root
/
rabbitmq-server
mirror of https://github.com/rabbitmq/rabbitmq-server.git
1
0
Fork 0
Code Issues Actions 9 Packages Projects Releases Wiki Activity

Use same docker config as the official rabbitmq image 

Signed-off-by: Gerhard Lazu <gerhard@lazu.co.uk>
This commit is contained in:
Gerhard Lazu 2021-02-12 13:25:24 +00:00 committed by Philip Kuryloski
parent d041315336
commit aacec68c34
3 changed files with 48 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
packaging/docker-image/Dockerfile
View File

@ -22,7 +22,29 @@ ARG PGP_KEYSERVER=ha.pool.sks-keyservers.net
ENV OPENSSL_VERSION 1.1.1g ENV OPENSSL_VERSION 1.1.1g
ENV OPENSSL_SOURCE_SHA256="ddb04774f1e32f0c49751e21b67216ac87852ceb056b75209af2443400636d46" ENV OPENSSL_SOURCE_SHA256="ddb04774f1e32f0c49751e21b67216ac87852ceb056b75209af2443400636d46"
# https://www.openssl.org/community/omc.html # https://www.openssl.org/community/omc.html
ENV OPENSSL_PGP_KEY_IDS="0x8657ABB260F056B1E5190839D9C4D26D0E604491 0x5B2545DAB21995F4088CEFAA36CEE4DEB00CFE33 0xED230BEC4D4F2518B9D7DF41F0DB4D21C1D35231 0xC1F33DD8CE1D4CC613AF14DA9195C48241FBF7DD 0x7953AC1FBC3DC8B3B292393ED5E9E43F7DF9EE8C 0xE5E52560DD91C556DDBDA5D02064C53641C25E5D" ENV OPENSSL_PGP_KEY_IDS="{{
[
# Matt Caswell
"8657 ABB2 60F0 56B1 E519 0839 D9C4 D26D 0E60 4491",
# Mark J. Cox
"5B25 45DA B219 95F4 088C EFAA 36CE E4DE B00C FE33",
# Paul Dale
"ED23 0BEC 4D4F 2518 B9D7 DF41 F0DB 4D21 C1D3 5231",
# Tim Hudson
"C1F3 3DD8 CE1D 4CC6 13AF 14DA 9195 C482 41FB F7DD",
# Richard Levitte
"7953 AC1F BC3D C8B3 B292 393E D5E9 E43F 7DF9 EE8C",
# Kurt Roeckx
"E5E5 2560 DD91 C556 DDBD A5D0 2064 C536 41C2 5E5D"
]
# TODO auto-generate / scrape this list from the canonical upstream source instead (check the signature file and add an entry in the .openssl object with just the one signature that we expect to have signed this release, after cross-referencing the official OMC list?)
| map("0x" + gsub(" "; "")) | join(" ")
}}"
# Use the latest stable Erlang/OTP release - make find-latest-otp - https://github.com/erlang/otp/tags # Use the latest stable Erlang/OTP release - make find-latest-otp - https://github.com/erlang/otp/tags
ARG OTP_VERSION ARG OTP_VERSION
@ -33,7 +55,7 @@ ARG OTP_SHA256
ENV OTP_SOURCE_SHA256=${OTP_SHA256} ENV OTP_SOURCE_SHA256=${OTP_SHA256}
