Page History

...

joc
- build.sh
- build
  - Dockerfile
  - https-keytore.p12
  - https-truststore.p12
  - joc_install.xml
  - joc.properties.add
  - start.ini.add
  - start-joc.sh

The root directory joc canhave can have any name. The build files listed above are available for download. Note that build script described below will, by default, use the directory name and release number to determine the resulting image name.

...

Code Block

language	bash
title	Dockerfile for JOC Cockpit Image
linenumbers	true
collapse	true

FROM openjdk:8-jre-alpine

LABEL maintainer="Software- und Organisations-Service GmbH"

# BUILD SETTINGS

# provide build arguments for release information
ARG JS_RELEASE
ARG JS_RELEASE_MAJOR

# default user id has to match later run-time user
ARG JS_USER_ID=${JS_USER_ID:-1001}
ARG JS_HTTP_PORT=${JS_HTTP_PORT:-4446}
ARG JS_HTTPS_PORT=${JS_HTTPS_PORT:-4443}
ARG JS_JAVA_OPTIONS=${JS_JAVA_OPTIONS}

# RUN-TIME SETTINGS

# JS7 JobScheduler ports and Java options
ENV RUN_JS_HTTP_PORT=${RUN_JS_HTTP_PORT:-$JS_HTTP_PORT}
ENV RUN_JS_HTTPS_PORT=${RUN_JS_HTTPS_PORT:-$JS_HTTPS_PORT}
ENV RUN_JS_JAVA_OPTIONS=${RUN_JS_JAVA_OPTIONS:-$JS_JAVA_OPTIONS}

# PREPARATION

# install process tools, net tools, bash
RUN apk update && apk add --no-cache \
    procps \
    net-tools \
    bash

# add installer tarball
ADD https://download.sos-berlin.com/JobScheduler.${JS_RELEASE_MAJOR}/js7_joc_linux.${JS_RELEASE}.tar.gz /usr/local/src/
# COPY js7_joc_linux.${JS_RELEASE}.tar.gz /usr/local/src/

# copyadd keystore installerand responsetruststore filelocations andto startconfiguration scriptfiles
COPY joc_install.xmlstart.ini.add /usr/local/src/
COPY start-joc.shproperties.add /usr/local/binsrc/

# addcopy keystoreinstaller andresponse truststorefile forand private keys and certificatesstart script
COPY https-keystore.p12joc_install.xml /usr/local/src/
COPY httpsstart-truststorejoc.p12sh /usr/local/bin/src

# add keystore and truststore locations to configuration files
COPY start.ini.add /usr/local/src/
COPY joc.properties.add /usr/local/src/

# INSTALLATION

# extract installer tarball
# for JDK < 12, /INSTALLATION

# extract installer tarball
# for JDK < 12, /dev/random does not provide sufficient entropy, see https://kb.sos-berlin.com/x/lIM3
# substitute build arguments in installer response file
# add jobscheduler user account and group
# run setup
# add keystore and truststore locations to configuration files
# enable https module
# add keystore and truststore for private keys and certificates
# link start.ini from configuration directory
RUN test -e /usr/local/src/js7_joc_linux.${JS_RELEASE}.tar.gz && \
    tar zxvf /usr/local/src/js7_joc_linux.${JS_RELEASE}.tar.gz -C /usr/local/src/ && \
    rm -f /usr/local/src/js7_joc_linux.${JS_RELEASE}.tar.gz && \
    ln -s /usr/local/src/joc.${JS_RELEASE} /usr/local/src/joc && \
    mv /usr/local/src/joc_install.xml /usr/local/src/joc/ && \
    sed -i 's/securerandom.source=file:\/dev\/random/securerandom.source=file:\/dev\/urandom/g' /usr/lib/jvm/java-1.8-openjdk/jre/lib/security/java.security && \
    sed -i "s/\s*<entry\s*key\s*=\"jettyPort\".*\/>/<entry key=\"jettyPort\" value=\"$JS_HTTP_PORT\"\/>/g" /usr/local/src/joc/joc_install.xml && \
    adduser -u ${JS_USER_ID:-1001} --disabled-password --home /home/jobscheduler --no-create-home --shell /bin/bash jobscheduler jobscheduler && \
    cd /usr/local/src/joc && ./setup.sh -u joc_install.xml && \
    cat /usr/local/src/start.ini.add >> /var/sos-berlin.com/js7/joc/start.ini && \
    sed -i "s/\s*jetty.ssl.port\s*=.*/jetty.ssl.port=$JS_HTTPS_PORT/g" /var/sos-berlin.com/js7/joc/start.ini && \
    cat /usr/local/src/joc.properties.add >> /var/sos-berlin.com/js7/joc/resources/joc/joc.properties && \
    java -jar "/opt/sos-berlin.com/js7/joc/jetty/start.jar" -Djetty.home="/opt/sos-berlin.com/js7/joc/jetty" -Djetty.base="/var/sos-berlin.com/js7/joc" --add-to-start=https && \
    mvchmod +x /usr/local/srcbin/httpsstart-keystorejoc.p12 /var/sos-berlin.com/js7/joc/resources/joc/ sh && \
    mv /usr/local/src/https-truststore.p12 /var/sos-berlin.com/js7/joc/resources/joc/ && \
    mv /var/sos-berlin.com/js7/joc/start.ini /var/sos-berlin.com/js7/joc/resources/joc/ && \
    ln -s /var/sos-berlin.com/js7/joc/resources/joc/start.ini /var/sos-berlin.com/js7/joc/start.ini && \
    chmod +x /usr/local/bin/start-joc.sh && \
    chown -R chown -R jobscheduler:jobscheduler /var/sos-berlin.com

# CONFIGURATION

# copy configuration
# COPY --chown=jobscheduler:jobscheduler config/ /var/sos-berlin.com/js7/joc/resources/joc/

# CODA

# run-time user, can be overwritten when running the container
USER jobscheduler

CMD ["sh","-c","/usr/local/bin/start-joc.sh --http-port=$RUN_JS_HTTP_PORT --https-port=$RUN_JS_HTTPS_PORT --java-options=\"$RUN_JS_JAVA_OPTIONS\""]

...

Space shortcuts

Page tree

Versions Compared

Old Version 24

New Version 25

Key