copy unmodified Docker files from Manifold repos

Sources:
- https://github.com/ManifoldScholar/manifold-docker-compose/tree/v8.1.1
  - docker-compose.yml
  - environment/*
- https://github.com/ManifoldScholar/manifold-docker-build/tree/v8.1.1
  - dockerfiles/*

docker-compose.yml

@@ -0,0 +1,94 @@
+# Copied from github.com/ManifoldScholar/manifold-docker-compose (v8.1.1)
+version: "3"
+services:
+  postgres:
+    image: postgres:11-alpine
+    volumes:
+      - ./data/postgres:/var/lib/postgresql/data
+    environment:
+      POSTGRES_DB: 'manifold_production'
+      POSTGRES_HOST_AUTH_METHOD: 'trust'
+    networks:
+      - network1
+  elasticsearch:
+    image: docker.elastic.co/elasticsearch/elasticsearch:5.6.7
+    environment:
+      ES_JAVA_OPTS: "-Xms512m -Xmx512m"
+      xpack.security.enabled: 'false'
+    networks:
+      - network1
+  redis:
+    image: redis:alpine
+    volumes:
+      - ./data/redis:/data
+    networks:
+      - network1
+  api_cable:
+    image: manifoldscholarship/manifold-api:${MANIFOLD_TAG}
+    volumes:
+      - ./data/api/public:/opt/manifold/api/public
+      - ./data/sockets:/manifold_sockets
+    env_file:
+      - ./environment/manifold.env
+    networks:
+      - network1
+    command: ["./start-and-run", "bin/cable"]
+  api_clockwork:
+    image: manifoldscholarship/manifold-api:${MANIFOLD_TAG}
+    volumes:
+      - ./data/api/public:/opt/manifold/api/public
+      - ./data/sockets:/manifold_sockets
+    env_file:
+      - ./environment/manifold.env
+      - ./environment/rails.env
+    networks:
+      - network1
+    command: ["./start-and-run", "bin/zhong zhong.rb"]
+  api_rails:
+    image: manifoldscholarship/manifold-api:${MANIFOLD_TAG}
+    volumes:
+      - ./data/api/public:/opt/manifold/api/public
+      - ./data/sockets:/manifold_sockets
+    env_file:
+      - ./environment/manifold.env
+    command: ["./start-and-run", "bin/puma -C config/puma.rb"]
+    networks:
+      - network1
+  api_sidekiq:
+    image: manifoldscholarship/manifold-api:${MANIFOLD_TAG}
+    volumes:
+      - ./data/api/public:/opt/manifold/api/public
+      - ./data/sockets:/manifold_sockets
+    env_file:
+      - ./environment/manifold.env
+    networks:
+      - network1
+    command: ["./start-and-run", "bin/sidekiq"]
+  client:
+    image: manifoldscholarship/manifold-client:${MANIFOLD_TAG}
+    env_file:
+      - ./environment/manifold.env
+    volumes:
+      - ./data/api/public:/opt/manifold/api/public
+      - ./data/sockets:/manifold_sockets
+    command: yarn run start-docker
+    networks:
+      - network1
+  proxy:
+    image: manifoldscholarship/manifold-nginx:${MANIFOLD_TAG}
+    volumes:
+      - ./data/nginx/ssl:/etc/nginx/ssl
+      - ./data/api/public:/opt/manifold/api/public
+      - ./data/sockets:/manifold_sockets
+    ports:
+     - "4000:80"
+     - "4001:443"
+    command: ["start-nginx"]
+    networks:
+      - network1
+#volumes:
+#  manifold_data:
+#  manifold_sockets:
+
+networks:
+  network1:

dockerfiles/manifold-api-dev/Dockerfile

@@ -0,0 +1,18 @@
+FROM ruby:2.7.8
+RUN apt-get -o Acquire::Check-Valid-Until=false update
+RUN apt-get install -y libicu-dev postgresql-client nano curl software-properties-common ghostscript
+
+# We need Node and Mammoth for Word text ingestion
+RUN curl -sL https://deb.nodesource.com/setup_16.x | bash -
+RUN apt-get install -y nodejs
+RUN npm install -g mammoth@^1.4.16
+
+RUN sed -i '/<policy domain="coder" rights="none" pattern="PDF" \/>/d' \
+    /etc/ImageMagick-6/policy.xml
+
+COPY manifold-src /opt/manifold
+WORKDIR /opt/manifold/api
+ENV RAILS_LOG_TO_STDOUT=1
+RUN gem install bundler:2.2.19
+RUN bundle install
+COPY dockerfiles/manifold-api/scripts/start-and-run /opt/manifold/api/start-and-run

dockerfiles/manifold-api-dev/scripts/start-and-run

@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+# start-and-run [...]
+set -e
+
+CMD="$@"
+
+# Wait for PostgreSQL
+until psql -h ${RAILS_DB_HOST} -U ${RAILS_DB_USER} -c '\q'; do
+  >&2 echo "Postgres is unavailable - sleeping"
+  sleep 1
+done
+
+>&2 echo "Postgres is up - executing command"
+
+# Setup PostgreSQL Database
+bin/rails db:migrate && bin/rails db:seed
+
+# Run additional command(s) added to docker-compose.yml
+exec ${CMD}