# Install dependencies required to build Erlang/OTP from source # Install dependencies required to build Erlang/OTP from source
# http://erlang.org/doc/installation_guide/INSTALL.html # https://erlang.org/doc/installation_guide/INSTALL.html
# autoconf: Required to configure Erlang/OTP before compiling # autoconf: Required to configure Erlang/OTP before compiling
# dpkg-dev: Required to set up host & build type when compiling Erlang/OTP # dpkg-dev: Required to set up host & build type when compiling Erlang/OTP
# gnupg: Required to verify OpenSSL artefacts # gnupg: Required to verify OpenSSL artefacts
@ -106,7 +128,7 @@ RUN set -eux; \
tar --extract --file "$OTP_PATH.tar.gz" --directory "$OTP_PATH" --strip-components 1; \ tar --extract --file "$OTP_PATH.tar.gz" --directory "$OTP_PATH" --strip-components 1; \
\ \
# Configure Erlang/OTP for compilation, disable unused features & applications # Configure Erlang/OTP for compilation, disable unused features & applications
# http://erlang.org/doc/applications.html # https://erlang.org/doc/applications.html
# ERL_TOP is required for Erlang/OTP makefiles to find the absolute path for the installation # ERL_TOP is required for Erlang/OTP makefiles to find the absolute path for the installation
cd "$OTP_PATH"; \ cd "$OTP_PATH"; \
export ERL_TOP="$OTP_PATH"; \ export ERL_TOP="$OTP_PATH"; \
@ -184,9 +206,9 @@ ENV RABBITMQ_DATA_DIR=/var/lib/rabbitmq
RUN set -eux; \ RUN set -eux; \
groupadd --gid 999 --system rabbitmq; \ groupadd --gid 999 --system rabbitmq; \
useradd --uid 999 --system --home-dir "$RABBITMQ_DATA_DIR" --gid rabbitmq rabbitmq; \ useradd --uid 999 --system --home-dir "$RABBITMQ_DATA_DIR" --gid rabbitmq rabbitmq; \
mkdir -p "$RABBITMQ_DATA_DIR" /etc/rabbitmq /tmp/rabbitmq-ssl /var/log/rabbitmq; \ mkdir -p "$RABBITMQ_DATA_DIR" /etc/rabbitmq /etc/rabbitmq/conf.d /tmp/rabbitmq-ssl /var/log/rabbitmq; \
chown -fR rabbitmq:rabbitmq "$RABBITMQ_DATA_DIR" /etc/rabbitmq /tmp/rabbitmq-ssl /var/log/rabbitmq; \ chown -fR rabbitmq:rabbitmq "$RABBITMQ_DATA_DIR" /etc/rabbitmq /etc/rabbitmq/conf.d /tmp/rabbitmq-ssl /var/log/rabbitmq; \
chmod 777 "$RABBITMQ_DATA_DIR" /etc/rabbitmq /tmp/rabbitmq-ssl /var/log/rabbitmq; \ chmod 777 "$RABBITMQ_DATA_DIR" /etc/rabbitmq /etc/rabbitmq/conf.d /tmp/rabbitmq-ssl /var/log/rabbitmq; \
ln -sf "$RABBITMQ_DATA_DIR/.erlang.cookie" /root/.erlang.cookie ln -sf "$RABBITMQ_DATA_DIR/.erlang.cookie" /root/.erlang.cookie
# Use the latest alpha RabbitMQ 3.8 release - https://dl.bintray.com/rabbitmq/all-dev/rabbitmq-server/ # Use the latest alpha RabbitMQ 3.8 release - https://dl.bintray.com/rabbitmq/all-dev/rabbitmq-server/

