unquietwiki · November 6, 2018 02:07
diff --git a/confluence-Dockerfile b/confluence-Dockerfile
 FROM blacklabelops/alpine
 LABEL maintainer="Michael Adams, [email protected]"
 LABEL buildver="20181105.0"

 # Requires https://github.com/blacklabelops/confluence/blob/master/docker-entrypoint.sh

 # Reference images
 # https://github.com/blacklabelops/confluence
 # https://github.com/cptactionhank/docker-atlassian-confluence
 # https://github.com/RenanPalmeira/docker-graalvm-alpine
 # https://github.com/frol/docker-alpine-glibc

 # Reference instructions
 # https://blog.machinebox.io/deploy-docker-containers-in-google-cloud-platform-4b921c77476b
 # https://docs.docker.com/engine/reference/builder/
 # https://cloud.google.com/cloud-build/docs/quickstart-docker
 # https://confluence.atlassian.com/confkb/update-the-confluence-docker-image-to-use-oracle-jdk-829062521.html

 # Container arguments: most updates go here; update bottom section too!
 ARG ALPINE_GLIBC_PACKAGE_VERSION=2.28-r0
 ARG APPVER=6.12.1
 ARG BUILD_DATE=undefined
 ARG CONTAINER_GID=1000
 ARG CONTAINER_UID=1000
 ARG GRAALVM_VERSION=1.0.0-rc9
 ARG MSSQL_CONNVER=7.0.0
 ARG MYSQL_MARIADB_CONNVER=2.3.0
 ARG POSTGRESQL_CONNVER=42.2.5

 # Change these as needed
 ENV APPNAME=confluence
 ENV LANG=C.UTF-8
 EXPOSE 8090 8091

 # ===== Shouldn't need to update the following section, unless changing JVMs or something =====

 # Environment variables
 ENV CONF_HOME=/var/atlassian/${APPNAME}
 ENV CONF_INSTALL=/opt/atlassian/${APPNAME}
 ENV JAVA_HOME=/usr/lib/jvm/graalvm-ce-${GRAALVM_VERSION}
 ENV PATH=/usr/lib/jvm/graalvm-ce-${GRAALVM_VERSION}/bin:$PATH

 # Install necessary packages
 RUN apk add --no-cache --update busybox ca-certificates curl fontconfig font-noto gcc ghostscript graphviz gzip libc-dev \
    motif msttcorefonts-installer tar ttf-dejavu wget xmlstarlet zlib zlib-dev

