diff --git a/11/mysql-alpine-tomcat/.env b/11/mysql-alpine-tomcat/.env new file mode 100644 index 00000000..396f5476 --- /dev/null +++ b/11/mysql-alpine-tomcat/.env @@ -0,0 +1,6 @@ +# Default environment values +XWIKI_VERSION=11.3 +DB_USER=xwiki +DB_PASSWORD=xwiki +DB_DATABASE=xwiki +MYSQL_ROOT_PASSWORD=xwiki diff --git a/11/mysql-alpine-tomcat/Dockerfile b/11/mysql-alpine-tomcat/Dockerfile new file mode 100644 index 00000000..8d08d6f7 --- /dev/null +++ b/11/mysql-alpine-tomcat/Dockerfile @@ -0,0 +1,103 @@ +# --------------------------------------------------------------------------- +# See the NOTICE file distributed with this work for additional +# information regarding copyright ownership. +# +# This is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as +# published by the Free Software Foundation; either version 2.1 of +# the License, or (at your option) any later version. +# +# This software is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this software; if not, write to the Free +# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA, or see the FSF site: http://www.fsf.org. +# --------------------------------------------------------------------------- +FROM tomcat:8-jre8-alpine + +# ____ ____ ____ ____ _ __ _ +# |_ _||_ _||_ _| |_ _|(_) [ | _ (_) +# \ \ / / \ \ /\ / / __ | | / ] __ +# > `' < \ \/ \/ / [ | | '' < [ | +# _/ /'`\ \_ \ /\ / | | | |`\ \ | | +# |____||____| \/ \/ [___][__| \_][___] + +MAINTAINER Vincent Massol + +# Note: when using docker-compose, the ENV values below are overridden from the .env file. + +# Install LibreOffice + other tools +# Note that procps is required to get ps which is used by JODConverter to start LibreOffice +RUN apk update && \ + apk --no-cache add \ + curl \ + libreoffice \ + unzip \ + procps + +RUN curl -L -o /mysql-connector-java-5.1.34.jar https://repo1.maven.org/maven2/mysql/mysql-connector-java/5.1.34/mysql-connector-java-5.1.34.jar + +# Install XWiki as the ROOT webapp context in Tomcat +# Create the Tomcat temporary directory +# Configure the XWiki permanent directory +ENV XWIKI_VERSION=11.3 +ENV XWIKI_URL_PREFIX "https://maven.xwiki.org/releases/org/xwiki/platform/xwiki-platform-distribution-war/${XWIKI_VERSION}" +ENV XWIKI_DOWNLOAD_SHA256 86b68942a8f5c81ffbe8e574d824d570ec5e2992739271c7ec8862148b0e7973 +RUN rm -rf /usr/local/tomcat/webapps/* && \ + mkdir -p /usr/local/tomcat/temp && \ + mkdir -p /usr/local/xwiki/data + +RUN curl -fSL "${XWIKI_URL_PREFIX}/xwiki-platform-distribution-war-${XWIKI_VERSION}.war" -o xwiki.war + +RUN echo "$XWIKI_DOWNLOAD_SHA256 xwiki.war" | sha256sum -c - +RUN unzip -d /usr/local/tomcat/webapps/ROOT xwiki.war +RUN rm -f xwiki.war + +# Copy the JDBC driver in the XWiki webapp +RUN cp /mysql-connector-java-*.jar /usr/local/tomcat/webapps/ROOT/WEB-INF/lib/ + +# Configure Tomcat. For example set the memory for the Tomcat JVM since the default value is too small for XWiki +COPY tomcat/setenv.sh /usr/local/tomcat/bin/ + +# Setup the XWiki Hibernate configuration +COPY xwiki/hibernate.cfg.xml /usr/local/tomcat/webapps/ROOT/WEB-INF/hibernate.cfg.xml + +# Set a specific distribution id in XWiki for this docker packaging. +RUN sed -i 's/org.xwiki.platform:xwiki-platform-distribution-war/org.xwiki.platform:xwiki-platform-distribution-docker/' \ + /usr/local/tomcat/webapps/ROOT/META-INF/extension.xed + +# Add scripts required to make changes to XWiki configuration files at execution time +# Note: we don't run CHMOD since 1) it's not required since the executabe bit is already set in git and 2) running +# CHMOD after a COPY will sometimes fail, depending on different host-specific factors (especially