sandcastle-ng

Scripts for the deployment of Sandcastle (GNU Taler)
Log | Files | Refs | README

Dockerfile (5936B)

      1 FROM docker.io/library/debian:trixie AS base-system
      2 
      3 # FIXMEs:
      4 # - debian packages should be built with a nightly tag
      5 # - the final image contains all build dependencies, this isn't really necessary
      6 # - the final image contains -dev packages, not really necessary
      7 # - GNUnet build dependencies are excessive, maybe we can just build the required libs?
      8 
      9 RUN DEBIAN_FRONTEND=noninteractive \
     10   apt-get update && \
     11   apt-get -y upgrade && \
     12   apt-get --no-install-recommends install -y \
     13   autoconf \
     14   autopoint \
     15   golang \
     16   build-essential \
     17   po-debconf \
     18   debhelper-compat \
     19   apt-utils \
     20   libtool \
     21   texinfo \
     22   libgcrypt-dev \
     23   libidn11-dev \
     24   zlib1g-dev \
     25   libunistring-dev \
     26   libjansson-dev \
     27   git \
     28   libsqlite3-dev \
     29   libpq-dev \
     30   libmicrohttpd-dev \
     31   libsodium-dev \
     32   libqrencode-dev \
     33   zip \
     34   unzip \
     35   jq \
     36   meson \
     37   npm \
     38   openjdk-21-jre-headless \
     39   openjdk-21-jdk-headless \
     40   default-jre-headless \
     41   nano \
     42   procps \
     43   python3-jinja2 \
     44   python3-pip \
     45   python3-poetry-core \
     46   python3-sphinx \
     47   python3-sphinx-rtd-theme \
     48   python3-sphinx-multiversion \
     49   python3-venv \
     50   python3-dev \
     51   nodejs \
     52   iptables \
     53   miniupnpc \
     54   libextractor-dev \
     55   libbluetooth-dev \
     56   libcurl4-gnutls-dev \
     57   libogg-dev \
     58   libopus-dev \
     59   libpulse-dev \
     60   fakeroot \
     61   libzbar-dev \
     62   libltdl-dev \
     63   net-tools \
     64   python3-flask \
     65   python3-flask-babel \
     66   python3-bs4 \
     67   python3-requests \
     68   python3-click \
     69   pybuild-plugin-pyproject \
     70   pandoc \
     71   devscripts \
     72   equivs \
     73   ;
     74 
     75 # FIXME: Try to use debian packages where possible and otherwise really use
     76 # a venv or per-user installation of the package.
     77 RUN pip3 install --break-system-packages sphinx-book-theme sphinx-markdown-builder sphinxcontrib-jquery
     78 RUN npm install -g pnpm@10
     79 COPY buildscripts/sandcastle-build-generic /bin/
     80 
     81 # GNUnet
     82 FROM base-system AS gnunet
     83 COPY buildconfig/gnunet.* /buildconfig/
     84 RUN sandcastle-build-generic gnunet
     85 
     86 # Directory
     87 FROM base-system AS taler-directory
     88 COPY buildconfig/taler-directory.* /buildconfig/
     89 RUN sandcastle-build-generic taler-directory
     90 
     91 # Mailbox
     92 FROM base-system AS taler-mailbox
     93 COPY buildconfig/taler-mailbox.* /buildconfig/
     94 RUN sandcastle-build-generic taler-mailbox
     95 
     96 # Exchange
     97 FROM gnunet as taler-exchange
     98 COPY buildconfig/taler-exchange.* /buildconfig/
     99 RUN sandcastle-build-generic taler-exchange
    100 
    101 # Donau
    102 FROM taler-exchange as donau
    103 COPY buildconfig/donau.* /buildconfig/
    104 RUN sandcastle-build-generic donau
    105 
    106 # Merchant
    107 FROM donau as taler-merchant
    108 COPY buildconfig/taler-merchant.* /buildconfig/
    109 RUN sandcastle-build-generic taler-merchant
    110 
    111 # Challenger
    112 FROM taler-exchange as challenger
    113 COPY buildconfig/challenger.* /buildconfig/
    114 RUN sandcastle-build-generic challenger
    115 
    116 # Libeufin
    117 FROM base-system as libeufin
