diff --git a/6.0/alpine3.19/Dockerfile b/6.0/alpine3.19/Dockerfile new file mode 100644 index 0000000..c41b7d3 --- /dev/null +++ b/6.0/alpine3.19/Dockerfile @@ -0,0 +1,147 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ruby:3.3-alpine3.19 + +# explicitly set uid/gid to guarantee that it won't change in the future +# the values 999:999 are identical to the current user/group id assigned +# alpine already has a gid 999, so we'll use the next id +RUN addgroup -S -g 1000 redmine && adduser -S -H -G redmine -u 999 redmine + +RUN set -eux; \ + apk add --no-cache \ + bash \ + ca-certificates \ + findutils \ + tini \ + tzdata \ + wget \ + \ + breezy \ + git \ + mercurial \ + openssh-client \ + subversion \ + \ +# we need "gsfonts" for generating PNGs of Gantt charts +# and "ghostscript" for creating PDF thumbnails (in 4.1+) + ghostscript \ + ghostscript-fonts \ + imagemagick \ + ; + +# grab gosu for easy step-down from root +# https://github.com/tianon/gosu/releases +ENV GOSU_VERSION 1.17 +RUN set -eux; \ + \ + apk add --no-cache --virtual .gosu-deps \ + ca-certificates \ + dpkg \ + gnupg \ + ; \ + \ + dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \ + wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \ + wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \ + gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \ + \ + apk del --no-network .gosu-deps; \ + \ +# smoke test + chmod +x /usr/local/bin/gosu; \ + gosu --version; \ + gosu nobody true + +ENV RAILS_ENV production +WORKDIR /usr/src/redmine + +# https://github.com/docker-library/redmine/issues/138#issuecomment-438834176 +# (bundler needs this for running as an arbitrary user) +ENV HOME /home/redmine +RUN set -eux; \ + [ ! -d "$HOME" ]; \ + mkdir -p "$HOME"; \ + chown redmine:redmine "$HOME"; \ + chmod 1777 "$HOME" + +ENV REDMINE_VERSION 6.0.1 +ENV REDMINE_DOWNLOAD_URL https://www.redmine.org/releases/redmine-6.0.1.tar.gz +ENV REDMINE_DOWNLOAD_SHA256 dcee3f15e3c15b9dbefba1fa9d8dfa12e89a7d40b3f3ed82da903d80d2548030 + +RUN set -eux; \ + wget -O redmine.tar.gz "$REDMINE_DOWNLOAD_URL"; \ + echo "$REDMINE_DOWNLOAD_SHA256 *redmine.tar.gz" | sha256sum -c -; \ + tar -xf redmine.tar.gz --strip-components=1; \ + rm redmine.tar.gz files/delete.me log/delete.me; \ + mkdir -p log public/plugin_assets sqlite tmp/pdf tmp/pids; \ + chown -R redmine:redmine ./; \ +# log to STDOUT (https://github.com/docker-library/redmine/issues/108) + echo 'config.logger = Logger.new(STDOUT)' > config/additional_environment.rb; \ +# fix permissions for running as an arbitrary user + chmod -R ugo=rwX config db sqlite; \ + find log tmp -type d -exec chmod 1777 '{}' + + +# build for musl-libc, not glibc (see https://github.com/sparklemotion/nokogiri/issues/2075, https://github.com/rubygems/rubygems/issues/3174) +ENV BUNDLE_FORCE_RUBY_PLATFORM 1 +RUN set -eux; \ + \ + apk add --no-cache --virtual .build-deps \ + coreutils \ + freetds-dev \ + gcc \ + make \ + mariadb-dev \ + musl-dev \ + patch \ + postgresql-dev \ + sqlite-dev \ + ttf2ufm \ + zlib-dev \ + ; \ + \ + gosu redmine bundle config --local without 'development test'; \ +# https://github.com/redmine/redmine/commit/23dc108e70a0794f444803ac827a690085dcd557 +# ("gem puma" already exists in the Gemfile, but under "group :test" and we want it all the time) + puma="$(grep -E "^[[:space:]]*gem [:'\"]puma['\",[:space:]].