dockerfiles/manifold-api/Dockerfile

@@ -0,0 +1,19 @@
+FROM ruby:2.7.8
+RUN apt-get -o Acquire::Check-Valid-Until=false update
+RUN apt-get install -y libicu-dev postgresql-client nano curl software-properties-common ghostscript
+
+# We need Node and Mammoth for Word text ingestion
+RUN curl -sL https://deb.nodesource.com/setup_16.x | bash -
+RUN apt-get install -y nodejs
+RUN npm install -g mammoth@^1.4.16
+ENV MAMMOTH_PATH=/usr/lib/node_modules/mammoth/bin/mammoth
+
+RUN sed -i '/<policy domain="coder" rights="none" pattern="PDF" \/>/d' \
+    /etc/ImageMagick-6/policy.xml
+
+COPY manifold-src/api /opt/manifold/api
+WORKDIR /opt/manifold/api
+ENV RAILS_LOG_TO_STDOUT=1
+RUN gem install bundler:2.2.17
+RUN bundle install
+COPY dockerfiles/manifold-api/scripts/start-and-run /opt/manifold/api/start-and-run

dockerfiles/manifold-api/scripts/start-and-run

@@ -0,0 +1,19 @@
+#!/usr/bin/env bash
+# start-and-run [...]
+set -e
+
+CMD="$@"
+
+# Wait for PostgreSQL
+until psql -h ${RAILS_DB_HOST} -U ${RAILS_DB_USER} -c '\q'; do
+  >&2 echo "Postgres is unavailable - sleeping"
+  sleep 1
+done
+
+>&2 echo "Postgres is up - executing command"
+
+# Setup PostgreSQL Database
+bin/rails db:migrate && bin/rails db:seed
+
+# Run additional command(s) added to docker-compose.yml
+exec ${CMD}

dockerfiles/manifold-client/Dockerfile

@@ -0,0 +1,5 @@
+FROM node:16.16.0
+COPY manifold-src/client /opt/manifold/client
+WORKDIR /opt/manifold/client
+RUN yarn install
+RUN cat /dev/null > /opt/manifold/client/dist/manifold/ssr/ssr.config.js

dockerfiles/manifold-nginx/Dockerfile

@@ -0,0 +1,16 @@
+FROM nginx:1.25
+
+RUN apt-get -o Acquire::Check-Valid-Until=false update
+RUN apt-get install -y openssl
+
+COPY dockerfiles/manifold-nginx/config/default.conf /etc/nginx/conf.d/default.conf
+
+COPY dockerfiles/manifold-nginx/includes/manifold-client-local /etc/nginx/includes/manifold-client-local
+COPY dockerfiles/manifold-nginx/includes/manifold-server-local /etc/nginx/includes/manifold-server-local
+
+COPY dockerfiles/manifold-nginx/scripts/install-self-signed-cert /usr/local/bin/install-self-signed-cert
+COPY dockerfiles/manifold-nginx/scripts/start-nginx /usr/local/bin/start-nginx
+
+VOLUME ["/manifold_sockets","/manifold_data"]
+
+EXPOSE 80 443