    118 COPY buildconfig/libeufin.* /buildconfig/
    119 RUN sandcastle-build-generic libeufin
    120 
    121 # Merchant demos
    122 FROM base-system as taler-merchant-demos
    123 COPY buildconfig/taler-merchant-demos.* /buildconfig/
    124 RUN sandcastle-build-generic taler-merchant-demos
    125 
    126 FROM base-system as taler-wallet-cli
    127 COPY buildconfig/taler-wallet-cli.* /buildconfig/
    128 RUN sandcastle-build-generic taler-wallet-cli
    129 
    130 FROM base-system as taler-harness
    131 COPY buildconfig/taler-harness.* /buildconfig/
    132 RUN sandcastle-build-generic taler-harness
    133 
    134 FROM base-system as taler-merchant-webui
    135 COPY buildconfig/taler-merchant-webui.* /buildconfig/
    136 RUN sandcastle-build-generic taler-merchant-webui
    137 
    138 FROM base-system as turnstile
    139 COPY buildconfig/turnstile.* /buildconfig/
    140 RUN TAG=$(cat /buildconfig/turnstile.tag) && \
    141   cd /opt/ && \
    142   git clone git://git.taler.net/turnstile \
    143   --branch $TAG
    144 
    145 # Final image
    146 FROM base-system as taler-final
    147 RUN DEBIAN_FRONTEND=noninteractive apt-get update && apt-get -y upgrade && apt-get --no-install-recommends install -y \
    148   gpg
    149 COPY apt/caddy-stable.list /etc/apt/sources.list.d/caddy-stable.list
    150 COPY apt/caddy-stable-archive-keyring.gpg /tmp/caddy-stable-archive-keyring.gpg
    151 RUN gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg /tmp/caddy-stable-archive-keyring.gpg
    152 RUN DEBIAN_FRONTEND=noninteractive apt-get update && apt-get -y upgrade && apt-get --no-install-recommends install -y \
    153   emacs \
    154   vim \
    155   curl \
    156   postgresql \
    157   bash-completion \
    158   sudo \
    159   less \
    160   caddy \
    161   s-nail \
    162   systemd-coredump \
    163   libnss3-tools \
    164   uuid-runtime \
    165   php \
    166   composer \
    167   php-pgsql \
    168   php-fpm \
    169   php-dom \
    170   php-gd \
    171   php-curl \
    172   ;
    173 
    174 RUN mkdir -p /packages
    175 COPY --from=gnunet /packages/gnunet/* /packages/
    176 COPY --from=taler-directory /packages/taler-directory/* /packages/
    177 COPY --from=taler-mailbox /packages/taler-mailbox/* /packages/
    178 COPY --from=taler-exchange /packages/taler-exchange/* /packages/
    179 COPY --from=taler-merchant /packages/taler-merchant/* /packages/
    180 COPY --from=taler-wallet-cli /packages/taler-wallet-cli/* /packages/
    181 COPY --from=taler-harness /packages/taler-harness/* /packages/
    182 COPY --from=taler-merchant-webui /packages/taler-merchant-webui/* /packages/
    183 COPY --from=libeufin /packages/libeufin/* /packages/
    184 COPY --from=taler-merchant-demos /packages/taler-merchant-demos/* /packages/
    185 COPY --from=challenger /packages/challenger/* /packages/
    186 COPY --from=donau /packages/donau/* /packages/
    187 COPY --from=turnstile /opt/turnstile /opt/turnstile
    188 RUN DEBIAN_FRONTEND=noninteractive apt-get update && apt-get -y upgrade && \
    189   apt-get install --no-install-recommends -y /packages/*.deb
    190 COPY systemd/setup-sandcastle.service /etc/systemd/system/
    191 RUN systemctl enable setup-sandcastle.service
    192 # Disable potentially problem-causing services
    193 RUN systemctl disable postgresql && \
    194     systemctl disable apache2 || true
    195 RUN sed -i /etc/postgresql/17/main/postgresql.conf -e 's/^port[ ]*=.*$/port = 5432/'
    196 # Not ready yet!
    197 #RUN systemctl disable taler-mailbox
    198 
    199 # Disable systemd services that have permission issues
    200 # and thus fail, clobbering the systemd status.
    201 RUN systemctl mask systemd-modules-load.service
    202 RUN systemctl disable proc-sys-fs-binfmt_misc.automount