 # Install glibc
 RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases/download" && \
    ALPINE_GLIBC_BASE_PACKAGE_FILENAME="glibc-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \
    ALPINE_GLIBC_BIN_PACKAGE_FILENAME="glibc-bin-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \
    ALPINE_GLIBC_I18N_PACKAGE_FILENAME="glibc-i18n-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \
    apk add --no-cache --virtual=.build-dependencies wget ca-certificates && \
    echo \
    "-----BEGIN PUBLIC KEY-----\
    MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ2u1KJKUu/fW4A25y9m\
    y70AGEa/J3Wi5ibNVGNn1gT1r0VfgeWd0pUybS4UmcHdiNzxJPgoWQhV2SSW1JYu\
    tOqKZF5QSN6X937PTUpNBjUvLtTQ1ve1fp39uf/lEXPpFpOPL88LKnDBgbh7wkCp\
    m2KzLVGChf83MS0ShL6G9EQIAUxLm99VpgRjwqTQ/KfzGtpke1wqws4au0Ab4qPY\
    KXvMLSPLUp7cfulWvhmZSegr5AdhNw5KNizPqCJT8ZrGvgHypXyiFvvAH5YRtSsc\
    Zvo9GI2e2MaZyo9/lvb+LbLEJZKEQckqRj4P26gmASrZEPStwc+yqy1ShHLA0j6m\
    1QIDAQAB\
    -----END PUBLIC KEY-----" | sed 's/   */\n/g' > "/etc/apk/keys/sgerrand.rsa.pub" && \
    wget \
    "$ALPINE_GLIBC_BASE_URL/$ALPINE_GLIBC_PACKAGE_VERSION/$ALPINE_GLIBC_BASE_PACKAGE_FILENAME" \
    "$ALPINE_GLIBC_BASE_URL/$ALPINE_GLIBC_PACKAGE_VERSION/$ALPINE_GLIBC_BIN_PACKAGE_FILENAME" \
    "$ALPINE_GLIBC_BASE_URL/$ALPINE_GLIBC_PACKAGE_VERSION/$ALPINE_GLIBC_I18N_PACKAGE_FILENAME" && \
    apk add --no-cache \
    "$ALPINE_GLIBC_BASE_PACKAGE_FILENAME" \
    "$ALPINE_GLIBC_BIN_PACKAGE_FILENAME" \
    "$ALPINE_GLIBC_I18N_PACKAGE_FILENAME" && \
    \
    rm "/etc/apk/keys/sgerrand.rsa.pub" && \
    /usr/glibc-compat/bin/localedef --force --inputfile POSIX --charmap UTF-8 "$LANG" || true && \
    echo "export LANG=$LANG" > /etc/profile.d/locale.sh && \
    \
    apk del glibc-i18n && \
    \
    rm "/root/.wget-hsts" && \
    apk del .build-dependencies && \
    rm \
    "$ALPINE_GLIBC_BASE_PACKAGE_FILENAME" \
    "$ALPINE_GLIBC_BIN_PACKAGE_FILENAME" \
    "$ALPINE_GLIBC_I18N_PACKAGE_FILENAME"

 # Installing true type fonts
 RUN update-ms-fonts && fc-cache -f -v

 # Install GraalVM
 RUN mkdir /usr/lib/jvm; \
    wget "https://github.com/oracle/graal/releases/download/vm-${GRAALVM_VERSION}/graalvm-ce-${GRAALVM_VERSION}-linux-amd64.tar.gz"; \
    tar -zxC /usr/lib/jvm -f graalvm-ce-${GRAALVM_VERSION}-linux-amd64.tar.gz; \
    rm -f graalvm-ce-${GRAALVM_VERSION}-linux-amd64.tar.gz

 # Define user & group
 RUN addgroup -g $CONTAINER_GID $APPNAME && \
    adduser -u $CONTAINER_UID -G $APPNAME -h /home/$APPNAME -s /bin/bash -S $APPNAME