4
packaging/docker-image/Makefile
View File

@ -14,8 +14,8 @@ $(error Cannot determine version; please specify VERSION)
endif endif
endif endif
OTP_VERSION ?= 22.3 OTP_VERSION ?= 23.2.4
OTP_SHA256 ?= 886e6dbe1e4823c7e8d9c9c1ba8315075a1a9f7717f5a1eaf3b98345ca6c798e OTP_SHA256 ?= e72aa084907e0f34f932cf00caa33aba93147b0a7c9c35569d6bd1c402f532de
all: dist all: dist

25
packaging/docker-image/docker-entrypoint.sh
View File

@ -202,6 +202,16 @@ oldConfigFile="$configBase.config"
newConfigFile="$configBase.conf" newConfigFile="$configBase.conf"
shouldWriteConfig="$haveConfig" shouldWriteConfig="$haveConfig"
if [ -n "$shouldWriteConfig" ] && ! touch "$newConfigFile"; then
# config file exists but it isn't writeable (likely read-only mount, such as Kubernetes configMap)
export RABBITMQ_CONFIG_FILE='/tmp/rabbitmq.conf'
cp "$newConfigFile" "$RABBITMQ_CONFIG_FILE"
echo >&2
echo >&2 "WARNING: '$newConfigFile' is not writable, but environment variables have been provided which request that we write to it"
echo >&2 " We have copied it to '$RABBITMQ_CONFIG_FILE' so it can be amended to work around the problem, but it is recommended that the read-only source file should be modified and the environment variables removed instead."
echo >&2
newConfigFile="$RABBITMQ_CONFIG_FILE"
fi
if [ -n "$shouldWriteConfig" ] && [ -f "$oldConfigFile" ]; then if [ -n "$shouldWriteConfig" ] && [ -f "$oldConfigFile" ]; then
{ {
echo "error: Docker configuration environment variables specified, but old-style (Erlang syntax) configuration file '$oldConfigFile' exists" echo "error: Docker configuration environment variables specified, but old-style (Erlang syntax) configuration file '$oldConfigFile' exists"
@ -236,6 +246,7 @@ rabbit_set_config() {
"s/^[[:space:]]*(${sedKey}[[:space:]]*=[[:space:]]*)\S.*\$/\1${sedVal}/" \ "s/^[[:space:]]*(${sedKey}[[:space:]]*=[[:space:]]*)\S.*\$/\1${sedVal}/" \
"$newConfigFile" "$newConfigFile"
if ! grep -qE "^${sedKey}[[:space:]]*=" "$newConfigFile"; then if ! grep -qE "^${sedKey}[[:space:]]*=" "$newConfigFile"; then
sed -i -e '$a\' "$newConfigFile" # https://github.com/docker-library/rabbitmq/issues/456#issuecomment-752251872 (https://unix.stackexchange.com/a/31955/153467)
echo "$key = $val" >> "$newConfigFile" echo "$key = $val" >> "$newConfigFile"
fi fi
} }
@ -364,22 +375,22 @@ if [ "$1" = 'rabbitmq-server' ] && [ "$shouldWriteConfig" ]; then
# if management plugin is installed, generate config for it # if management plugin is installed, generate config for it
# https://www.rabbitmq.com/management.html#configuration # https://www.rabbitmq.com/management.html#configuration
if [ "$(rabbitmq-plugins list -q -m -e 'rabbitmq_management$')" ]; then if [ "$(rabbitmq-plugins list -q -m -e rabbitmq_management)" ]; then
if [ "$haveManagementSslConfig" ]; then if [ "$haveManagementSslConfig" ]; then
rabbit_set_config 'management.listener.port' 15671 rabbit_set_config 'management.ssl.port' 15671
rabbit_set_config 'management.listener.ssl' 'true'
rabbit_env_config 'management_ssl' "${sslConfigKeys[@]}" rabbit_env_config 'management_ssl' "${sslConfigKeys[@]}"
else else
rabbit_set_config 'management.listener.port' 15672 rabbit_set_config 'management.tcp.port' 15672
rabbit_set_config 'management.listener.ssl' 'false'
fi fi
# if definitions file exists, then load it # if definitions file exists, then load it
# https://www.rabbitmq.com/management.html#load-definitions # https://www.rabbitmq.com/management.html#load-definitions
managementDefinitionsFile='/etc/rabbitmq/definitions.json' managementDefinitionsFile='/etc/rabbitmq/definitions.json'
if [ -f "$managementDefinitionsFile" ]; then if [ -f "$managementDefinitionsFile" ]; then
# see also https://github.com/docker-library/rabbitmq/pull/112#issuecomment-271485550 # We use `load_definitions` (the built-in setting as of 3.8.2+) instead
rabbit_set_config 'management.load_definitions' "$managementDefinitionsFile" # of `management.load_definitions`.
# See https://github.com/docker-library/rabbitmq/issues/429 for details.
rabbit_set_config 'load_definitions' "$managementDefinitionsFile"
fi fi
fi fi
fi fi