Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Volumes in Docker #509

Open
cairoapcampos opened this issue Jun 27, 2022 · 3 comments
Open

Volumes in Docker #509

cairoapcampos opened this issue Jun 27, 2022 · 3 comments

Comments

@cairoapcampos
Copy link

I found the link below on how to create volumes for webvirtcloud:

https://www.nodinrogers.com/post/2021-12-30-webvirtcloud-in-a-docker-container/

Is this the best way to create volumes in a production environment?
@cairoapcampos
Copy link
Author

cairoapcampos commented Jun 27, 2022
edited
Loading

I've already made some changes locally that have comments in bold. See the docker file below.

Some doubts:

1° Is it possible to change the script webvirtcloud/conf/runit/secret_generator.py not to generate keys that have quotes?

2° Is it possible to run the container with a non-root user?

FROM phusion/baseimage:jammy-1.0.0

EXPOSE 80
EXPOSE 6080

# Use baseimage-docker's init system.
CMD ["/sbin/my_init"]


RUN echo 'APT::Get::Clean=always;' >> /etc/apt/apt.conf.d/99AutomaticClean

RUN apt-get update -qqy \
    && DEBIAN_FRONTEND=noninteractive apt-get -qyy install \
	--no-install-recommends \
	git \
	python3-venv \
	python3-dev \
	python3-lxml \
	libvirt-dev \
	zlib1g-dev \
	nginx \
	pkg-config \
	gcc \
	libldap2-dev \
	libssl-dev \
	libsasl2-dev \
	libsasl2-modules \
    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

# Modified Now

COPY . /srv/webvirtcloud
Run mkdir /srv/webvirtcloud/data && \
   mkdir /var/www/.ssh && \
    cp /srv/webvirtcloud/webvirtcloud/settings.py.template /srv/webvirtcloud/webvirtcloud/settings.py && \
    sed -i "s|db.sqlite3|data/db.sqlite3|" /srv/webvirtcloud/webvirtcloud/settings.py && \
    sed -i "s/SECRET_KEY \= \"\"/SECRET_KEY = \"$(python3 /srv/webvirtcloud/conf/runit/secret_generator.py)\"/" /srv/webvirtcloud/webvirtcloud/settings.py && \
    chown -R www-data:www-data /srv/webvirtcloud && \
   chown www-data:www-data /var/www/.ssh

# Setup webvirtcloud
WORKDIR /srv/webvirtcloud
RUN python3 -m venv venv && \
	. venv/bin/activate && \
	pip3 install -U pip && \
	pip3 install wheel && \
	pip3 install -r conf/requirements.txt && \
	chown -R www-data:www-data /srv/webvirtcloud

RUN . venv/bin/activate && \
    python3 manage.py migrate && \
	chown -R www-data:www-data /srv/webvirtcloud

# Setup Nginx
RUN printf "\n%s" "daemon off;" >> /etc/nginx/nginx.conf && \
	rm /etc/nginx/sites-enabled/default && \
	chown -R www-data:www-data /var/lib/nginx

COPY conf/nginx/webvirtcloud.conf /etc/nginx/conf.d/

# Register services to runit
RUN	mkdir /etc/service/nginx && \
	mkdir /etc/service/nginx-log-forwarder && \
	mkdir /etc/service/webvirtcloud && \
	mkdir /etc/service/novnc
COPY conf/runit/nginx				/etc/service/nginx/run
COPY conf/runit/nginx-log-forwarder	/etc/service/nginx-log-forwarder/run
COPY conf/runit/novncd.sh			/etc/service/novnc/run
COPY conf/runit/webvirtcloud.sh		/etc/service/webvirtcloud/run

# Define mountable directories.

VOLUME ["/srv/webvirtcloud/data","/var/www/.ssh"]

WORKDIR /srv/webvirtcloud

@catborise
Copy link
Collaborator

"1° Is it possible to change the script webvirtcloud/conf/runit/secret_generator.py not to generate keys that have quotes?"

  • it is done. i will upload new version of this generator. it generates urlsafe(without quota) secrets.

we especially did not automate settings.py modification. some user may want to use mysql/postgresql instead of "db.sqlite3"...
volumes also related with this situation.

@cairoapcampos
Copy link
Author

This question can be closed.

I'll try the tip in the link to see if it's possible to use a non-root user:

phusion/baseimage-docker#617

Thanks for changing the script webvirtcloud/conf/runit/secret_generator.py.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@catborise @cairoapcampos