 # Install Confluence
 RUN mkdir -p "${CONF_HOME}" \
    && chown -R ${CONTAINER_UID}:${CONTAINER_GID} "${CONF_HOME}" \
    && mkdir -p "${CONF_INSTALL}/conf" \
    && wget -O "/tmp/atlassian-${APPNAME}-${APPVER}.tar.gz" "http://www.atlassian.com/software/${APPNAME}/downloads/binary/atlassian-${APPNAME}-${APPVER}.tar.gz" && \
    tar xzf "/tmp/atlassian-${APPNAME}-${APPVER}.tar.gz" --strip-components=1 -C "${CONF_INSTALL}"                  && \
    echo "${APPNAME}.home=${CONF_HOME}" > "${CONF_INSTALL}/${APPNAME}/WEB-INF/classes/${APPNAME}-init.properties" && \
    # Remove old DB drivers
    rm -f "${CONF_INSTALL}/lib/mariadb-*.jar" &&  \
    rm -f "${CONF_INSTALL}/lib/mysql-*.jar"   &&  \
    rm -f "${CONF_INSTALL}/lib/postgres*.jar" &&  \
    rm -f "${CONF_INSTALL}/lib/mssql*.jar"    &&  \
    # Install MySQL/MariaDB driver
    wget -O "${CONF_INSTALL}/lib/mysql-connector-java-${MYSQL_MARIADB_CONNVER}-bin.jar" \
    "https://downloads.mariadb.com/Connectors/java/connector-java-${MYSQL_MARIADB_CONNVER}/mariadb-java-client-${MYSQL_MARIADB_CONNVER}.jar" && \
    # Install PostgreSQL driver
    wget -O "${CONF_INSTALL}/lib/postgresql-${POSTGRESQL_CONNVER}.jar" \
    "https://jdbc.postgresql.org/download/postgresql-${POSTGRESQL_CONNVER}.jar" && \
    # Install MSSQL driver
    wget -O "${CONF_INSTALL}/lib/mssql-jdbc-${MSSQL_CONNVER}.jre8.jar" \
    "https://github.com/Microsoft/mssql-jdbc/releases/download/v${MSSQL_CONNVER}/mssql-jdbc-${MSSQL_CONNVER}.jre8.jar" && \
    # Fix permissions on new drivers
    chown -R ${CONTAINER_UID}:${CONTAINER_GID} "${CONF_INSTALL}" && \
    # Adding letsencrypt-ca to truststore
    export KEYSTORE=$JAVA_HOME/jre/lib/security/cacerts && \
    wget -P /tmp/ https://letsencrypt.org/certs/letsencryptauthorityx1.der && \
    wget -P /tmp/ https://letsencrypt.org/certs/letsencryptauthorityx2.der && \
    wget -P /tmp/ https://letsencrypt.org/certs/lets-encrypt-x1-cross-signed.der && \
    wget -P /tmp/ https://letsencrypt.org/certs/lets-encrypt-x2-cross-signed.der && \
    wget -P /tmp/ https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.der && \
    wget -P /tmp/ https://letsencrypt.org/certs/lets-encrypt-x4-cross-signed.der && \
    keytool -trustcacerts -keystore $KEYSTORE -storepass changeit -noprompt -importcert -alias isrgrootx1 -file /tmp/letsencryptauthorityx1.der && \
    keytool -trustcacerts -keystore $KEYSTORE -storepass changeit -noprompt -importcert -alias isrgrootx2 -file /tmp/letsencryptauthorityx2.der && \
    keytool -trustcacerts -keystore $KEYSTORE -storepass changeit -noprompt -importcert -alias letsencryptauthorityx1 -file /tmp/lets-encrypt-x1-cross-signed.der && \
    keytool -trustcacerts -keystore $KEYSTORE -storepass changeit -noprompt -importcert -alias letsencryptauthorityx2 -file /tmp/lets-encrypt-x2-cross-signed.der && \
    keytool -trustcacerts -keystore $KEYSTORE -storepass changeit -noprompt -importcert -alias letsencryptauthorityx3 -file /tmp/lets-encrypt-x3-cross-signed.der && \
    keytool -trustcacerts -keystore $KEYSTORE -storepass changeit -noprompt -importcert -alias letsencryptauthorityx4 -file /tmp/lets-encrypt-x4-cross-signed.der && \
    # Install atlassian ssl tool
    wget -O "/home/${APPNAME}/SSLPoke.class" https://confluence.atlassian.com/kb/files/779355358/779355357/1/1441897666313/SSLPoke.class && \
    chown -R ${CONTAINER_UID}:${CONTAINER_GID} "/home/${APPNAME}" && \
    # Remove obsolete packages and cleanup
    apk del wget && \
    # Clean caches and tmps
    rm -rf /var/cache/apk/*                         &&  \
    rm -rf /tmp/*                                   &&  \
    rm -rf /var/log/*

 VOLUME ["/var/atlassian/confluence"]

 # ===== Edit below, as needed =====

 # Start application
 WORKDIR /
 COPY --chown=1000:1000 docker-entrypoint.sh docker-entrypoint.sh
 RUN ["chmod","a+x","docker-entrypoint.sh"]
 USER 1000:1000
 ENTRYPOINT ["/sbin/tini","--","/docker-entrypoint.sh"]
 CMD ["confluence"]
	FROM blacklabelops/alpine
	LABEL maintainer="Michael Adams, [email protected]"
	LABEL buildver="20181105.0"

