diff --git a/config/Dockerfile b/config/Dockerfile index db986e1a..a17a3559 100644 --- a/config/Dockerfile +++ b/config/Dockerfile @@ -1,5 +1,5 @@ ARG BUILDER_IMAGE=registry.altlinux.org/basealt/altsp:c10f1 -ARG BACKEND_IMAGE=tomcat:9.0.93-jre17 +ARG BACKEND_IMAGE=repo.micord.ru/alt/alt-tomcat:c10f1-9.0.59-20240903 ARG FRONTEND_IMAGE=docker.angie.software/angie:latest FROM $BUILDER_IMAGE AS builder @@ -24,21 +24,24 @@ RUN mkdir -p $HOME/.m2 \ && mvn package -T4C ${MVN_FLAGS} -FROM $BACKEND_IMAGE AS backend FROM $BACKEND_IMAGE AS backend ARG ADMIN_PASSWORD=Secr3t -COPY config/tomcat /usr/local/tomcat +USER root -RUN rm -rf /usr/local/tomcat/webapps/ROOT \ - && cat /usr/local/tomcat/conf/webbpm.properties >> /usr/local/tomcat/conf/catalina.properties \ - && sed -i -r "s//$ADMIN_PASSWORD/g" /usr/local/tomcat/conf/tomcat-users.xml +COPY config/tomcat / -COPY --from=builder /app/backend/target/dashboard.war /usr/local/tomcat/webapps/dashboard.war +RUN cat /etc/tomcat/webbpm.properties >> /etc/tomcat/catalina.properties \ + && sed -i -r "s//$ADMIN_PASSWORD/g" /etc/tomcat/tomcat-users.xml \ + && chown root:tomcat /var/lib/tomcat/webapps \ + && chmod g+rw /var/lib/tomcat/webapps +USER tomcat + +COPY --from=builder /app/backend/target/dashboard.war /var/lib/tomcat/webapps/dashboard.war FROM backend AS combo -COPY --from=builder /app/frontend/target/frontend*.war /usr/local/tomcat/webapps/ROOT.war +COPY --from=builder /app/frontend/target/frontend*.war /var/lib/tomcat/webapps/ROOT.war FROM $FRONTEND_IMAGE AS frontend diff --git a/config/Dockerfile.TC b/config/Dockerfile.TC index 98fb48df..4ffefa41 100644 --- a/config/Dockerfile.TC +++ b/config/Dockerfile.TC @@ -1,13 +1,22 @@ #Dockerfile for TeamCity build "run in docker" -FROM tomcat:9.0.93-jre17 +FROM repo.micord.ru/alt/alt-tomcat:c10f1-9.0.59-20240903 ARG ADMIN_PASSWORD=Secr3t -COPY config/tomcat /usr/local/tomcat +USER root -RUN rm -rf /usr/local/tomcat/webapps/ROOT \ - && cat /usr/local/tomcat/conf/webbpm.properties >> /usr/local/tomcat/conf/catalina.properties \ - && sed -i -r "s//$ADMIN_PASSWORD/g" /usr/local/tomcat/conf/tomcat-users.xml +COPY tomcat / -COPY frontend.war /usr/local/tomcat/webapps/ROOT.war -COPY dashboard.war /usr/local/tomcat/webapps/dashboard.war +RUN cat /etc/tomcat/webbpm.properties >> /etc/tomcat/catalina.properties \ + && sed -i -r "s//$ADMIN_PASSWORD/g" /etc/tomcat/tomcat-users.xml \ + && chown root:tomcat /var/lib/tomcat/webapps \ + && chmod g+rw /var/lib/tomcat/webapps + +COPY frontend.war /var/lib/tomcat/webapps/ROOT.war +COPY dashboard.war /var/lib/tomcat/webapps/dashboard.war + +USER tomcat + +EXPOSE 8080 + +ENTRYPOINT ["/entrypoint.sh"] diff --git a/config/Dockerfile.alt b/config/Dockerfile.alt new file mode 100644 index 00000000..3993ca0c --- /dev/null +++ b/config/Dockerfile.alt @@ -0,0 +1,49 @@ +ARG BUILDER_IMAGE=registry.altlinux.org/basealt/altsp:c10f1 +ARG RUNTIME_IMAGE=registry.altlinux.org/basealt/altsp:c10f1 + +FROM $BUILDER_IMAGE AS builder + +ARG MVN_FLAGS="-Pprod" + +RUN apt-get update \ + && apt-get -y install git glibc-locales java-17-openjdk-devel maven node \ + && apt-get clean + +WORKDIR /app + +COPY . . + +ENV JAVA_HOME=/usr/lib/jvm/java +ENV LANG ru_RU.UTF-8 +ENV LANGUAGE ru_RU.UTF-8 +ENV LC_ALL ru_RU.UTF-8 + +RUN mvn clean \ + && mvn package -T4C ${MVN_FLAGS} + +FROM $RUNTIME_IMAGE +ARG ADMIN_PASSWORD=Secr3t + +COPY config/entrypoint.sh /entrypoint.sh + +RUN apt-get update \ + && apt-get -y install glibc-locales java-17-openjdk-headless mc \ + tomcat tomcat-admin-webapps \ + && apt-get clean \ + && chmod +x /entrypoint.sh + +COPY config/tomcat / + +RUN cat /etc/tomcat/webbpm.properties >> /etc/tomcat/catalina.properties \ + && sed -i -r "s//$ADMIN_PASSWORD/g" /etc/tomcat/tomcat-users.xml \ + && chown root:tomcat /var/lib/tomcat/webapps \ + && chmod g+rw /var/lib/tomcat/webapps + +COPY --from=builder /app/frontend/target/frontend*.war /var/lib/tomcat/webapps/ROOT.war +COPY --from=builder /app/backend/target/dashboard*.war /var/lib/tomcat/webapps/dashboard.war + +USER tomcat + +EXPOSE 8080 + +ENTRYPOINT ["/entrypoint.sh"] diff --git a/config/Dockerfile.backend b/config/Dockerfile.backend index db45f9c1..0156cd69 100644 --- a/config/Dockerfile.backend +++ b/config/Dockerfile.backend @@ -1,5 +1,5 @@ ARG BUILDER_IMAGE=registry.altlinux.org/basealt/altsp:c10f1 -ARG RUNTIME_IMAGE=tomcat:9.0.93-jre17 +ARG RUNTIME_IMAGE=repo.micord.ru/alt/alt-tomcat:c10f1-9.0.59-20240903 FROM $BUILDER_IMAGE AS builder @@ -26,10 +26,15 @@ RUN mkdir -p $HOME/.m2 \ FROM $RUNTIME_IMAGE ARG ADMIN_PASSWORD=Secr3t -COPY config/tomcat /usr/local/tomcat +USER root -RUN rm -rf /usr/local/tomcat/webapps/ROOT \ - && cat /usr/local/tomcat/conf/webbpm.properties >> /usr/local/tomcat/conf/catalina.properties \ - && sed -i -r "s//$ADMIN_PASSWORD/g" /usr/local/tomcat/conf/tomcat-users.xml +COPY config/tomcat / -COPY --from=builder /app/backend/target/dashboard*.war /usr/local/tomcat/webapps/dashboard.war +RUN cat /etc/tomcat/webbpm.properties >> /etc/tomcat/catalina.properties \ + && sed -i -r "s//$ADMIN_PASSWORD/g" /etc/tomcat/tomcat-users.xml \ + && chown root:tomcat /var/lib/tomcat/webapps \ + && chmod g+rw /var/lib/tomcat/webapps + +USER tomcat + +COPY --from=builder /app/backend/target/dashboard*.war /var/lib/tomcat/webapps/dashboard.war diff --git a/config/entrypoint.sh b/config/entrypoint.sh new file mode 100644 index 00000000..30216362 --- /dev/null +++ b/config/entrypoint.sh @@ -0,0 +1,6 @@ +#! /bin/bash + +. /etc/tomcat/tomcat.conf +. /etc/sysconfig/tomcat + +/usr/libexec/tomcat/server start diff --git a/config/tomcat/bin/setenv.sh b/config/tomcat/etc/tomcat/conf.d/db.conf similarity index 77% rename from config/tomcat/bin/setenv.sh rename to config/tomcat/etc/tomcat/conf.d/db.conf index 8b69e674..8d7facd2 100644 --- a/config/tomcat/bin/setenv.sh +++ b/config/tomcat/etc/tomcat/conf.d/db.conf @@ -1,9 +1,8 @@ -#!/usr/bin/env bash - -export JAVA_OPTS="$JAVA_OPTS \ +JDK_JAVA_OPTIONS="$JDK_JAVA_OPTIONS \ -Ddb.app.host=${DB_APP_HOST:-db} \ -Ddb.app.port=${DB_APP_PORT:-5432} \ -Ddb.app.name=${DB_APP_NAME:-app} \ -Ddb.app.username=${DB_APP_USERNAME:-app_user} \ -Ddb.app.password=${DB_APP_PASSWORD:-apppassword} \ " +export JDK_JAVA_OPTIONS \ No newline at end of file diff --git a/config/tomcat/conf/context.xml b/config/tomcat/etc/tomcat/context.xml similarity index 96% rename from config/tomcat/conf/context.xml rename to config/tomcat/etc/tomcat/context.xml index 92d999c7..9b2a765f 100644 --- a/config/tomcat/conf/context.xml +++ b/config/tomcat/etc/tomcat/context.xml @@ -29,7 +29,7 @@ --> - diff --git