Use same docker config as the official rabbitmq image
Signed-off-by: Gerhard Lazu <gerhard@lazu.co.uk>
This commit is contained in:
Gerhard Lazu
Philip Kuryloski
parent
d041315336
commit
aacec68c34
|
|
@ -22,7 +22,29 @@ ARG PGP_KEYSERVER=ha.pool.sks-keyservers.net
|
|||
ENV OPENSSL_VERSION 1.1.1g
|
||||
ENV OPENSSL_SOURCE_SHA256="ddb04774f1e32f0c49751e21b67216ac87852ceb056b75209af2443400636d46"
|
||||
# https://www.openssl.org/community/omc.html
|
||||
ENV OPENSSL_PGP_KEY_IDS="0x8657ABB260F056B1E5190839D9C4D26D0E604491 0x5B2545DAB21995F4088CEFAA36CEE4DEB00CFE33 0xED230BEC4D4F2518B9D7DF41F0DB4D21C1D35231 0xC1F33DD8CE1D4CC613AF14DA9195C48241FBF7DD 0x7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C 0xE5E52560DD91C556DDBDA5D02064C53641C25E5D"
|
||||
ENV OPENSSL_PGP_KEY_IDS="{{
|
||||
[
|
||||
# Matt Caswell
|
||||
"8657 ABB2 60F0 56B1 E519 0839 D9C4 D26D 0E60 4491",
|
||||
|
||||
# Mark J. Cox
|
||||
"5B25 45DA B219 95F4 088C EFAA 36CE E4DE B00C FE33",
|
||||
|
||||
# Paul Dale
|
||||
"ED23 0BEC 4D4F 2518 B9D7 DF41 F0DB 4D21 C1D3 5231",
|
||||
|
||||
# Tim Hudson
|
||||
"C1F3 3DD8 CE1D 4CC6 13AF 14DA 9195 C482 41FB F7DD",
|
||||
|
||||
# Richard Levitte
|
||||
"7953 AC1F BC3D C8B3 B292 393E D5E9 E43F 7DF9 EE8C",
|
||||
|
||||
# Kurt Roeckx
|
||||
"E5E5 2560 DD91 C556 DDBD A5D0 2064 C536 41C2 5E5D"
|
||||
]
|
||||
# TODO auto-generate / scrape this list from the canonical upstream source instead (check the signature file and add an entry in the .openssl object with just the one signature that we expect to have signed this release, after cross-referencing the official OMC list?)
|
||||
| map("0x" + gsub(" "; "")) | join(" ")
|
||||
}}"
|
||||
|
||||
# Use the latest stable Erlang/OTP release - make find-latest-otp - https://github.com/erlang/otp/tags
|
||||
ARG OTP_VERSION
|
||||
|
|
@ -33,7 +55,7 @@ ARG OTP_SHA256
|
|||
ENV OTP_SOURCE_SHA256=${OTP_SHA256}
|
||||
|
||||
# Install dependencies required to build Erlang/OTP from source
|
||||
# http://erlang.org/doc/installation_guide/INSTALL.html
|
||||
# https://erlang.org/doc/installation_guide/INSTALL.html
|
||||
# autoconf: Required to configure Erlang/OTP before compiling
|
||||
# dpkg-dev: Required to set up host & build type when compiling Erlang/OTP
|
||||
# gnupg: Required to verify OpenSSL artefacts
|
||||
|
|
@ -106,7 +128,7 @@ RUN set -eux; \
|
|||
tar --extract --file "$OTP_PATH.tar.gz" --directory "$OTP_PATH" --strip-components 1; \
|
||||
\
|
||||
# Configure Erlang/OTP for compilation, disable unused features & applications
|
||||
# http://erlang.org/doc/applications.html
|
||||
# https://erlang.org/doc/applications.html
|
||||
# ERL_TOP is required for Erlang/OTP makefiles to find the absolute path for the installation
|
||||
cd "$OTP_PATH"; \
|
||||
export ERL_TOP="$OTP_PATH"; \
|
||||
|
|
@ -184,9 +206,9 @@ ENV RABBITMQ_DATA_DIR=/var/lib/rabbitmq
|
|||
RUN set -eux; \
|
||||
groupadd --gid 999 --system rabbitmq; \
|
||||
useradd --uid 999 --system --home-dir "$RABBITMQ_DATA_DIR" --gid rabbitmq rabbitmq; \
|
||||
mkdir -p "$RABBITMQ_DATA_DIR" /etc/rabbitmq /tmp/rabbitmq-ssl /var/log/rabbitmq; \
|
||||
chown -fR rabbitmq:rabbitmq "$RABBITMQ_DATA_DIR" /etc/rabbitmq /tmp/rabbitmq-ssl /var/log/rabbitmq; \
|
||||
chmod 777 "$RABBITMQ_DATA_DIR" /etc/rabbitmq /tmp/rabbitmq-ssl /var/log/rabbitmq; \
|
||||
mkdir -p "$RABBITMQ_DATA_DIR" /etc/rabbitmq /etc/rabbitmq/conf.d /tmp/rabbitmq-ssl /var/log/rabbitmq; \
|
||||
chown -fR rabbitmq:rabbitmq "$RABBITMQ_DATA_DIR" /etc/rabbitmq /etc/rabbitmq/conf.d /tmp/rabbitmq-ssl /var/log/rabbitmq; \
|
||||
chmod 777 "$RABBITMQ_DATA_DIR" /etc/rabbitmq /etc/rabbitmq/conf.d /tmp/rabbitmq-ssl /var/log/rabbitmq; \
|
||||
ln -sf "$RABBITMQ_DATA_DIR/.erlang.cookie" /root/.erlang.cookie
|
