Created
May 5, 2016 16:48
-
-
Save steigr/9f0e5a0034ea12abbfd416c52c7c0376 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from fedora:rawhide | |
| # run an system update first! | |
| run dnf update -y \ | |
| && dnf clean all | |
| # basic system environment | |
| env JAVA_HOME /usr/java/default | |
| env JRE_HOME /usr/java/default/jre | |
| env CATALINA_HOME /usr/lib/tomcat/default | |
| # install Oracle JDK | |
| arg JDK_VERSION=8u92-b14 | |
| run curl -skLOH "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" \ | |
| "http://download.oracle.com/otn-pub/java/jdk/${JDK_VERSION}/jdk-${JDK_VERSION%-b*}-linux-x64.rpm" \ | |
| && dnf install -y findutils unzip tar "jdk-${JDK_VERSION%-b*}-linux-x64.rpm" \ | |
| && policy_zip="$(mktemp /tmp/jce_policy_XXXXXXXX.zip)" \ | |
| && policy_tmp="$(mktemp -d /tmp/jce_policy_XXXXXXXX)" \ | |
| && curl -skLo "$policy_zip" -H "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" \ | |
| "http://download.oracle.com/otn-pub/java/jce/${JDK_VERSION:0:1}/jce_policy-${JDK_VERSION:0:1}.zip" \ | |
| && unzip -o "$policy_zip" "*/local_policy.jar" "*/US_export_policy.jar" -d "$policy_tmp" \ | |
| && find "$policy_tmp" -type f -name "*.jar" -exec mv '{}' "$JRE_HOME/lib/security" ';' \ | |
| && rm -rf "$policy_zip" "$policy_tmp" "jdk-${JDK_VERSION%-b*}-linux-x64.rpm" \ | |
| && find / -type f -name java -exec sh -c 'test -x {} || exit 0; set -x; setcap "cap_net_bind_service=+ep" "{}"' ';' \ | |
| && ln -s "$(find / -type f -name libjli.so | grep -v jre | head -1)" /usr/lib/libjli.so \ | |
| && ldconfig \ | |
| && dnf clean all \ | |
| && curl -fsSL http://www.startssl.com/certs/ca.crt \ | |
| | $JAVA_HOME/bin/keytool -keystore $JAVA_HOME/jre/lib/security/cacerts -importcert -alias startcom.ca -storepass changeit -noprompt | |
| # Apache Tomcat | |
| arg TOMCAT_VERSION=8.0.33 | |
| run mkdir -p "$(dirname "$CATALINA_HOME")" \ | |
| && curl -sL http://www.apache.org/dist/tomcat/tomcat-${TOMCAT_VERSION:0:1}/v${TOMCAT_VERSION}/bin/apache-tomcat-${TOMCAT_VERSION}.tar.gz \ | |
| | tar -zxC "$(dirname "$CATALINA_HOME")" \ | |
| && ln -s "$(dirname $CATALINA_HOME)/apache-tomcat-${TOMCAT_VERSION}" "$CATALINA_HOME" \ | |
| && rm -rf "$CATALINA_HOME/webapps"/* | |
| # log4j jars | |
| arg LOG4J_VERSION=2.4.1 | |
| run curl -sL http://www.apache.org/dist/logging/log4j/${LOG4J_VERSION}/apache-log4j-${LOG4J_VERSION}-bin.tar.gz \ | |
| | tar -zxC "${CATALINA_HOME}/lib" --strip-components 1 --wildcards --no-anchored "log4j*[0-9].jar" | |
| # Gosu User switching | |
| arg GOSU_VERSION=1.8 | |
| run curl -sL /bin/gosu https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-amd64 | install -m 0755 -o root -g root /dev/stdin /bin/gosu | |
| # install libtcnative | |
| arg CTNATIVE_VERSION=1.2.6 | |
| run dnf install -y apr tar \ | |
| && dnf install -y openssl-devel apr-devel gcc make redhat-rpm-config \ | |
| && curl -sL http://mirror.softaculous.com/apache/tomcat/tomcat-connectors/native/${CTNATIVE_VERSION}/source/tomcat-native-${CTNATIVE_VERSION}-src.tar.gz \ | |
| | tar -zxC /tmp --strip-components=1 \ | |
| && cd /tmp/native \ | |
| && ./configure --with-apr="$(command -v apr-1-config)" \ | |
| --with-java-home="$JAVA_HOME" \ | |
| --with-ssl=yes \ | |
| --prefix="/usr" \ | |
| && make \ | |
| && make install \ | |
| && cd / \ | |
| && rm -rf /tmp/* \ | |
| && dnf remove -y apr-devel binutils cpp dwz fpc-srpm-macros gc gcc ghc-srpm-macros glibc-devel glibc-headers gnat-srpm-macros go-srpm-macros guile isl kernel-headers keyutils-libs-devel krb5-devel libcom_err-devel libselinux-devel libsepol-devel libstdc++-devel libtool-ltdl libverto-devel make mpfr ocaml-srpm-macros openssl-devel pcre-cpp pcre-devel perl-srpm-macros python-srpm-macros redhat-rpm-config zip zlib-devel \ | |
| && dnf clean all | |
| # install atlassian jira software | |
| arg JIRA_SOFWARE_VERSION=7.1.6 | |
| arg JIRA_CORE_VERSION=7.1.6 | |
| run curl -sL https://www.atlassian.com/software/jira/downloads/binary/atlassian-jira-software-${JIRA_CORE_VERSION}-jira-${JIRA_SOFWARE_VERSION}.tar.gz \ | |
| | tar -xz -C${CATALINA_HOME} --strip-components=1 atlassian-jira-software-${JIRA_CORE_VERSION}-standalone/atlassian-jira \ | |
| && useradd -r -M -d /tmp jira \ | |
| && install -m 0775 -d -g jira -o jira "${CATALINA_HOME}/work/Catalina/localhost/ROOT" \ | |
| && install -m 0775 -d -g jira -o jira "${CATALINA_HOME}/conf/Catalina/localhost" \ | |
| && install -m 0775 -d -g jira -o jira "${CATALINA_HOME}/logs" \ | |
| && chgrp -R jira "${CATALINA_HOME}/conf/"* "${CATALINA_HOME}/work" "${CATALINA_HOME}/temp"\ | |
| && chmod g+rwx "${CATALINA_HOME}/logs" "${CATALINA_HOME}/temp" \ | |
| && chmod g+rwx "${CATALINA_HOME}/conf" \ | |
| && chmod -R g+r "${CATALINA_HOME}/conf/"* \ | |
| && chmod -R g+rwx "${CATALINA_HOME}/work" | |
| # create compact server.xml | |
| run printf '<?xml version="1.0" encoding="utf-8"?><Server port="8006" shutdown="SHUTDOWN"><Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on"/><Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/><Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/><Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"/><GlobalNamingResources><Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml"/></GlobalNamingResources><Service name="Catalina"><Executor name="tomcatThreadPool" namePrefix="catalina-exec-" maxThreads="150" minSpareThreads="4"/><Connector port="80" protocol="HTTP/1.1" connectionTimeout="20000" useBodyEncodingForURI="true" redirectPort="8443"/><Connector port="81" protocol="HTTP/1.1" connectionTimeout="20000" useBodyEncodingForURI="true" redirectPort="8443" proxyName="${app.host}" proxyPort="80" scheme="http" secure="false"/><Connector port="444" protocol="HTTP/1.1" connectionTimeout="20000" useBodyEncodingForURI="true" redirectPort="8443" proxyName="${app.host}" proxyPort="443" scheme="https" secure="true"/><Engine name="Catalina" defaultHost="localhost"><Realm className="org.apache.catalina.realm.LockOutRealm"><Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/></Realm><Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true"><Context docBase="${catalina.home}/atlassian-jira" path="" reloadable="false" useHttpOnly="true"/><Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log" suffix=".txt" pattern="%%h %%l %%u %%t "%%r" %%s %%b"/></Host></Engine></Service></Server>' > "${CATALINA_HOME}/conf/server.xml" | |
| # create entrypoint script | |
| run printf '#!/usr/bin/env bash\n\ | |
| [[ "$TRACE" ]] && set -x\n\ | |
| set -eo pipefail\n\ | |
| [[ -z "$USE_POSTGRES" ]] || curl -sL https://jdbc.postgresql.org/download/postgresql-9.4.1208.jar | install -m 0644 -o root -g root /dev/stdin $CATALINA_HOME/lib/postgresql.jar\n\ | |
| chown jira:jira "${JIRA_HOME}"\n\ | |
| echo "app.host=${APP_HOST:-$(cat /etc/hostname)}" >> "${CATALINA_HOME}/conf/catalina.properties"\n\ | |
| cd ~jira\n\ | |
| exec gosu jira "${CATALINA_HOME}/bin/catalina.sh" run' | install -m 0755 -o root -g root /dev/stdin /bin/jira | |
| env JIRA_HOME=/var/atlassian-data/jira-software | |
| entrypoint ["jira"] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment