Skip to content

Instantly share code, notes, and snippets.

@steigr

steigr/bitbucket.Dockerfile

Last active May 5, 2016 16:29
Show Gist options
  • Save steigr/524f94752db41e63e24a1800790de441 to your computer and use it in GitHub Desktop.
Save steigr/524f94752db41e63e24a1800790de441 to your computer and use it in GitHub Desktop.
Download ZIP
Create bitbucket Dockerimage
Raw
bitbucket.Dockerfile
from fedora:rawhide
# run an system update first!
run dnf update -y \
&& dnf clean all
# basic system environment
env JAVA_HOME /usr/java/default
env JRE_HOME /usr/java/default/jre
env CATALINA_HOME /usr/lib/tomcat/default
# install Oracle JDK
arg JDK_VERSION=8u92-b14
run curl -skLOH "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" \
"http://download.oracle.com/otn-pub/java/jdk/${JDK_VERSION}/jdk-${JDK_VERSION%-b*}-linux-x64.rpm" \
&& dnf install -y findutils unzip tar "jdk-${JDK_VERSION%-b*}-linux-x64.rpm" \
&& policy_zip="$(mktemp /tmp/jce_policy_XXXXXXXX.zip)" \
&& policy_tmp="$(mktemp -d /tmp/jce_policy_XXXXXXXX)" \
&& curl -skLo "$policy_zip" -H "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" \
"http://download.oracle.com/otn-pub/java/jce/${JDK_VERSION:0:1}/jce_policy-${JDK_VERSION:0:1}.zip" \
&& unzip -o "$policy_zip" "*/local_policy.jar" "*/US_export_policy.jar" -d "$policy_tmp" \
&& find "$policy_tmp" -type f -name "*.jar" -exec mv '{}' "$JRE_HOME/lib/security" ';' \
&& rm -rf "$policy_zip" "$policy_tmp" "jdk-${JDK_VERSION%-b*}-linux-x64.rpm" \
&& find / -type f -name java -exec sh -c 'test -x {} || exit 0; set -x; setcap "cap_net_bind_service=+ep" "{}"' ';' \
&& ln -s "$(find / -type f -name libjli.so | grep -v jre | head -1)" /usr/lib/libjli.so \
&& ldconfig \
&& dnf clean all \
&& curl -fsSL http://www.startssl.com/certs/ca.crt \
| $JAVA_HOME/bin/keytool -keystore $JAVA_HOME/jre/lib/security/cacerts -importcert -alias startcom.ca -storepass changeit -noprompt
# Apache Tomcat
arg TOMCAT_VERSION=8.0.33
run mkdir -p "$(dirname "$CATALINA_HOME")" \
&& curl -sL http://www.apache.org/dist/tomcat/tomcat-${TOMCAT_VERSION:0:1}/v${TOMCAT_VERSION}/bin/apache-tomcat-${TOMCAT_VERSION}.tar.gz \
| tar -zxC "$(dirname "$CATALINA_HOME")" \
&& ln -s "$(dirname $CATALINA_HOME)/apache-tomcat-${TOMCAT_VERSION}" "$CATALINA_HOME" \
&& rm -rf "$CATALINA_HOME/webapps"/*
# log4j jars
arg LOG4J_VERSION=2.4.1
run curl -sL http://www.apache.org/dist/logging/log4j/${LOG4J_VERSION}/apache-log4j-${LOG4J_VERSION}-bin.tar.gz \
| tar -zxC "${CATALINA_HOME}/lib" --strip-components 1 --wildcards --no-anchored "log4j*[0-9].jar"
# Gosu User switching
arg GOSU_VERSION=1.8
run curl -sL /bin/gosu https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-amd64 | install -m 0755 -o root -g root /dev/stdin /bin/gosu
# install libtcnative
arg CTNATIVE_VERSION=1.2.6
run dnf install -y apr tar \
&& dnf install -y openssl-devel apr-devel gcc make redhat-rpm-config \
&& curl -sL http://mirror.softaculous.com/apache/tomcat/tomcat-connectors/native/${CTNATIVE_VERSION}/source/tomcat-native-${CTNATIVE_VERSION}-src.tar.gz \
| tar -zxC /tmp --strip-components=1 \
&& cd /tmp/native \
&& ./configure --with-apr="$(command -v apr-1-config)" \
--with-java-home="$JAVA_HOME" \
--with-ssl=yes \
--prefix="/usr" \
&& make \
&& make install \
&& cd / \
&& rm -rf /tmp/* \
&& dnf remove -y apr-devel binutils cpp dwz fpc-srpm-macros gc gcc ghc-srpm-macros glibc-devel glibc-headers gnat-srpm-macros go-srpm-macros guile isl kernel-headers keyutils-libs-devel krb5-devel libcom_err-devel libselinux-devel libsepol-devel libstdc++-devel libtool-ltdl libverto-devel make mpfr ocaml-srpm-macros openssl-devel pcre-cpp pcre-devel perl-srpm-macros python-srpm-macros redhat-rpm-config zip zlib-devel \