	# Requires https://github.com/blacklabelops/confluence/blob/master/docker-entrypoint.sh

	# Reference images
	# https://github.com/blacklabelops/confluence
	# https://github.com/cptactionhank/docker-atlassian-confluence
	# https://github.com/RenanPalmeira/docker-graalvm-alpine
	# https://github.com/frol/docker-alpine-glibc

	# Reference instructions
	# https://blog.machinebox.io/deploy-docker-containers-in-google-cloud-platform-4b921c77476b
	# https://docs.docker.com/engine/reference/builder/
	# https://cloud.google.com/cloud-build/docs/quickstart-docker
	# https://confluence.atlassian.com/confkb/update-the-confluence-docker-image-to-use-oracle-jdk-829062521.html

	# Container arguments: most updates go here; update bottom section too!
	ARG ALPINE_GLIBC_PACKAGE_VERSION=2.28-r0
	ARG APPVER=6.12.1
	ARG BUILD_DATE=undefined
	ARG CONTAINER_GID=1000
	ARG CONTAINER_UID=1000
	ARG GRAALVM_VERSION=1.0.0-rc9
	ARG MSSQL_CONNVER=7.0.0
	ARG MYSQL_MARIADB_CONNVER=2.3.0
	ARG POSTGRESQL_CONNVER=42.2.5

	# Change these as needed
	ENV APPNAME=confluence
	ENV LANG=C.UTF-8
	EXPOSE 8090 8091

	# ===== Shouldn't need to update the following section, unless changing JVMs or something =====

	# Environment variables
	ENV CONF_HOME=/var/atlassian/${APPNAME}
	ENV CONF_INSTALL=/opt/atlassian/${APPNAME}
	ENV JAVA_HOME=/usr/lib/jvm/graalvm-ce-${GRAALVM_VERSION}
	ENV PATH=/usr/lib/jvm/graalvm-ce-${GRAALVM_VERSION}/bin:$PATH

	# Install necessary packages
	RUN apk add --no-cache --update busybox ca-certificates curl fontconfig font-noto gcc ghostscript graphviz gzip libc-dev \
	motif msttcorefonts-installer tar ttf-dejavu wget xmlstarlet zlib zlib-dev