*\$" Gemfile)"; \ + { echo; echo "$puma"; } | sed -re 's/^[[:space:]]+//' >> Gemfile; \ +# fill up "database.yml" with bogus entries so the redmine Gemfile will pre-install all database adapter dependencies +# https://github.com/redmine/redmine/blob/e9f9767089a4e3efbd73c35fc55c5c7eb85dd7d3/Gemfile#L50-L79 + echo '# the following entries only exist to force `bundle install` to pre-install all database adapter dependencies -- they can be safely removed/ignored' > ./config/database.yml; \ + for adapter in mysql2 postgresql sqlserver sqlite3; do \ + echo "$adapter:" >> ./config/database.yml; \ + echo " adapter: $adapter" >> ./config/database.yml; \ + done; \ + gosu redmine bundle install --jobs "$(nproc)"; \ + rm ./config/database.yml; \ +# fix permissions for running as an arbitrary user + chmod -R ugo=rwX Gemfile.lock "$GEM_HOME"; \ +# this requires coreutils because "chmod +X" in busybox will remove +x on files (and coreutils leaves files alone with +X) + rm -rf ~redmine/.bundle; \ + \ +# https://github.com/naitoh/rbpdf/issues/31 + rm /usr/local/bundle/gems/rbpdf-font-1.19.*/lib/fonts/ttf2ufm/ttf2ufm; \ + \ + runDeps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/bundle/gems \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + )"; \ + apk add --no-network --virtual .redmine-rundeps $runDeps; \ + apk del --no-network .build-deps + +VOLUME /usr/src/redmine/files + +COPY docker-entrypoint.sh / +ENTRYPOINT ["/docker-entrypoint.sh"] + +EXPOSE 3000 +CMD ["rails", "server", "-b", "0.0.0.0"] diff --git a/6.0/alpine3.19/docker-entrypoint.sh b/6.0/alpine3.19/docker-entrypoint.sh new file mode 100755 index 0000000..28fe8ce --- /dev/null +++ b/6.0/alpine3.19/docker-entrypoint.sh @@ -0,0 +1,160 @@ +#!/usr/bin/env bash +set -Eeo pipefail +# TODO add "-u" + +# usage: file_env VAR [DEFAULT] +# ie: file_env 'XYZ_DB_PASSWORD' 'example' +# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of +# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) +file_env() { + local var="$1" + local fileVar="${var}_FILE" + local def="${2:-}" + if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then + echo >&2 "error: both $var and $fileVar are set (but are exclusive)" + exit 1 + fi + local val="$def" + if [ "${!var:-}" ]; then + val="${!var}" + elif [ "${!fileVar:-}" ]; then + val="$(< "${!fileVar}")" + fi + export "$var"="$val" + unset "$fileVar" +} + +isLikelyRedmine= +case "$1" in + rails | rake ) isLikelyRedmine=1 ;; +esac + +_fix_permissions() { + # https://www.redmine.org/projects/redmine/wiki/RedmineInstall#Step-8-File-system-permissions + local dirs=( config log public/plugin_assets tmp ) args=() + if [ "$(id -u)" = '0' ]; then + args+=( ${args[@]:+,} '(' '!' -user redmine -exec chown redmine:redmine '{}' + ')' ) + + # https://github.com/docker-library/redmine/issues/268 - scanning "files" might be *really* expensive, so we should skip it if it seems like it's "already correct" + local filesOwnerMode + filesOwnerMode="$(stat -c '%U:%a' files)" + if [ "$files" != 'redmine:755' ]; then + dirs+=( files ) + fi + fi + # directories 755, files 644: + args+=( ${args[@]:+,} '(' -type d '!' -perm 755 -exec sh -c 'chmod 755 "$@" 2>/dev/null || :' -- '{}' + ')' ) + args+=( ${args[@]:+,} '(' -type f '!' -perm 644 -exec sh -c 'chmod 644 "$@" 2>/dev/null || :' -- '{}' + ')' ) + find "${dirs[@]}" "${args[@]}" +} + +# allow the container to be started with `--user` +if [ -n "$isLikelyRedmine" ] && [ "$(id -u)" = '0' ]; then + _fix_permissions + exec gosu redmine "$BASH_SOURCE" "$@" +fi + +if [ -n "$isLikelyRedmine" ]; then + _fix_permissions + if [ ! -f './config/database.yml' ]; then + file_env 'REDMINE_DB_MYSQL' + file_env 'REDMINE_DB_POSTGRES' + file_env 'REDMINE_DB_SQLSERVER' + + if [ "$MYSQL_PORT_3306_TCP" ] && [ -z "$REDMINE_DB_MYSQL" ]; then + export REDMINE_DB_MYSQL='mysql' + elif [ "$POSTGRES_PORT_5432_TCP" ] && [ -z "$REDMINE_DB_POSTGRES" ]; then + export REDMINE_DB_POSTGRES='postgres' + fi + + if [ "$REDMINE_DB_MYSQL" ]; then + adapter='mysql2' + host="$REDMINE_DB_MYSQL" + file_env 'REDMINE_DB_PORT' '3306' + file_env 'REDMINE_DB_USERNAME' "${MYSQL_ENV_MYSQL_USER:-root}" + file_env 'REDMINE_DB_PASSWORD' "${MYSQL_ENV_MYSQL_PASSWORD:-${MYSQL_ENV_MYSQL_ROOT_PASSWORD:-}}" + file_env 'REDMINE_DB_DATABASE' "${MYSQL_ENV_MYSQL_DATABASE:-${MYSQL_ENV_MYSQL_USER:-redmine}}" + file_env 'REDMINE_DB_ENCODING' '' + elif [ "$REDMINE_DB_POSTGRES" ]; then + adapter='postgresql' + host="$REDMINE_DB_POSTGRES" + file_env 'REDMINE_DB_PORT' '5432' + file_env 'REDMINE_DB_USERNAME' "${POSTGRES_ENV_POSTGRES_USER:-postgres}" + file_env 'REDMINE_DB_PASSWORD' "${POSTGRES_ENV_POSTGRES_PASSWORD}" + file_env 'REDMINE_DB_DATABASE' "${POSTGRES_ENV_POSTGRES_DB:-${REDMINE_DB_USERNAME:-}}" + file_env 'REDMINE_DB_ENCODING' 'utf8' + elif [ "$REDMINE_DB_SQLSERVER" ]; then + adapter='sqlserver' + host="$REDMINE_DB_SQLSERVER" + file_env 'REDMINE_DB_PORT' '1433' + file_env 'REDMINE_DB_USERNAME' '' + file_env 'REDMINE_DB_PASSWORD' '' + file_env 'REDMINE_DB_DATABASE' '' + file_env 'REDMINE_DB_ENCODING' '' + else + echo >&2 + echo >&2 'warning: missing REDMINE_DB_MYSQL, REDMINE_DB_POSTGRES, or REDMINE_DB_SQLSERVER environment variables' + echo >&2 + echo >&2 '*** Using sqlite3 as fallback. ***' + echo >&2 + + adapter='sqlite3' + host='localhost' + file_env 'REDMINE_DB_PORT' '' + file_env 'REDMINE_DB_USERNAME' 'redmine' + file_env 'REDMINE_DB_PASSWORD' '' + file_env 'REDMINE_DB_DATABASE' 'sqlite/redmine.db' + file_env 'REDMINE_DB_ENCODING' 'utf8' + + mkdir -p "$(dirname "$REDMINE_DB_DATABASE")" + if [ "$(id -u)" = '0' ]; then + find "$(dirname "$REDMINE_DB_DATABASE")" \! -user redmine -exec chown redmine '{}' + + fi + fi + + REDMINE_DB_ADAPTER="$adapter" + REDMINE_DB_HOST="$host" + echo "$RAILS_ENV:" > config/database.yml + for var in \ + adapter \ + host \ + port \ + username \ + password \ + database \ + encoding \ + ; do + env="REDMINE_DB_${var^^}" + val="${!env}" + [ -n "$val" ] || continue + echo " $var: \"$val\"" >> config/database.yml + done + fi + + # install additional gems for Gemfile.local and plugins + bundle check || bundle install + + if [ ! -s config/secrets.yml ]; then + file_env 'REDMINE_SECRET_KEY_BASE' + if [ -n "$REDMINE_SECRET_KEY_BASE" ]; then + cat > 'config/secrets.yml' <<-YML + $RAILS_ENV: + secret_key_base: "$REDMINE_SECRET_KEY_BASE" + YML + elif [ ! -f config/initializers/secret_token.rb ]; then + rake generate_secret_token + fi + fi + if [ "$1" != 'rake' -a -z "$REDMINE_NO_DB_MIGRATE" ]; then + rake db:migrate + fi + + if [ "$1" != 'rake' -a -n "$REDMINE_PLUGINS_MIGRATE" ]; then + rake redmine:plugins:migrate + fi + + # remove PID file to enable restarting the container + rm -f tmp/pids/server.pid +fi + +exec "$@" diff --git a/6.0/alpine3.20/Dockerfile b/6.0/alpine3.20/Dockerfile new file mode 100644 index 0000000..4a3c265 --- /dev/null +++ b/6.0/alpine3.20/Dockerfile @@ -0,0 +1,147 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ruby:3.3-alpine3.20 + +# explicitly set uid/gid to guarantee that it won't change in the future +# the values 999:999 are identical to the current user/group id assigned +# alpine already has