on AUFS). +COPY xwiki/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh + +# Make the XWiki directory (the permanent directory is included in it) persist on the host (so that it's not recreated +# across runs) +VOLUME /usr/local/xwiki + +# At this point the image is done and what remains below are the runtime configuration used by the user to configure +# the container that will be created out of the image. Namely the user can override some environment variables with +# docker run -e "var1=val1" -e "var2=val2" ... +# The supported environment variables that can be overridden are: +# - DB_USER: the name of the user configured for XWiki in the DB. Default is "xwiki". This is used to configure +# xwiki's hibernate.cfg.xml file. +# - DB_PASSWORD: the password for the user configured for XWiki in the DB. Default is "xwiki". This is used to +# configure xwiki's hibernate.cfg.xml file. +# - DB_DATABASE: the name of the database to use. Default is "xwiki". This is used to configure xwiki's +# hibernate.cfg.xml file. +# - DB_HOST: The name of the host (or docker container) containing the database. Default is "db". This is used to +# configure xwiki's hibernate.cfg.xml file. + +# Example: +# docker run -it -e "DB_USER=xwiki" -e "DB_PASSWORD=xwiki" + +# Starts XWiki by starting Tomcat. All options passed to "docker run [OPTIONS] IMAGE[:TAG|@DIGEST] [COMMAND] [ARG...]" +# are also passed to docker-entrypoint.sh. If "xwiki" is passed then XWiki will be configured the first time the +# container executes and Tomcat will be started. If some other parameter is passed then it'll be executed to comply +# with best practices defined at https://github.com/docker-library/official-images#consistency. +ENTRYPOINT ["docker-entrypoint.sh"] +CMD ["xwiki"] diff --git a/11/mysql-alpine-tomcat/docker-compose.yml b/11/mysql-alpine-tomcat/docker-compose.yml new file mode 100644 index 00000000..edd876e7 --- /dev/null +++ b/11/mysql-alpine-tomcat/docker-compose.yml @@ -0,0 +1,71 @@ +# --------------------------------------------------------------------------- +# See the NOTICE file distributed with this work for additional +# information regarding copyright ownership. +# +# This is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as +# published by the Free Software Foundation; either version 2.1 of +# the License, or (at your option) any later version. +# +# This software is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this software; if not, write to the Free +# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA, or see the FSF site: http://www.fsf.org. +# --------------------------------------------------------------------------- +version: '2' +networks: + bridge: + driver: bridge +services: + # The container that runs XWiki + Tomcat + web: + build: . + container_name: xwiki-mysql-alpine-tomcat-web + depends_on: + - db + ports: + - "8080:8080" + # Default values defined in .env file. + # The DB_USER/DB_PASSWORD/DB_DATABASE/DB_HOST variables are used in the hibernate.cfg.xml file. + environment: + - XWIKI_VERSION=${XWIKI_VERSION} + - DB_USER=${DB_USER} + - DB_PASSWORD=${DB_PASSWORD} + - DB_DATABASE=${DB_DATABASE} + - DB_HOST=xwiki-mysql-db + # Provide a name instead of an auto-generated id for xwiki data (the permanent directory in included in it) + # configured in the Dockerfile, to make it simpler to identify in 'docker volume ls'. + volumes: + - xwiki-data:/usr/local/xwiki + networks: + - bridge + # The container that runs the database (mysql) + db: + image: "mysql:5.7" + container_name: xwiki-mysql-db + # - We provide a xwiki.cnf file in order to configure the mysql db to support UTF8 and be case-insensitive + # We have to do it here since we use an existing image and that's how this image allows customizations. + # See https://hub.docker.com/_/mysql/ for more details. + # - Provide a name instead of an auto-generated id for the mysql data, to make it simpler to identify in + # 'docker volume ls' + volumes: + - ./mysql/xwiki.cnf:/etc/mysql/conf.d/xwiki.cnf + - mysql-data:/var/lib/mysql + # Configure the MySQL database and create a user with provided name/password. + # See https://hub.docker.com/_/mysql/ for more details. + # Default values defined in .env file. + environment: + - MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD} + - MYSQL_USER=${DB_USER} + - MYSQL_PASSWORD=${DB_PASSWORD} + - MYSQL_DATABASE=${DB_DATABASE} + networks: + - bridge +volumes: + mysql-data: {} + xwiki-data: {} diff --git a/11/mysql-alpine-tomcat/mysql/xwiki.cnf b/11/mysql-alpine-tomcat/mysql/xwiki.cnf new file mode 100644 index 00000000..9c14b162 --- /dev/null +++ b/11/mysql-alpine-tomcat/mysql/xwiki.cnf @@ -0,0 +1,31 @@ +# --------------------------------------------------------------------------- +# See the NOTICE file distributed with this work for additional +# information regarding copyright ownership. +# +# This is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as +# published by the Free Software Foundation; either version 2.1 of +# the License, or (at your option) any later version. +# +# This software is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this software; if not, write to the Free +# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA, or see the FSF site: http://www.fsf.org. +# --------------------------------------------------------------------------- + +[client] +default-character-set = utf8 + +[mysqld] +character-set-server = utf8 +collation-server = utf8_bin +explicit_defaults_for_timestamp = 1 + +[mysql] +default-character-set = utf8 + diff --git a/11/mysql-alpine-tomcat/tomcat/setenv.sh b/11/mysql-alpine-tomcat/tomcat/setenv.sh new file mode 100755 index 00000000..755f260e --- /dev/null +++ b/11/mysql-alpine-tomcat/tomcat/setenv.sh @@ -0,0 +1,54 @@ +#!/bin/bash +# --------------------------------------------------------------------------- +# See the NOTICE file distributed with this work for additional +# information regarding copyright ownership. +# +# This is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as +# published by the Free Software Foundation; either version 2.1 of +# the License, or (at your option) any later version. +# +# This software is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this software; if not, write to the Free +# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA, or see the FSF site: http://www.fsf.org. +# --------------------------------------------------------------------------- + +# We're making the following changes to the default: +# * Adding more memory (default is 512MB which is not enough for XWiki) +# * By default, Tomcat does not allow the usage of encoded slash '%2F' and backslash '%5C' in URLs, as noted in +# https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.10. We want to allow for them as it's useful to +# be able to have '/' and '' in wiki page names. +# * On some system /dev/random is slow to init leading to a slow Tomcat and thus Xwiki startup. + +# Users can override these values by setting the JAVA_OPTS environment variable. For example: +# -e JAVA_OPTS="-Xmx2048m" + +XMX="-Xmx1024m" +ALLOW_ENCODED_SLASH="-Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true" +ALLOW_BACKSLASH="-Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true" +SECURERANDOM="-Djava.security.egd=file:/dev/./urandom" + +if [[ ! -z "$JAVA_OPTS" ]]; then + if [[ ! $JAVA_OPTS =~ .