||||
|
||||
# Use the latest alpha RabbitMQ 3.8 release - https://dl.bintray.com/rabbitmq/all-dev/rabbitmq-server/
|
||||
|
|
|
|||
|
|
@ -14,8 +14,8 @@ $(error Cannot determine version; please specify VERSION)
|
|||
endif
|
||||
endif
|
||||
|
||||
OTP_VERSION ?= 22.3
|
||||
OTP_SHA256 ?= 886e6dbe1e4823c7e8d9c9c1ba8315075a1a9f7717f5a1eaf3b98345ca6c798e
|
||||
OTP_VERSION ?= 23.2.4
|
||||
OTP_SHA256 ?= e72aa084907e0f34f932cf00caa33aba93147b0a7c9c35569d6bd1c402f532de
|
||||
|
||||
all: dist
|
||||
|
||||
|
|
|
|||
|
|
@ -202,6 +202,16 @@ oldConfigFile="$configBase.config"
|
|||
newConfigFile="$configBase.conf"
|
||||
|
||||
shouldWriteConfig="$haveConfig"
|
||||
if [ -n "$shouldWriteConfig" ] && ! touch "$newConfigFile"; then
|
||||
# config file exists but it isn't writeable (likely read-only mount, such as Kubernetes configMap)
|
||||
export RABBITMQ_CONFIG_FILE='/tmp/rabbitmq.conf'
|
||||
cp "$newConfigFile" "$RABBITMQ_CONFIG_FILE"
|
||||
echo >&2
|
||||
echo >&2 "WARNING: '$newConfigFile' is not writable, but environment variables have been provided which request that we write to it"
|
||||
echo >&2 " We have copied it to '$RABBITMQ_CONFIG_FILE' so it can be amended to work around the problem, but it is recommended that the read-only source file should be modified and the environment variables removed instead."
|
||||
echo >&2
|
||||
newConfigFile="$RABBITMQ_CONFIG_FILE"
|
||||
fi
|
||||
if [ -n "$shouldWriteConfig" ] && [ -f "$oldConfigFile" ]; then
|
||||
{
|
||||
echo "error: Docker configuration environment variables specified, but old-style (Erlang syntax) configuration file '$oldConfigFile' exists"
|
||||
|
|
@ -236,6 +246,7 @@ rabbit_set_config() {
|
|||
"s/^[[:space:]]*(${sedKey}[[:space:]]*=[[:space:]]*)\S.*\$/\1${sedVal}/" \
|
||||
"$newConfigFile"
|
||||
if ! grep -qE "^${sedKey}[[:space:]]*=" "$newConfigFile"; then
|
||||
sed -i -e '$a\' "$newConfigFile" # https://github.com/docker-library/rabbitmq/issues/456#issuecomment-752251872 (https://unix.stackexchange.com/a/31955/153467)
|
||||
echo "$key = $val" >> "$newConfigFile"
|
||||
fi
|
||||
}
|
||||
|
|
@ -364,22 +375,22 @@ if [ "$1" = 'rabbitmq-server' ] && [ "$shouldWriteConfig" ]; then
|
|||
|
||||
# if management plugin is installed, generate config for it
|
||||
# https://www.rabbitmq.com/management.html#configuration
|
||||
if [ "$(rabbitmq-plugins list -q -m -e 'rabbitmq_management$')" ]; then
|
||||
if [ "$(rabbitmq-plugins list -q -m -e rabbitmq_management)" ]; then
|
||||
if [ "$haveManagementSslConfig" ]; then
|
||||
rabbit_set_config 'management.listener.port' 15671
|
||||
rabbit_set_config 'management.listener.ssl' 'true'
|
||||
rabbit_set_config 'management.ssl.port' 15671
|
||||
rabbit_env_config 'management_ssl' "${sslConfigKeys[@]}"
|
||||
else
|
||||
rabbit_set_config 'management.listener.port' 15672
|
||||
rabbit_set_config 'management.listener.ssl' 'false'
|
||||
rabbit_set_config 'management.tcp.port' 15672
|
||||
fi
|
||||
|
||||
# if definitions file exists, then load it
|
||||
# https://www.rabbitmq.com/management.html#load-definitions
|
||||
managementDefinitionsFile='/etc/rabbitmq/definitions.json'
|
||||
if [ -f "$managementDefinitionsFile" ]; then
|
||||
# see also https://github.com/docker-library/rabbitmq/pull/112#issuecomment-271485550
|
||||
rabbit_set_config 'management.load_definitions' "$managementDefinitionsFile"
|
||||
# We use `load_definitions` (the built-in setting as of 3.8.2+) instead
|
||||
# of `management.load_definitions`.
|
||||
# See https://github.com/docker-library/rabbitmq/issues/429 for details.
|
||||
rabbit_set_config 'load_definitions' "$managementDefinitionsFile"
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
|
|
|||
Loading…
Reference in New Issue