a gid 999, so we'll use the next id +RUN addgroup -S -g 1000 redmine && adduser -S -H -G redmine -u 999 redmine + +RUN set -eux; \ + apk add --no-cache \ + bash \ + ca-certificates \ + findutils \ + tini \ + tzdata \ + wget \ + \ + breezy \ + git \ + mercurial \ + openssh-client \ + subversion \ + \ +# we need "gsfonts" for generating PNGs of Gantt charts +# and "ghostscript" for creating PDF thumbnails (in 4.1+) + ghostscript \ + ghostscript-fonts \ + imagemagick \ + ; + +# grab gosu for easy step-down from root +# https://github.com/tianon/gosu/releases +ENV GOSU_VERSION 1.17 +RUN set -eux; \ + \ + apk add --no-cache --virtual .gosu-deps \ + ca-certificates \ + dpkg \ + gnupg \ + ; \ + \ + dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \ + wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \ + wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \ + gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \ + \ + apk del --no-network .gosu-deps; \ + \ +# smoke test + chmod +x /usr/local/bin/gosu; \ + gosu --version; \ + gosu nobody true + +ENV RAILS_ENV production +WORKDIR /usr/src/redmine + +# https://github.com/docker-library/redmine/issues/138#issuecomment-438834176 +# (bundler needs this for running as an arbitrary user) +ENV HOME /home/redmine +RUN set -eux; \ + [ ! -d "$HOME" ]; \ + mkdir -p "$HOME"; \ + chown redmine:redmine "$HOME"; \ + chmod 1777 "$HOME" + +ENV REDMINE_VERSION 6.0.1 +ENV REDMINE_DOWNLOAD_URL https://www.redmine.org/releases/redmine-6.0.1.tar.gz +ENV REDMINE_DOWNLOAD_SHA256 dcee3f15e3c15b9dbefba1fa9d8dfa12e89a7d40b3f3ed82da903d80d2548030 + +RUN set -eux; \ + wget -O redmine.tar.gz "$REDMINE_DOWNLOAD_URL"; \ + echo "$REDMINE_DOWNLOAD_SHA256 *redmine.tar.gz" | sha256sum -c -; \ + tar -xf redmine.tar.gz --strip-components=1; \ + rm redmine.tar.gz files/delete.me log/delete.me; \ + mkdir -p log public/plugin_assets sqlite tmp/pdf tmp/pids; \ + chown -R redmine:redmine ./; \ +# log to STDOUT (https://github.com/docker-library/redmine/issues/108) + echo 'config.logger = Logger.new(STDOUT)' > config/additional_environment.rb; \ +# fix permissions for running as an arbitrary user + chmod -R ugo=rwX config db sqlite; \ + find log tmp -type d -exec chmod 1777 '{}' + + +# build for musl-libc, not glibc (see https://github.com/sparklemotion/nokogiri/issues/2075, https://github.com/rubygems/rubygems/issues/3174) +ENV BUNDLE_FORCE_RUBY_PLATFORM 1 +RUN set -eux; \ + \ + apk add --no-cache --virtual .build-deps \ + coreutils \ + freetds-dev \ + gcc \ + make \ + mariadb-dev \ + musl-dev \ + patch \ + postgresql-dev \ + sqlite-dev \ + ttf2ufm \ + zlib-dev \ + ; \ + \ + gosu redmine bundle config --local without 'development test'; \ +# https://github.com/redmine/redmine/commit/23dc108e70a0794f444803ac827a690085dcd557 +# ("gem puma" already exists in the Gemfile, but under "group :test" and we want it all the time) + puma="$(grep -E "^[[:space:]]*gem [:'\"]puma['\",[:space:]].*\$" Gemfile)"; \ + { echo; echo "$puma"; } | sed -re 's/^[[:space:]]+//' >> Gemfile; \ +# fill up "database.yml" with bogus entries so the redmine Gemfile will pre-install all database adapter dependencies +# https://github.com/redmine/redmine/blob/e9f9767089a4e3efbd73c35fc55c5c7eb85dd7d3/Gemfile#L50-L79 + echo '# the following entries only exist to force `bundle install` to pre-install all database adapter dependencies -- they can be safely removed/ignored' > ./config/database.yml; \ + for adapter in mysql2 postgresql sqlserver sqlite3; do \ + echo "$adapter:" >> ./config/database.yml; \ + echo " adapter: $adapter" >> ./config/database.yml; \ + done; \ + gosu redmine bundle install --jobs "$(nproc)"; \ + rm ./config/database.yml; \ +# fix permissions for running as an arbitrary user + chmod -R ugo=rwX Gemfile.lock "$GEM_HOME"; \ +# this requires coreutils because "chmod +X" in busybox will remove +x on files (and coreutils leaves files alone with +X) + rm -rf ~redmine/.bundle; \ + \ +# https://github.com/naitoh/rbpdf/issues/31 + rm /usr/local/bundle/gems/rbpdf-font-1.19.*/lib/fonts/ttf2ufm/ttf2ufm; \ + \ + runDeps="$( \ + scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/bundle/gems \ + | tr ',' '\n' \ + | sort -u \ + | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \ + )"; \ + apk add --no-network --virtual .redmine-rundeps $runDeps; \ + apk del --no-network .build-deps + +VOLUME /usr/src/redmine/files + +COPY docker-entrypoint.sh / +ENTRYPOINT ["/docker-entrypoint.sh"] + +EXPOSE 3000 +CMD ["rails", "server", "-b", "0.0.0.0"] diff --git a/6.0/alpine3.20/docker-entrypoint.sh b/6.0/alpine3.20/docker-entrypoint.sh new file mode 100755 index 0000000..28fe8ce --- /dev/null +++ b/6.0/alpine3.20/docker-entrypoint.sh @@ -0,0 +1,160 @@ +#!/usr/bin/env bash +set -Eeo pipefail +# TODO add "-u" + +# usage: file_env VAR [DEFAULT] +# ie: file_env 'XYZ_DB_PASSWORD' 'example' +# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of +# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) +file_env() { + local var="$1" + local fileVar="${var}_FILE" + local def="${2:-}" + if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then + echo >&2 "error: both $var and $fileVar are set (but are exclusive)" + exit 1 + fi + local val="$def" + if [ "${!var:-}" ]; then + val="${!var}" + elif [ "${!fileVar:-}" ]; then + val="$(< "${!fileVar}")" + fi + export "$var"="$val" + unset "$fileVar" +} + +isLikelyRedmine= +case "$1" in + rails | rake ) isLikelyRedmine=1 ;; +esac + +_fix_permissions() { + # https://www.redmine.org/projects/redmine/wiki/RedmineInstall#Step-8-File-system-permissions + local dirs=( config log public/plugin_assets tmp ) args=() + if [ "$(id -u)" = '0' ]; then + args+=( ${args[@]:+,} '(' '!' -user redmine -exec chown redmine:redmine '{}' + ')' ) + + # https://github.com/docker-library/redmine/issues/268 - scanning "files" might be *really* expensive, so we should skip it if it seems like it's "already correct" + local filesOwnerMode + filesOwnerMode="$(stat -c '%U:%a' files)" + if [ "$files" != 'redmine:755' ]; then + dirs+=( files ) + fi + fi + # directories 755, files 644: + args+=( ${args[@]:+,} '(' -type d '!' -perm 755 -exec sh -c 'chmod 755 "$@" 2>/dev/null || :' -- '{}' + ')' ) + args+=( ${args[@]:+,} '(' -type f '!' -perm 644 -exec sh -c 'chmod 644 "$@" 2>/dev/null || :' -- '{}' + ')' ) + find "${dirs[@]}" "${args[@]}" +} + +# allow the container to be started with `--user` +if [ -n "$isLikelyRedmine" ] && [ "$(id -u)" = '0' ]; then + _fix_permissions + exec gosu redmine "$BASH_SOURCE" "$@" +fi + +if [ -n "$isLikelyRedmine" ]; then + _fix_permissions + if [ ! -f './config/database.yml' ]; then + file_env 'REDMINE_DB_MYSQL' + file_env 'REDMINE_DB_POSTGRES' + file_env 'REDMINE_DB_SQLSERVER' + + if [ "$MYSQL_PORT_3306_TCP" ] && [ -z "$REDMINE_DB_MYSQL" ]; then + export REDMINE_DB_MYSQL='mysql' + elif [ "$POSTGRES_PORT_5432_TCP" ] && [ -z "$REDMINE_DB_POSTGRES" ]; then + export REDMINE_DB_POSTGRES='postgres' + fi + + if [ "$REDMINE_DB_MYSQL" ]; then + adapter='mysql2' + host="$REDMINE_DB_MYSQL" + file_env 'REDMINE_DB_PORT' '3306' + file_env 'REDMINE_DB_USERNAME' "${MYSQL_ENV_MYSQL_USER:-root}" + file_env 'REDMINE_DB_PASSWORD' "${MYSQL_ENV_MYSQL_PASSWORD:-${MYSQL_ENV_MYSQL_ROOT_PASSWORD:-}}" + file_env 'REDMINE_DB_DATABASE' "${MYSQL_ENV_MYSQL_DATABASE:-${MYSQL_ENV_MYSQL_USER:-redmine}}" + file_env 'REDMINE_DB_ENCODING' '' + elif [ "$REDMINE_DB_POSTGRES" ]; then + adapter='postgresql' + host="$REDMINE_DB_POSTGRES" + file_env 'REDMINE_DB_PORT' '5432' + file_env 'REDMINE_DB_USERNAME' "${POSTGRES_ENV_POSTGRES_USER:-postgres}" + file_env 'REDMINE_DB_PASSWORD' "${POSTGRES_ENV_POSTGRES_PASSWORD}" + file_env 'REDMINE_DB_DATABASE' "${POSTGRES_ENV_POSTGRES_DB:-${REDMINE_DB_USERNAME:-}}" + file_env 'REDMINE_DB_ENCODING' 'utf8' + elif [ "$REDMINE_DB_SQLSERVER" ]; then + adapter='sqlserver' + host="$REDMINE_DB_SQLSERVER" + file_env 'REDMINE_DB_PORT' '1433' + file_env 'REDMINE_DB_USERNAME' '' + file_env 'REDMINE_DB_PASSWORD' '' + file_env 'REDMINE_DB_DATABASE' '' + file_env 'REDMINE_DB_ENCODING' '' + else + echo >&2 + echo >&2 'warning: missing REDMINE_DB_MYSQL, REDMINE_DB_POSTGRES, or REDMINE_DB_SQLSERVER environment variables' + echo >&2 + echo >&2 '*** Using sqlite3 as fallback. ***' + echo >&2 + + adapter='sqlite3' + host='localhost' + file_env 'REDMINE_DB_PORT' '' + file_env 'REDMINE_DB_USERNAME' 'redmine' + file_env 'REDMINE_DB_PASSWORD' '' + file_env 'REDMINE_DB_DATABASE' 'sqlite/redmine.db' + file_env 'REDMINE_DB_ENCODING' 'utf8' + + mkdir -p "$(dirname "$REDMINE_DB_DATABASE")" + if [ "$(id -u)" = '0' ]; then + find "$(dirname "$REDMINE_DB_DATABASE")" \! -user redmine -exec chown redmine '{}' + + fi + fi + + REDMINE_DB_ADAPTER="$adapter" + REDMINE_DB_HOST="$host" + echo "$RAILS_ENV:" > config/database.yml + for var in \ + adapter \ + host \ + port \ + username \ + password \ + database \ + encoding \ + ; do + env="REDMINE_DB_${var^^}" + val="${!env}" + [ -n "$val" ] || continue + echo " $var: \"$val\"" >> config/database.yml + done + fi + + # install additional gems for Gemfile.local and plugins + bundle check || bundle install + + if [ ! -s config/secrets.yml ]; then + file_env 'REDMINE_SECRET_KEY_BASE' + if [ -n "$REDMINE_SECRET_KEY_BASE" ]; then + cat > 'config/secrets.yml' <<-YML + $RAILS_ENV: + secret_key_base: "$REDMINE_SECRET_KEY_BASE" + YML + elif [ ! -f config/initializers/secret_token.rb ]; then + rake generate_secret_token + fi + fi + if [ "$1" != 'rake' -a -z "$REDMINE_NO_DB_MIGRATE" ]; then + rake db:migrate + fi + + if [ "$1" != 'rake' -a -n "$REDMINE_PLUGINS_MIGRATE" ]; then + rake redmine:plugins:migrate + fi + + # remove PID file to enable restarting the container + rm -f tmp/pids/server.pid +fi + +exec "$@" diff --git a/6.0/bookworm/Dockerfile b/6.0/bookworm/Dockerfile new file mode 100644 index 0000000..df3490c --- /dev/null +++ b/6.0/bookworm/Dockerfile @@ -0,0 +1,155 @@ +# +# NOTE: THIS DOCKERFILE IS GENERATED VIA "apply-templates.sh" +# +# PLEASE DO NOT EDIT IT DIRECTLY. +# + +FROM ruby:3.3-slim-bookworm + +# explicitly set uid/gid to guarantee that it won't change in the future +# the values 999:999 are identical to the current user/group id assigned +RUN groupadd -r -g 999 redmine && useradd -r -g redmine -u 999 redmine + +RUN set -eux; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + ca-certificates \ + curl \ + wget \ + \ + bzr \ + git \ + mercurial \ + openssh-client \ + subversion \ + \ +# we need "gsfonts" for generating PNGs of Gantt charts +# and "ghostscript" for creating PDF thumbnails (in 4.1+) + ghostscript \ + gsfonts \ + imagemagick \ +# grab tini for signal processing and zombie killing + tini \ + ; \ +# allow imagemagick to use ghostscript for PDF -> PNG thumbnail conversion (4.1+) + sed -ri 's/(rights)="none" (pattern="PDF")/\1="read" \2/' /etc/ImageMagick-6/policy.xml; \ + rm -rf /var/lib/apt/lists/* + +# grab gosu for easy step-down from root +ENV GOSU_VERSION 1.17 +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + gnupg \ + ; \ + rm -rf /var/lib/apt/lists/*; \ + \ + dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \ + wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \ + wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \ + export GNUPGHOME="$(mktemp -d)"; \ + gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \ + gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ + gpgconf --kill all; \ + rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \ + \ + apt-mark auto '.*' > /dev/null; \ + apt-mark manual $savedAptMark > /dev/null; \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + \ +# smoke test + chmod +x /usr/local/bin/gosu; \ + gosu --version; \ + gosu nobody true + +ENV RAILS_ENV production +WORKDIR /usr/src/redmine + +# https://github.com/docker-library/redmine/issues/138#issuecomment-438834176 +# (bundler needs this for running as an arbitrary user) +ENV HOME /home/redmine +RUN set -eux; \ + [ ! -d "$HOME" ]; \ + mkdir -p "$HOME"; \ + chown redmine:redmine "$HOME"; \ + chmod 1777 "$HOME" + +ENV REDMINE_VERSION 6.0.1 +ENV REDMINE_DOWNLOAD_URL https://www.redmine.org/releases/redmine-6.0.1.tar.gz +ENV REDMINE_DOWNLOAD_SHA256 dcee3f15e3c15b9dbefba1fa9d8dfa12e89a7d40b3f3ed82da903d80d2548030 + +RUN set -eux; \ +# if we use wget here, we get certificate issues (https://github.com/docker-library/redmine/pull/249#issuecomment-984176479) + curl -fL -o redmine.tar.gz "$REDMINE_DOWNLOAD_URL"; \ + echo "$REDMINE_DOWNLOAD_SHA256 *redmine.tar.gz" | sha256sum -c -; \ + tar -xf redmine.tar.gz --strip-components=1; \ + rm redmine.tar.gz files/delete.me log/delete.me; \ + mkdir -p log public/plugin_assets sqlite tmp/pdf tmp/pids; \ + chown -R redmine:redmine ./; \ +# log to STDOUT (https://github.com/docker-library/redmine/issues/108) + echo 'config.logger = Logger.new(STDOUT)' > config/additional_environment.rb; \ +# fix permissions for running as an arbitrary user + chmod -R ugo=rwX config db sqlite; \ + find log tmp -type d -exec chmod 1777 '{}' + + +RUN set -eux; \ + \ + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends \ + default-libmysqlclient-dev \ + freetds-dev \ + gcc \ + libpq-dev \ + libsqlite3-dev \ + libxml2-dev \ + libxslt-dev \ + make \ + patch \ + pkgconf \ + xz-utils \ + ; \ + rm -rf /var/lib/apt/lists/*; \ + \ + gosu redmine bundle config --local without 'development test'; \ +# https://github.com/redmine/redmine/commit/23dc108e70a0794f444803ac827a690085dcd557 +# ("gem puma" already exists in the Gemfile, but under "group :test" and we want it all the time) + puma="$(grep -E "^[[:space:]]*gem [:'\"]puma['\",[:space:]].