc/apt/sources.list.d/google-cloud-sdk.list && curl https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key --keyring /usr/share/keyrings/cloud.google.gpg add - && apt-get update -y && apt-get install google-cloud-cli=526.0.1-0 -y
ENV TZ "UTC"
RUN echo "${TZ}" > /etc/timezone \
&& dpkg-reconfigure --frontend noninteractive tzdata
# Generate and set the locale
RUN sed -i -e 's/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/' /etc/locale.gen && \
locale-gen
ENV LC_ALL=en_US.UTF-8 \
LANG=en_US.UTF-8 \
LANGUAGE=en_US:en
RUN dpkg-reconfigure --frontend=noninteractive locales
# Generate a self-signed TLS certificate so that the WPT server can be started
# prior to the initial retrieval of the latest legitimate certificate.
RUN openssl req \
-x509 \
-nodes \
-subj '/CN=example.com' \
-days 1 \
-newkey rsa:4096 -sha256 \
-keyout /home/wpt-sync/privkey.pem \
-out /home/wpt-sync/fullchain.pem
COPY src/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
ENV GIT_WORK_TREE=/home/wpt-sync/wpt
ENV GIT_DIR=/home/wpt-sync/wpt-git
RUN mkdir -p /home/wpt-sync/wpt && \
mkdir -p /home/wpt-sync/wpt-git && \
cd /home/wpt-sync/wpt && \
git init . && \
git remote add origin https://github.com/web-platform-tests/wpt.git && \
chown -R wpt-sync:wpt-sync /home/wpt-sync && \
chmod a+rx /home/wpt-sync /home/wpt-sync/wpt /home/wpt-sync/wpt-git && \
chmod g+w /home/wpt-sync/wpt
COPY src/fetch-certs.py src/fetch-wpt.py /usr/local/bin/
COPY src/wpt-config.json.template /home/wpt-sync/wpt-config.json.template
RUN chown wpt-sync:wpt-sync /home/wpt-sync/wpt-config.json.template
WORKDIR /home/wpt-sync/wpt
ENV WPT_HOST=wpt.live \
WPT_ALT_HOST=not-wpt.live \
WPT_BUCKET=wpt-live
CMD ["/usr/bin/supervisord"]