From 14a165efa886c5ffaad4af7647a19087df76dba6 Mon Sep 17 00:00:00 2001 From: Stefan Schwarz Date: Fri, 8 Jan 2021 22:42:20 +0100 Subject: [PATCH] provide a docker image --- .dockerignore | 1 + docker/Dockerfile | 30 +++++++++++++++++++++++++ docker/README.md | 53 ++++++++++++++++++++++++++++++++++++++++++++ docker/autoconfig.py | 41 ++++++++++++++++++++++++++++++++++ docker/init.sh | 12 ++++++++++ 5 files changed, 137 insertions(+) create mode 100644 .dockerignore create mode 100644 docker/Dockerfile create mode 100644 docker/README.md create mode 100644 docker/autoconfig.py create mode 100755 docker/init.sh diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 00000000..9a4b4058 --- /dev/null +++ b/.dockerignore @@ -0,0 +1 @@ +docker/Dockerfile diff --git a/docker/Dockerfile b/docker/Dockerfile new file mode 100644 index 00000000..5511b241 --- /dev/null +++ b/docker/Dockerfile @@ -0,0 +1,30 @@ +FROM python:3.11-slim AS builder + +RUN true \ + && mkdir /app \ + && apt update \ + && apt install --no-install-recommends -y git \ + && python -m venv /app/env \ + && /app/env/bin/pip install wheel gunicorn + +ADD . /usr/local/src/bepasty +RUN /app/env/bin/pip install /usr/local/src/bepasty + +# --- + +FROM python:3.11-slim + +RUN true \ + && mkdir /app \ + && adduser -u 17357 --system --home /app/data --disabled-login --disabled-password paste + +ADD docker/init.sh /usr/local/bin/init.sh +COPY --from=builder /app/env /app/env + +ENV WORKERS 4 +ENV LISTEN 0.0.0.0:8000 +ENV BEPASTY_CONFIG /etc/bepasty.conf +ADD docker/autoconfig.py /etc/bepasty.conf + +USER paste +CMD /usr/local/bin/init.sh diff --git a/docker/README.md b/docker/README.md new file mode 100644 index 00000000..e17d3ac9 --- /dev/null +++ b/docker/README.md @@ -0,0 +1,53 @@ +# bepasty Docker image + +A Docker image that provides very basic configuration via environment variables. + +**Notes** + +* For a more advanced configuration mount a custom configuration to + `/etc/bepasty.conf`. +* All data will be owned by UID 17357, to change this you can use the + `--user ` option from `docker run`. + +## Quickstart + +```sh +# build from the repository root +docker build -f docker/Dockerfile -t bepasty . + +# create datadir +mkdir data +sudo chown 17357:0 data + +# run +docker run -it \ + -p 8000:8000 \ + -v $PWD/data:/app/data \ + -e BEPASTY_SECRET_KEY=$(openssl rand -hex 16) \ + -e BEPASTY_SITENAME=localhost \ + bepasty + +# visit http://localhost:8000 +``` + +## Docker image environment variables + +* `WORKERS`: Number of Gunicorn workers (default: `4`) +* `LISTEN`: IP and address to listen on (default: `0.0.0.0:8000`) +* `BEPASTY_CONFIG`: Path to bepasty configuration (default: `/etc/bepasty.conf`) + +## Bepasty environment variables + +These match the bepasty options described [here][1] + +* `BEPASTY_SITENAME` (**required**) +* `BEPASTY_APP_BASE_PATH` +* `BEPASTY_APP_STORAGE_FILESYSTEM_DIRECTORY` +* `BEPASTY_DEFAULT_PERMISSIONS` +* `BEPASTY_ADMIN_SECRET` +* `BEPASTY_SECRET_KEY` +* `BEPASTY_MAX_ALLOWED_FILE_SIZE` +* `BEPASTY_MAX_BODY_SIZE` + +[1]: https://bepasty-server.readthedocs.io/en/latest/quickstart.html#configuring-bepasty + diff --git a/docker/autoconfig.py b/docker/autoconfig.py new file mode 100644 index 00000000..92c83bb9 --- /dev/null +++ b/docker/autoconfig.py @@ -0,0 +1,41 @@ +#!/usr/bin/python + +import os +import sys + +SITENAME = os.environ.get("BEPASTY_SITENAME", None) +if SITENAME is None: + print("\n\nEnvironment variable BEPASTY_SITENAME must be set.") + sys.exit(1) + +SECRET_KEY = os.environ.get("BEPASTY_SECRET_KEY", None) +if SECRET_KEY is None: + print("\n\nEnvironment variable BEPASTY_SECRET_KEY must be set.") + sys.exit(1) + +APP_BASE_PATH = os.environ.get("BEPASTY_APP_BASE_PATH", None) + +STORAGE_FILESYSTEM_DIRECTORY = os.environ.get( + "BEPASTY_STORAGE_FILESYSTEM_DIRECTORY", "/app/data", +) + +DEFAULT_PERMISSIONS = os.environ.get("BEPASTY_DEFAULT_PERMISSIONS", "create,read") + +PERMISSIONS = {} +admin_secret = os.environ.get("BEPASTY_ADMIN_SECRET", None) +if admin_secret is not None: + PERMISSIONS.update({admin_secret: "admin,list,create,modify,read,delete"}) + +try: + max_allowed_file_size = os.environ.get("BEPASTY_MAX_ALLOWED_FILE_SIZE", 5000000000) + MAX_ALLOWED_FILE_SIZE = int(max_allowed_file_size) +except ValueError as err: + print("\n\nInvalid BEPASTY_MAX_ALLOWED_FILE_SIZE: %s", str(err)) + sys.exit(1) + +try: + max_body_size = os.environ.get("BEPASTY_MAX_BODY_SIZE", 1040384) + MAX_BODY_SIZE = int(max_body_size) +except ValueError as err: + print("\n\nInvalid BEPASTY_MAX_BODY_SIZE: %s", str(err)) + sys.exit(1) diff --git a/docker/init.sh b/docker/init.sh new file mode 100755 index 00000000..7a6a3261 --- /dev/null +++ b/docker/init.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +if [ ! -f "$BEPASTY_CONFIG" ]; then + echo "Please please mount a configuration file to '$BEPASTY_CONFIG'." + exit 1 +fi + +if ! python "$BEPASTY_CONFIG"; then + exit 1 +fi + +exec /app/env/bin/gunicorn -b "$LISTEN" --workers="$WORKERS" bepasty.wsgi:application