	# Install glibc
	RUN ALPINE_GLIBC_BASE_URL="https://github.com/sgerrand/alpine-pkg-glibc/releases/download" && \
	ALPINE_GLIBC_BASE_PACKAGE_FILENAME="glibc-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \
	ALPINE_GLIBC_BIN_PACKAGE_FILENAME="glibc-bin-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \
	ALPINE_GLIBC_I18N_PACKAGE_FILENAME="glibc-i18n-$ALPINE_GLIBC_PACKAGE_VERSION.apk" && \
	apk add --no-cache --virtual=.build-dependencies wget ca-certificates && \
	echo \
	"-----BEGIN PUBLIC KEY-----\
	MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ2u1KJKUu/fW4A25y9m\
	y70AGEa/J3Wi5ibNVGNn1gT1r0VfgeWd0pUybS4UmcHdiNzxJPgoWQhV2SSW1JYu\
	tOqKZF5QSN6X937PTUpNBjUvLtTQ1ve1fp39uf/lEXPpFpOPL88LKnDBgbh7wkCp\
	m2KzLVGChf83MS0ShL6G9EQIAUxLm99VpgRjwqTQ/KfzGtpke1wqws4au0Ab4qPY\
	KXvMLSPLUp7cfulWvhmZSegr5AdhNw5KNizPqCJT8ZrGvgHypXyiFvvAH5YRtSsc\
	Zvo9GI2e2MaZyo9/lvb+LbLEJZKEQckqRj4P26gmASrZEPStwc+yqy1ShHLA0j6m\
	1QIDAQAB\
	-----END PUBLIC KEY-----" \| sed 's/ */\n/g' > "/etc/apk/keys/sgerrand.rsa.pub" && \
	wget \
	"$ALPINE_GLIBC_BASE_URL/$ALPINE_GLIBC_PACKAGE_VERSION/$ALPINE_GLIBC_BASE_PACKAGE_FILENAME" \
	"$ALPINE_GLIBC_BASE_URL/$ALPINE_GLIBC_PACKAGE_VERSION/$ALPINE_GLIBC_BIN_PACKAGE_FILENAME" \
	"$ALPINE_GLIBC_BASE_URL/$ALPINE_GLIBC_PACKAGE_VERSION/$ALPINE_GLIBC_I18N_PACKAGE_FILENAME" && \
	apk add --no-cache \
	"$ALPINE_GLIBC_BASE_PACKAGE_FILENAME" \
	"$ALPINE_GLIBC_BIN_PACKAGE_FILENAME" \
	"$ALPINE_GLIBC_I18N_PACKAGE_FILENAME" && \
	\
	rm "/etc/apk/keys/sgerrand.rsa.pub" && \
	/usr/glibc-compat/bin/localedef --force --inputfile POSIX --charmap UTF-8 "$LANG" \|\| true && \
	echo "export LANG=$LANG" > /etc/profile.d/locale.sh && \
	\
	apk del glibc-i18n && \
	\
	rm "/root/.wget-hsts" && \
	apk del .build-dependencies && \
	rm \
	"$ALPINE_GLIBC_BASE_PACKAGE_FILENAME" \
	"$ALPINE_GLIBC_BIN_PACKAGE_FILENAME" \
	"$ALPINE_GLIBC_I18N_PACKAGE_FILENAME"

	# Installing true type fonts
	RUN update-ms-fonts && fc-cache -f -v

	# Install GraalVM
	RUN mkdir /usr/lib/jvm; \
	wget "https://github.com/oracle/graal/releases/download/vm-${GRAALVM_VERSION}/graalvm-ce-${GRAALVM_VERSION}-linux-amd64.tar.gz"; \
	tar -zxC /usr/lib/jvm -f graalvm-ce-${GRAALVM_VERSION}-linux-amd64.tar.gz; \
	rm -f graalvm-ce-${GRAALVM_VERSION}-linux-amd64.tar.gz

	# Define user & group
	RUN addgroup -g $CONTAINER_GID $APPNAME && \
	adduser -u $CONTAINER_UID -G $APPNAME -h /home/$APPNAME -s /bin/bash -S $APPNAME