*-Xmx[0-9]+.* ]]; then + JAVA_OPTS="$JAVA_OPTS $XMX" + fi + if [[ ! $JAVA_OPTS =~ .*ALLOW_ENCODED_SLASH.* ]]; then + JAVA_OPTS="$JAVA_OPTS $ALLOW_ENCODED_SLASH" + fi + if [[ ! $JAVA_OPTS =~ .*ALLOW_BACKSLASH.* ]]; then + JAVA_OPTS="$JAVA_OPTS $ALLOW_BACKSLASH" + fi + if [[ ! $JAVA_OPTS =~ .*java\.security\.egd.* ]]; then + JAVA_OPTS="$JAVA_OPTS $SECURERANDOM" + fi +else + JAVA_OPTS="$XMX $ALLOW_ENCODED_SLASH $ALLOW_BACKSLASH $SECURERANDOM" +fi + +export JAVA_OPTS diff --git a/11/mysql-alpine-tomcat/xwiki/docker-entrypoint.sh b/11/mysql-alpine-tomcat/xwiki/docker-entrypoint.sh new file mode 100755 index 00000000..e57a15bd --- /dev/null +++ b/11/mysql-alpine-tomcat/xwiki/docker-entrypoint.sh @@ -0,0 +1,168 @@ +#!/bin/bash +# --------------------------------------------------------------------------- +# See the NOTICE file distributed with this work for additional +# information regarding copyright ownership. +# +# This is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as +# published by the Free Software Foundation; either version 2.1 of +# the License, or (at your option) any later version. +# +# This software is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# Lesser General Public License for more details. +# +# You should have received a copy of the GNU Lesser General Public +# License along with this software; if not, write to the Free +# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA +# 02110-1301 USA, or see the FSF site: http://www.fsf.org. +# --------------------------------------------------------------------------- + +set -e + +function first_start() { + configure + touch /usr/local/tomcat/webapps/ROOT/.first_start_completed +} + +function other_starts() { + mkdir -p /usr/local/xwiki/data + restoreConfigurationFile 'hibernate.cfg.xml' + restoreConfigurationFile 'xwiki.cfg' + restoreConfigurationFile 'xwiki.properties' +} + +# $1 - the path to xwiki.[cfg|properties] +# $2 - the setting/property to set +# $3 - the new value +function xwiki_replace() { + sed -i s~"\#\? \?$2 \?=.*"~"$2=$3"~g "$1" +} + +# $1 - the setting/property to set +# $2 - the new value +function xwiki_set_cfg() { + xwiki_replace /usr/local/tomcat/webapps/ROOT/WEB-INF/xwiki.cfg "$1" "$2" +} + +# $1 - the setting/property to set +# $2 - the new value +function xwiki_set_properties() { + xwiki_replace /usr/local/tomcat/webapps/ROOT/WEB-INF/xwiki.properties "$1" "$2" +} + +# usage: file_env VAR [DEFAULT] +# ie: file_env 'XYZ_DB_PASSWORD' 'example' +# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of +# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) +file_env() { + local var="$1" + local fileVar="${var}_FILE" + local def="${2:-}" + if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then + echo >&2 "error: both $var and $fileVar are set (but are exclusive)" + exit 1 + fi + local val="$def" + if [ "${!var:-}" ]; then + val="${!var}" + elif [ "${!fileVar:-}" ]; then + val="$(< "${!fileVar}")" + fi + export "$var"="$val" + unset "$fileVar" +} + +# Allows to use sed but with user input which can contain special sed characters such as \, / or &. +# $1 - the text to search for +# $2 - the replacement text +# $3 - the file in which to do the search/replace +function safesed { + sed -i "s/$(echo $1 | sed -e 's/\([[\/.