dockerfiles/manifold-nginx/config/default.conf

@@ -0,0 +1,111 @@
+upstream manifold_api {
+  server unix:/manifold_sockets/manifold-api;
+ }
+
+ upstream manifold_cable {
+  server unix:/manifold_sockets/manifold-cable;
+ }
+
+ upstream manifold_client {
+  server unix:/manifold_sockets/manifold-client;
+ }
+
+server {
+  listen 80;
+  listen 443 ssl;
+  root /opt/manifold/client/dist/build/client/build;
+
+  ssl_certificate           /etc/nginx/ssl/manifold.crt;
+  ssl_certificate_key       /etc/nginx/ssl/manifold.key;
+  ssl_session_timeout 1d;
+  ssl_session_cache shared:SSL:50m;
+  ssl_session_tickets off;
+
+  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+  ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256;
+  ssl_ecdh_curve secp384r1;
+  ssl_prefer_server_ciphers on;
+
+  add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload";
+  add_header X-Frame-Options DENY;
+  add_header X-Content-Type-Options nosniff;
+
+  include includes/manifold-server-local;
+
+  client_max_body_size 100M;
+  client_body_timeout 600s;
+  proxy_send_timeout 600s;
+  proxy_read_timeout 600s;
+
+  error_page 500 502 503 504 /50x.html;
+
+  location = /50x.html {
+      root  /opt/manifold/client/dist/build/client/build/static;
+    }
+
+  location /api {
+
+    location ~ ^/(api/static|api/sidekiq/images|api/sidekiq/stylesheets|api/sidekiq/javascripts)/ {
+      root /opt/manifold/api/public;
+    }
+
+    proxy_set_header X-Forwarded-Host $http_host;
+    proxy_set_header X-Forwarded-For $remote_addr;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Forwarded-Port $server_port;
+    proxy_set_header X-Sendfile-Type X-Accel-Redirect;
+    proxy_set_header X-Accel-Mapping /opt/manifold/api/public=/__send_file_accel/;
+    proxy_pass http://manifold_api;
+  }
+
+  location /__send_file_accel {
+    internal;
+    alias /opt/manifold/api/public;
+  }
+
+  location /system {
+    root /opt/manifold/api/public;
+  }
+
+  location /auth {
+    proxy_set_header X-Forwarded-Host $http_host;
+    proxy_set_header X-Forwarded-For $remote_addr;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Forwarded-Port $server_port;
+    proxy_pass http://manifold_api;
+  }
+
+  location /cable {
+    proxy_http_version 1.1;
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection "Upgrade";
+    proxy_set_header X-Forwarded-Host $http_host;
+    proxy_set_header X-Forwarded-For $remote_addr;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Forwarded-Port $server_port;
+    proxy_pass http://manifold_cable;
+  }
+
+  location / {
+
+    include includes/manifold-client-local;
+
+    proxy_set_header X-Forwarded-Host $http_host;
+    proxy_set_header X-Forwarded-For $remote_addr;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Forwarded-Port $server_port;
+
+    if (-f $request_filename/index.html) {
+      rewrite (.*) $1/index.html break;
+    }
+
+    if (-f $request_filename.html) {
+      rewrite (.*) $1.html break;
+    }
+
+    if (!-f $request_filename) {
+      proxy_pass http://manifold_client;
+      break;
+    }
+  }
+}

dockerfiles/manifold-nginx/scripts/install-self-signed-cert

@@ -0,0 +1,26 @@
+#!/usr/bin/env bash
+
+LOCATION="Portland"
+COUNTRY="US"
+STATE="Oregon"
+ORGANIZATION="Manifold Scholarship"
+UNIT="Web"
+COMMONNAME="127.0.0.1"
+KEYNAME="manifold"
+DIR="/etc/nginx/ssl"
+SUBJECT="/C=${COUNTRY}/ST=${STATE}/L=${LOCATION}/O=${ORGANIZATION}/OU=${UNIT}/CN=${COMMONNAME}"
+CERTPATH="${DIR}/${KEYNAME}.crt"
+KEYPATH="${DIR}/${KEYNAME}.key"
+
+
+if [ -f $CERTPATH ]; then
+  exit
+fi
+
+if [ -f $KEYPATH ]; then
+  exit
+fi
+
+mkdir -p $DIR
+echo "Creating self-signed certificate..."
+openssl req -new -newkey rsa:2048 -x509 -sha256 -days 730 -nodes -out $CERTPATH -keyout $KEYPATH -subj "${SUBJECT}"

dockerfiles/manifold-nginx/scripts/start-nginx

@@ -0,0 +1,6 @@
+#!/usr/bin/env bash
+set -e
+
+install-self-signed-cert
+echo "Starting Nginx..."
+nginx -g 'daemon off;'

environment/manifold.env

@@ -0,0 +1,30 @@
+##########################################################################################
+# Manifold Service Configuration
+##########################################################################################
+
+DOMAIN=127.0.0.1:4000
+
+CLIENT_BROWSER_API_URL=http://127.0.0.1:4000
+CLIENT_BROWSER_API_CABLE_URL=http://127.0.0.1:4000/cable
+
+SSL_ENABLED=false
+
+API_PORT=3020
+API_SOCKET=/manifold_sockets/manifold-api
+API_CABLE_SOCKET=/manifold_sockets/manifold-cable
+
+CLIENT_SERVER_SOCKET=/manifold_sockets/manifold-client
+CLIENT_SERVER_API_URL=http://api_rails:3020
+NODE_ENV=production
+
+ELASTICSEARCH_URL=http://elasticsearch:9200
+
+CLIENT_SERVER_PROXIES=true
+RAILS_ENV=production
+RAILS_SECRET_KEY=6234a9eada2709680e0db091d48fe7973f6eb23f413d9b5c2b9d17149c9e38e7309a897b6a5231297b89ac6d3c7494d40c7d6454f342c04f8743482f610016aa
+RAILS_DB_USER=postgres
+RAILS_DB_PASS=
+RAILS_DB_HOST=postgres
+RAILS_DB_PORT=5432
+RAILS_DB_NAME=manifold_production
+RAILS_REDIS_URL=redis://redis:6379

environment/rails.env

@@ -0,0 +1,7 @@
+RAILS_DB_USER=postgres
+RAILS_DB_PASS=
+RAILS_DB_HOST=postgres
+RAILS_DB_PORT=5432
+RAILS_DB_NAME=manifold_production
+RAILS_REDIS_URL=redis://redis:6379
+SERVER_PORT=4000