a/config/tomcat/conf/tomcat-users.xml b/config/tomcat/etc/tomcat/tomcat-users.xml similarity index 100% rename from config/tomcat/conf/tomcat-users.xml rename to config/tomcat/etc/tomcat/tomcat-users.xml diff --git a/config/tomcat/etc/tomcat/tomcat.conf b/config/tomcat/etc/tomcat/tomcat.conf new file mode 100644 index 00000000..c4090b26 --- /dev/null +++ b/config/tomcat/etc/tomcat/tomcat.conf @@ -0,0 +1,52 @@ +# System-wide configuration file for tomcat services +# This will be loaded by systemd as an environment file, +# so please keep the syntax. For shell expansion support +# place your custom files as /etc/tomcat/conf.d/*.conf +# +# There are 2 "classes" of startup behavior in this package. +# The old one, the default service named tomcat.service. +# The new named instances are called tomcat@instance.service. +# +# Use this file to change default values for all services. +# Change the service specific ones to affect only one service. +# For tomcat.service it's /etc/sysconfig/tomcat, for +# tomcat@instance it's /etc/sysconfig/tomcat@instance. + +# This variable is used to figure out if config is loaded or not. +TOMCAT_CFG_LOADED="1" + +# In new-style instances, if CATALINA_BASE isn't specified, it will +# be constructed by joining TOMCATS_BASE and NAME. +TOMCATS_BASE="/var/lib/tomcats/" + +# Where your java installation lives +JAVA_HOME="/usr/lib/jvm/jre" + +# Where your tomcat installation lives +CATALINA_HOME="/usr/share/tomcat" + +# System-wide tmp +CATALINA_TMPDIR="/var/cache/tomcat/temp" + +# You can pass some parameters to java here if you wish to +#JAVA_OPTS="-Xminf0.1 -Xmaxf0.3" + +# Use JAVA_OPTS to set java.library.path for libtcnative.so +#JAVA_OPTS="-Djava.library.path=/usr/lib" + +# Set default javax.sql.DataSource factory to apache commons one. See rhbz#1214381 +#JAVA_OPTS="-Djavax.sql.DataSource.Factory=org.apache.commons.dbcp.BasicDataSourceFactory" +JAVA_OPTS="-Djavax.sql.DataSource.Factory=org.apache.tomcat.dbcp.dbcp2.BasicDataSourceFactory" + +# You can change your tomcat locale here +#LANG="en_US" + +# Run tomcat under the Java Security Manager +SECURITY_MANAGER="false" + +# SHUTDOWN_WAIT has been deprecated. To change the shutdown wait time, set +# TimeoutStopSec in tomcat.service. + +# If you wish to further customize your tomcat environment, +# put your own definitions here +# (i.e. LD_LIBRARY_PATH for some jdbc drivers) diff --git a/config/tomcat/conf/webbpm.properties b/config/tomcat/etc/tomcat/webbpm.properties similarity index 92% rename from config/tomcat/conf/webbpm.properties rename to config/tomcat/etc/tomcat/webbpm.properties index 0fe1d606..7224ec5f 100644 --- a/config/tomcat/conf/webbpm.properties +++ b/config/tomcat/etc/tomcat/webbpm.properties @@ -1,4 +1,7 @@ + +# # WebBPM properties +# authentication.method=form @@ -6,6 +9,8 @@ bpmn.enable=false fias.enable=false gar.enable=false +mail.jndi.resource.name= + reset_password.mail.template.path=mail/reset_password.html security.password.regex=^(?=.*[a-zA-Z])(?=.*[0-9])[a-zA-Z0-9]+$ diff --git a/config/tomcat/webapps/manager/META-INF/context.xml b/config/tomcat/var/lib/tomcat/webapps/manager/META-INF/context.xml similarity index 100% rename from config/tomcat/webapps/manager/META-INF/context.xml rename to config/tomcat/var/lib/tomcat/webapps/manager/META-INF/context.xml