*]\|\]\)/\\&/g')/$(echo $2 | sed -e 's/[\/&]/\\&/g')/g" $3 +} + +# $1 - the config file name found in WEB-INF (e.g. "xwiki.cfg") +function saveConfigurationFile() { + if [ -f "/usr/local/xwiki/data/$1" ]; then + echo " Reusing existing config file $1..." + cp "/usr/local/xwiki/data/$1" "/usr/local/tomcat/webapps/ROOT/WEB-INF/$1" + else + echo " Saving config file $1..." + cp "/usr/local/tomcat/webapps/ROOT/WEB-INF/$1" "/usr/local/xwiki/data/$1" + fi +} + +# $1 - the config file name to restore in WEB-INF (e.g. "xwiki.cfg") +function restoreConfigurationFile() { + if [ -f "/usr/local/xwiki/data/$1" ]; then + echo " Synchronizing config file $1..." + cp "/usr/local/xwiki/data/$1" "/usr/local/tomcat/webapps/ROOT/WEB-INF/$1" + else + echo " No config file $1 found, using default from container..." + cp "/usr/local/tomcat/webapps/ROOT/WEB-INF/$1" "/usr/local/xwiki/data/$1" + fi +} + +function configure() { + echo 'Configuring XWiki...' + + echo 'Setting environment variables' + file_env 'DB_USER' 'xwiki' + file_env 'DB_PASSWORD' 'xwiki' + file_env 'DB_HOST' 'db' + file_env 'DB_DATABASE' 'xwiki' + file_env 'INDEX_HOST' 'localhost' + file_env 'INDEX_PORT' '8983' + + echo 'Replacing environment variables in files' + safesed "replaceuser" $DB_USER /usr/local/tomcat/webapps/ROOT/WEB-INF/hibernate.cfg.xml + safesed "replacepassword" $DB_PASSWORD /usr/local/tomcat/webapps/ROOT/WEB-INF/hibernate.cfg.xml + safesed "replacecontainer" $DB_HOST /usr/local/tomcat/webapps/ROOT/WEB-INF/hibernate.cfg.xml + safesed "replacedatabase" $DB_DATABASE /usr/local/tomcat/webapps/ROOT/WEB-INF/hibernate.cfg.xml + + echo ' Generating authentication validation and encryption keys...' + xwiki_set_cfg 'xwiki.authentication.validationKey' "$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)" + xwiki_set_cfg 'xwiki.authentication.encryptionKey' "$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)" + echo ' Deploying XWiki in the ROOT context' + xwiki_set_cfg 'xwiki.webapppath' "" + + echo ' Setting permanent directory...' + xwiki_set_properties 'environment.permanentDirectory' '/usr/local/xwiki/data' + echo ' Configure libreoffice...' + xwiki_set_properties 'openoffice.autoStart' 'true' + + if [ $INDEX_HOST != 'localhost' ]; then + echo ' Configuring remote Solr Index' + xwiki_set_properties 'solr.type' 'remote' + xwiki_set_properties 'solr.remote.url' "http://$INDEX_HOST:$INDEX_PORT/solr/xwiki" + fi + + # If the files already exist then copy them to the XWiki's WEB-INF directory. Otherwise copy the default config + # files to the permanent directory so that they can be easily modified by the user. They'll be synced at the next + # start. + mkdir -p /usr/local/xwiki/data + saveConfigurationFile 'hibernate.cfg.xml' + saveConfigurationFile 'xwiki.cfg' + saveConfigurationFile 'xwiki.properties' +} + +# This if will check if the first argument is a flag but only works if all arguments require a hyphenated flag +# -v; -SL; -f arg; etc will work, but not arg1 arg2 +if [ "${1:0:1}" = '-' ]; then + set -- xwiki "$@" +fi + +# Check for the expected command +if [ "$1" = 'xwiki' ]; then + if [[ ! -f /usr/local/tomcat/webapps/ROOT/.first_start_completed ]]; then + first_start + else + other_starts + fi + shift + set -- catalina.sh run "$@" +fi + +# Else default to run whatever the user wanted like "bash" +exec "$@" diff --git a/11/mysql-alpine-tomcat/xwiki/hibernate.cfg.xml b/11/mysql-alpine-tomcat/xwiki/hibernate.cfg.xml new file mode 100644 index 00000000..2671c42d --- /dev/null +++ b/11/mysql-alpine-tomcat/xwiki/hibernate.cfg.xml @@ -0,0 +1,105 @@ + + + + + + + + + + + + + false + true + + + false + + + false + 50 + 5 + 30000 + com.xpn.xwiki.store.DBCPConnectionProvider + + + + + + + jdbc:mysql://replacecontainer/replacedatabase?useSSL=false + replaceuser + replacepassword + com.mysql.jdbc.Driver + org.hibernate.dialect.MySQL5InnoDBDialect + true + 20 + + UTF-8 + true + utf8 + + + + + + + + +