diff --git a/Dockerfile b/Dockerfile index 40e32c768..880d17e43 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,8 +1,17 @@ -# # Select ubuntu as the base image -FROM coreapps/ruby2.3 +FROM ruby:2.3.6 # Install essential Linux packages -RUN apt-get update -qq && apt-get install -y build-essential libpq-dev postgresql-client nodejs imagemagick +RUN apt-get update -qq && apt-get install -y build-essential libpq-dev postgresql-client nodejs imagemagick sudo + +# Files created inside the container repect the ownership +RUN adduser --shell /bin/bash --disabled-password --gecos "" consul \ + && adduser consul sudo \ + && echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers + +RUN echo 'Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/bundle/bin"' > /etc/sudoers.d/secure_path +RUN chmod 0440 /etc/sudoers.d/secure_path + +COPY scripts/entrypoint.sh /usr/local/bin/entrypoint.sh # Define where our application will live inside the image ENV RAILS_ROOT /var/www/consul diff --git a/docker-compose.yml b/docker-compose.yml index d5399089e..5c03e071b 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,31 +1,40 @@ -# service configuration for our database -database: +version: '3' +services: + # service configuration for our database + database: - # use the preferred version of the official Postgres image - # see https://hub.docker.com/_/postgres/ - image: postgres:9.4.5 + # use the preferred version of the official Postgres image + # see https://hub.docker.com/_/postgres/ + image: postgres:9.4.5 - # persist the database between containers by storing it in a volume - volumes: - - docker-example-postgres:/var/lib/postgresql/data + # persist the database between containers by storing it in a volume + volumes: + - docker-example-postgres:/var/lib/postgresql/data -# service configuration for our dockerized Rails app -app: + # service configuration for our dockerized Rails app + app: - # use the Dockerfile next to this file - build: . + # use the Dockerfile next to this file + build: . + entrypoint: /usr/local/bin/entrypoint.sh + command: bundle exec rails s -p 3000 -b '0.0.0.0' + working_dir: /var/www/consul - # rely on the RAILS_ENV value of the host machine - # environment: - #RAILS_ENV: $RAILS_ENV + # rely on the RAILS_ENV value of the host machine + # environment: + #RAILS_ENV: $RAILS_ENV - # makes the app container aware of the DB container - links: - - database + # makes the app container aware of the DB container + depends_on: + - database - # expose the port we configured Unicorn to bind to - ports: - - "3000:3000" - # map our application source code, in full, to the application root of our container - volumes: - - .:/var/www/consul + # expose the port we configured Unicorn to bind to + ports: + - "3000:3000" + # map our application source code, in full, to the application root of our container + volumes: + - .:/var/www/consul:delegated + - bundle:/usr/local/bundle:delegated +volumes: + docker-example-postgres: {} + bundle: {} diff --git a/scripts/entrypoint.sh b/scripts/entrypoint.sh new file mode 100755 index 000000000..e3a7bede6 --- /dev/null +++ b/scripts/entrypoint.sh @@ -0,0 +1,17 @@ +#!/bin/sh -x + +USER_UID=$(stat -c %u /var/www/consul/Gemfile) +USER_GID=$(stat -c %g /var/www/consul/Gemfile) + +export USER_UID +export USER_GID + +usermod -u "$USER_UID" consul 2> /dev/null +groupmod -g "$USER_GID" consul 2> /dev/null +usermod -g "$USER_GID" consul 2> /dev/null + +chown -R -h "$USER_UID" "$BUNDLE_PATH" +chgrp -R -h "$USER_GID" "$BUNDLE_PATH" + +/usr/bin/sudo -EH -u consul "$@" +