&& dnf clean all
# create compact server.xml
run printf '<?xml version="1.0" encoding="utf-8"?><Server port="8006" shutdown="SHUTDOWN"><Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on"/><Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/><Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/><Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"/><GlobalNamingResources><Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml"/></GlobalNamingResources><Service name="Catalina"><Executor name="tomcatThreadPool" namePrefix="catalina-exec-" maxThreads="150" minSpareThreads="4"/><Connector port="80" protocol="HTTP/1.1" connectionTimeout="20000" useBodyEncodingForURI="true" redirectPort="8443"/><Connector port="81" protocol="HTTP/1.1" connectionTimeout="20000" useBodyEncodingForURI="true" redirectPort="8443" proxyName="${app.host}" proxyPort="80" scheme="http" secure="false"/><Connector port="444" protocol="HTTP/1.1" connectionTimeout="20000" useBodyEncodingForURI="true" redirectPort="8443" proxyName="${app.host}" proxyPort="443" scheme="https" secure="true"/><Engine name="Catalina" defaultHost="localhost"><Realm className="org.apache.catalina.realm.LockOutRealm"><Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/></Realm><Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true"><Context docBase="${catalina.home}/atlassian-bitbucket" path="" reloadable="false" useHttpOnly="true"/><Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log" suffix=".txt" pattern="%%h %%l %%u %%t &quot;%%r&quot; %%s %%b"/></Host></Engine></Service></Server>' > "${CATALINA_HOME}/conf/server.xml"
# install git
run dnf install -y git \
&& dnf clean all
# install atlassian bitbucket server
arg BITBUCKET_VERSION=4.5.2
run curl -sL https://www.atlassian.com/software/stash/downloads/binary/atlassian-bitbucket-${BITBUCKET_VERSION}.tar.gz \
| tar -xz -C${CATALINA_HOME} --strip-components=1 atlassian-bitbucket-${BITBUCKET_VERSION}/atlassian-bitbucket \
&& useradd -r -M -d /tmp bitbucket \
&& install -m 0775 -d -g bitbucket -o bitbucket "${CATALINA_HOME}/work/Catalina/localhost/ROOT" \
&& install -m 0775 -d -g bitbucket -o bitbucket "${CATALINA_HOME}/conf/Catalina/localhost" \
&& install -m 0775 -d -g bitbucket -o bitbucket "${CATALINA_HOME}/logs" \
&& chgrp -R bitbucket "${CATALINA_HOME}/conf/"* "${CATALINA_HOME}/work" "${CATALINA_HOME}/temp"\
&& chmod g+rwx "${CATALINA_HOME}/logs" "${CATALINA_HOME}/temp" \
&& chmod g+rwx "${CATALINA_HOME}/conf" \
&& chmod -R g+r "${CATALINA_HOME}/conf/"* \
&& chmod -R g+rwx "${CATALINA_HOME}/work"
# create entrypoint script
run printf '#!/usr/bin/env bash\n\
[[ "$TRACE" ]] && set -x\n\
set -eo pipefail\n\
[[ -z "$USE_POSTGRES" ]] || curl -sL https://jdbc.postgresql.org/download/postgresql-9.4.1208.jar | install -m 0644 -o root -g root /dev/stdin $CATALINA_HOME/lib/postgresql.jar\n\
mkdir -p "${BITBUCKET_HOME}/shared"\n\
touch "${BITBUCKET_HOME}/shared/bitbucket.properties"\n\
grep -q jdbc.ignoreunsupported= "${BITBUCKET_HOME}/shared/bitbucket.properties" || echo "jdbc.ignoreunsupported=false" >> "${BITBUCKET_HOME}/shared/bitbucket.properties"\n\
[[ -z "$JDBC_UNSUPPORTED" ]] || sed -e "s/\(jdbc.ignoreunsupported[[:space:]]*=[[:space:]]*\).*/\\1true/" -i "${BITBUCKET_HOME}/shared/bitbucket.properties"\n\
chown bitbucket:bitbucket "${BITBUCKET_HOME}"\n\
echo "app.host=${APP_HOST:-$(cat /etc/hostname)}" >> "${CATALINA_HOME}/conf/catalina.properties"\n\
cd ~bitbucket\n\
exec gosu bitbucket "${CATALINA_HOME}/bin/catalina.sh" run' | install -m 0755 -o root -g root /dev/stdin /bin/bitbucket
env BITBUCKET_HOME=/var/atlassian-data/bitbucket
entrypoint ["bitbucket"]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment