sandcastle-ng

Scripts for the deployment of Sandcastle (GNU Taler)
Log | Files | Refs | README

Dockerfile (5904B)

      1 FROM docker.io/library/debian:trixie AS base-system
      2 
      3 # FIXMEs:
      4 # - debian packages should be built with a nightly tag
      5 # - the final image contains all build dependencies, this isn't really necessary
      6 # - the final image contains -dev packages, not really necessary
      7 # - GNUnet build dependencies are excessive, maybe we can just build the required libs?
      8 
      9 RUN DEBIAN_FRONTEND=noninteractive \
     10   apt-get update && \
     11   apt-get -y upgrade && \
     12   apt-get --no-install-recommends install -y \
     13   autoconf \
     14   autopoint \
     15   golang \
     16   build-essential \
     17   po-debconf \
     18   debhelper-compat \
     19   apt-utils \
     20   libtool \
     21   texinfo \
     22   libgcrypt-dev \
     23   libidn11-dev \
     24   zlib1g-dev \
     25   libunistring-dev \
     26   libjansson-dev \
     27   git \
     28   libsqlite3-dev \
     29   libpq-dev \
     30   libmicrohttpd-dev \
     31   libsodium-dev \
     32   libqrencode-dev \
     33   zip \
     34   unzip \
     35   jq \
     36   meson \
     37   npm \
     38   openjdk-21-jre-headless \
     39   openjdk-21-jdk-headless \
     40   default-jre-headless \
     41   nano \
     42   procps \
     43   python3-jinja2 \
     44   python3-pip \
     45   python3-poetry-core \
     46   python3-sphinx \
     47   python3-sphinx-rtd-theme \
     48   python3-sphinx-multiversion \
     49   python3-venv \
     50   python3-dev \
     51   nodejs \
     52   iptables \
     53   miniupnpc \
     54   libextractor-dev \
     55   libbluetooth-dev \
     56   libcurl4-gnutls-dev \
     57   libogg-dev \
     58   libopus-dev \
     59   libpulse-dev \
     60   fakeroot \
     61   libzbar-dev \
     62   libltdl-dev \
     63   net-tools \
     64   python3-flask \
     65   python3-flask-babel \
     66   python3-bs4 \
     67   python3-requests \
     68   python3-click \
     69   pybuild-plugin-pyproject \
     70   pandoc
     71 
     72 # FIXME: Try to use debian packages where possible and otherwise really use
     73 # a venv or per-user installation of the package.
     74 RUN pip3 install --break-system-packages sphinx-book-theme sphinx-markdown-builder sphinxcontrib-jquery
     75 RUN npm install -g pnpm@10
     76 COPY buildscripts/sandcastle-build-generic /bin/
     77 
     78 # GNUnet
     79 FROM base-system AS gnunet
     80 COPY buildconfig/gnunet.* /buildconfig/
     81 RUN sandcastle-build-generic gnunet
     82 
     83 # Directory
     84 FROM base-system AS taler-directory
     85 COPY buildconfig/taler-directory.* /buildconfig/
     86 RUN sandcastle-build-generic taler-directory
     87 
     88 # Mailbox
     89 FROM base-system AS taler-mailbox
     90 COPY buildconfig/taler-mailbox.* /buildconfig/
     91 RUN sandcastle-build-generic taler-mailbox
     92 
     93 # Exchange
     94 FROM gnunet as taler-exchange
     95 COPY buildconfig/taler-exchange.* /buildconfig/
     96 RUN sandcastle-build-generic taler-exchange
     97 
     98 # Donau
     99 FROM taler-exchange as donau
    100 COPY buildconfig/donau.* /buildconfig/
    101 RUN sandcastle-build-generic donau
    102 
    103 # Merchant
    104 FROM donau as taler-merchant
    105 COPY buildconfig/taler-merchant.* /buildconfig/
    106 RUN sandcastle-build-generic taler-merchant
    107 
    108 # Challenger
    109 FROM taler-exchange as challenger
    110 COPY buildconfig/challenger.* /buildconfig/
    111 RUN sandcastle-build-generic challenger
    112 
    113 # Libeufin
    114 FROM base-system as libeufin
    115 COPY buildconfig/libeufin.* /buildconfig/
    116 RUN sandcastle-build-generic libeufin
    117 
    118 # Merchant demos
    119 FROM base-system as taler-merchant-demos
    120 COPY buildconfig/taler-merchant-demos.* /buildconfig/
    121 RUN sandcastle-build-generic taler-merchant-demos
    122 
    123 FROM base-system as taler-wallet-cli
    124 COPY buildconfig/taler-wallet-cli.* /buildconfig/
    125 RUN sandcastle-build-generic taler-wallet-cli
    126 
    127 FROM base-system as taler-harness
    128 COPY buildconfig/taler-harness.* /buildconfig/
    129 RUN sandcastle-build-generic taler-harness
    130 
    131 FROM base-system as taler-merchant-webui
    132 COPY buildconfig/taler-merchant-webui.* /buildconfig/
    133 RUN sandcastle-build-generic taler-merchant-webui
    134 
    135 FROM base-system as turnstile
    136 COPY buildconfig/turnstile.* /buildconfig/
    137 RUN TAG=$(cat /buildconfig/turnstile.tag) && \
    138   cd /opt/ && \
    139   git clone git://git.taler.net/turnstile \
    140   --branch $TAG
    141 
    142 # Final image
    143 FROM base-system as taler-final
    144 RUN DEBIAN_FRONTEND=noninteractive apt-get update && apt-get -y upgrade && apt-get --no-install-recommends install -y \
    145   gpg
    146 COPY apt/caddy-stable.list /etc/apt/sources.list.d/caddy-stable.list
    147 COPY apt/caddy-stable-archive-keyring.gpg /tmp/caddy-stable-archive-keyring.gpg
    148 RUN gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg /tmp/caddy-stable-archive-keyring.gpg
    149 RUN DEBIAN_FRONTEND=noninteractive apt-get update && apt-get -y upgrade && apt-get --no-install-recommends install -y \
    150   emacs \
    151   vim \
    152   curl \
    153   postgresql \
    154   bash-completion \
    155   sudo \
    156   less \
    157   caddy \
    158   s-nail \
    159   systemd-coredump \
    160   libnss3-tools \
    161   uuid-runtime \
    162   php \
    163   composer \
    164   php-pgsql \
    165   php-fpm \
    166   php-dom \
    167   php-gd \
    168   php-curl \
    169   ;
    170 
    171 RUN mkdir -p /packages
    172 COPY --from=gnunet /packages/gnunet/* /packages/
    173 COPY --from=taler-directory /packages/taler-directory/* /packages/
    174 COPY --from=taler-mailbox /packages/taler-mailbox/* /packages/
    175 COPY --from=taler-exchange /packages/taler-exchange/* /packages/
    176 COPY --from=taler-merchant /packages/taler-merchant/* /packages/
    177 COPY --from=taler-wallet-cli /packages/taler-wallet-cli/* /packages/
    178 COPY --from=taler-harness /packages/taler-harness/* /packages/
    179 COPY --from=taler-merchant-webui /packages/taler-merchant-webui/* /packages/
    180 COPY --from=libeufin /packages/libeufin/* /packages/
    181 COPY --from=taler-merchant-demos /packages/taler-merchant-demos/* /packages/
    182 COPY --from=challenger /packages/challenger/* /packages/
    183 COPY --from=donau /packages/donau/* /packages/
    184 COPY --from=turnstile /opt/turnstile /opt/turnstile
    185 RUN DEBIAN_FRONTEND=noninteractive apt-get update && apt-get -y upgrade && \
    186   apt-get install --no-install-recommends -y /packages/*.deb
    187 COPY systemd/setup-sandcastle.service /etc/systemd/system/
    188 RUN systemctl enable setup-sandcastle.service
    189 # Disable potentially problem-causing services
    190 RUN systemctl disable postgresql && \
    191     systemctl disable apache2 || true
    192 RUN sed -i /etc/postgresql/17/main/postgresql.conf -e 's/^port[ ]*=.*$/port = 5432/'
    193 # Not ready yet!
    194 #RUN systemctl disable taler-mailbox
    195 
    196 # Disable systemd services that have permission issues
    197 # and thus fail, clobbering the systemd status.
    198 RUN systemctl mask systemd-modules-load.service
    199 RUN systemctl disable proc-sys-fs-binfmt_misc.automount