	# Install Confluence
	RUN mkdir -p "${CONF_HOME}" \
	&& chown -R ${CONTAINER_UID}:${CONTAINER_GID} "${CONF_HOME}" \
	&& mkdir -p "${CONF_INSTALL}/conf" \
	&& wget -O "/tmp/atlassian-${APPNAME}-${APPVER}.tar.gz" "http://www.atlassian.com/software/${APPNAME}/downloads/binary/atlassian-${APPNAME}-${APPVER}.tar.gz" && \
	tar xzf "/tmp/atlassian-${APPNAME}-${APPVER}.tar.gz" --strip-components=1 -C "${CONF_INSTALL}" && \
	echo "${APPNAME}.home=${CONF_HOME}" > "${CONF_INSTALL}/${APPNAME}/WEB-INF/classes/${APPNAME}-init.properties" && \
	# Remove old DB drivers
	rm -f "${CONF_INSTALL}/lib/mariadb-*.jar" && \
	rm -f "${CONF_INSTALL}/lib/mysql-*.jar" && \
	rm -f "${CONF_INSTALL}/lib/postgres*.jar" && \
	rm -f "${CONF_INSTALL}/lib/mssql*.jar" && \
	# Install MySQL/MariaDB driver
	wget -O "${CONF_INSTALL}/lib/mysql-connector-java-${MYSQL_MARIADB_CONNVER}-bin.jar" \
	"https://downloads.mariadb.com/Connectors/java/connector-java-${MYSQL_MARIADB_CONNVER}/mariadb-java-client-${MYSQL_MARIADB_CONNVER}.jar" && \
	# Install PostgreSQL driver
	wget -O "${CONF_INSTALL}/lib/postgresql-${POSTGRESQL_CONNVER}.jar" \
	"https://jdbc.postgresql.org/download/postgresql-${POSTGRESQL_CONNVER}.jar" && \
	# Install MSSQL driver
	wget -O "${CONF_INSTALL}/lib/mssql-jdbc-${MSSQL_CONNVER}.jre8.jar" \
	"https://github.com/Microsoft/mssql-jdbc/releases/download/v${MSSQL_CONNVER}/mssql-jdbc-${MSSQL_CONNVER}.jre8.jar" && \
	# Fix permissions on new drivers
	chown -R ${CONTAINER_UID}:${CONTAINER_GID} "${CONF_INSTALL}" && \
	# Adding letsencrypt-ca to truststore
	export KEYSTORE=$JAVA_HOME/jre/lib/security/cacerts && \
	wget -P /tmp/ https://letsencrypt.org/certs/letsencryptauthorityx1.der && \
	wget -P /tmp/ https://letsencrypt.org/certs/letsencryptauthorityx2.der && \
	wget -P /tmp/ https://letsencrypt.org/certs/lets-encrypt-x1-cross-signed.der && \
	wget -P /tmp/ https://letsencrypt.org/certs/lets-encrypt-x2-cross-signed.der && \
	wget -P /tmp/ https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.der && \
	wget -P /tmp/ https://letsencrypt.org/certs/lets-encrypt-x4-cross-signed.der && \
	keytool -trustcacerts -keystore $KEYSTORE -storepass changeit -noprompt -importcert -alias isrgrootx1 -file /tmp/letsencryptauthorityx1.der && \
	keytool -trustcacerts -keystore $KEYSTORE -storepass changeit -noprompt -importcert -alias isrgrootx2 -file /tmp/letsencryptauthorityx2.der && \
	keytool -trustcacerts -keystore $KEYSTORE -storepass changeit -noprompt -importcert -alias letsencryptauthorityx1 -file /tmp/lets-encrypt-x1-cross-signed.der && \
	keytool -trustcacerts -keystore $KEYSTORE -storepass changeit -noprompt -importcert -alias letsencryptauthorityx2 -file /tmp/lets-encrypt-x2-cross-signed.der && \
	keytool -trustcacerts -keystore $KEYSTORE -storepass changeit -noprompt -importcert -alias letsencryptauthorityx3 -file /tmp/lets-encrypt-x3-cross-signed.der && \
	keytool -trustcacerts -keystore $KEYSTORE -storepass changeit -noprompt -importcert -alias letsencryptauthorityx4 -file /tmp/lets-encrypt-x4-cross-signed.der && \
	# Install atlassian ssl tool
	wget -O "/home/${APPNAME}/SSLPoke.class" https://confluence.atlassian.com/kb/files/779355358/779355357/1/1441897666313/SSLPoke.class && \
	chown -R ${CONTAINER_UID}:${CONTAINER_GID} "/home/${APPNAME}" && \
	# Remove obsolete packages and cleanup
	apk del wget && \
	# Clean caches and tmps
	rm -rf /var/cache/apk/* && \
	rm -rf /tmp/* && \
	rm -rf /var/log/*

	VOLUME ["/var/atlassian/confluence"]

	# ===== Edit below, as needed =====

	# Start application
	WORKDIR /
	COPY --chown=1000:1000 docker-entrypoint.sh docker-entrypoint.sh
	RUN ["chmod","a+x","docker-entrypoint.sh"]
	USER 1000:1000
	ENTRYPOINT ["/sbin/tini","--","/docker-entrypoint.sh"]
	CMD ["confluence"]