*\$" Gemfile)"; \ + { echo; echo "$puma"; } | sed -re 's/^[[:space:]]+//' >> Gemfile; \ +# fill up "database.yml" with bogus entries so the redmine Gemfile will pre-install all database adapter dependencies +# https://github.com/redmine/redmine/blob/e9f9767089a4e3efbd73c35fc55c5c7eb85dd7d3/Gemfile#L50-L79 + echo '# the following entries only exist to force `bundle install` to pre-install all database adapter dependencies -- they can be safely removed/ignored' > ./config/database.yml; \ + for adapter in mysql2 postgresql sqlserver sqlite3; do \ + echo "$adapter:" >> ./config/database.yml; \ + echo " adapter: $adapter" >> ./config/database.yml; \ + done; \ +# nokogiri's vendored libxml2 + libxslt do not build on mips64le, so use the apt packages when building + gosu redmine bundle config build.nokogiri --use-system-libraries; \ + gosu redmine bundle install --jobs "$(nproc)"; \ + rm ./config/database.yml; \ +# fix permissions for running as an arbitrary user + chmod -R ugo=rwX Gemfile.lock "$GEM_HOME"; \ + rm -rf ~redmine/.bundle; \ + \ +# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \ + find /usr/local -type f -executable -exec ldd '{}' ';' \ + | awk '/=>/ { so = $(NF-1); if (index(so, "/usr/local/") == 1) { next }; gsub("^/(usr/)?", "", so); printf "*%s\n", so }' \ + | sort -u \ + | xargs -r dpkg-query --search \ + | cut -d: -f1 \ + | sort -u \ + | xargs -r apt-mark manual \ + ; \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false + +VOLUME /usr/src/redmine/files + +COPY docker-entrypoint.sh / +ENTRYPOINT ["/docker-entrypoint.sh"] + +EXPOSE 3000 +CMD ["rails", "server", "-b", "0.0.0.0"] diff --git a/6.0/bookworm/docker-entrypoint.sh b/6.0/bookworm/docker-entrypoint.sh new file mode 100755 index 0000000..28fe8ce --- /dev/null +++ b/6.0/bookworm/docker-entrypoint.sh @@ -0,0 +1,160 @@ +#!/usr/bin/env bash +set -Eeo pipefail +# TODO add "-u" + +# usage: file_env VAR [DEFAULT] +# ie: file_env 'XYZ_DB_PASSWORD' 'example' +# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of +# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) +file_env() { + local var="$1" + local fileVar="${var}_FILE" + local def="${2:-}" + if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then + echo >&2 "error: both $var and $fileVar are set (but are exclusive)" + exit 1 + fi + local val="$def" + if [ "${!var:-}" ]; then + val="${!var}" + elif [ "${!fileVar:-}" ]; then + val="$(< "${!fileVar}")" + fi + export "$var"="$val" + unset "$fileVar" +} + +isLikelyRedmine= +case "$1" in + rails | rake ) isLikelyRedmine=1 ;; +esac + +_fix_permissions() { + # https://www.redmine.org/projects/redmine/wiki/RedmineInstall#Step-8-File-system-permissions + local dirs=( config log public/plugin_assets tmp ) args=() + if [ "$(id -u)" = '0' ]; then + args+=( ${args[@]:+,} '(' '!' -user redmine -exec chown redmine:redmine '{}' + ')' ) + + # https://github.com/docker-library/redmine/issues/268 - scanning "files" might be *really* expensive, so we should skip it if it seems like it's "already correct" + local filesOwnerMode + filesOwnerMode="$(stat -c '%U:%a' files)" + if [ "$files" != 'redmine:755' ]; then + dirs+=( files ) + fi + fi + # directories 755, files 644: + args+=( ${args[@]:+,} '(' -type d '!' -perm 755 -exec sh -c 'chmod 755 "$@" 2>/dev/null || :' -- '{}' + ')' ) + args+=( ${args[@]:+,} '(' -type f '!' -perm 644 -exec sh -c 'chmod 644 "$@" 2>/dev/null || :' -- '{}' + ')' ) + find "${dirs[@]}" "${args[@]}" +} + +# allow the container to be started with `--user` +if [ -n "$isLikelyRedmine" ] && [ "$(id -u)" = '0' ]; then + _fix_permissions + exec gosu redmine "$BASH_SOURCE" "$@" +fi + +if [ -n "$isLikelyRedmine" ]; then + _fix_permissions + if [ ! -f './config/database.yml' ]; then + file_env 'REDMINE_DB_MYSQL' + file_env 'REDMINE_DB_POSTGRES' + file_env 'REDMINE_DB_SQLSERVER' + + if [ "$MYSQL_PORT_3306_TCP" ] && [ -z "$REDMINE_DB_MYSQL" ]; then + export REDMINE_DB_MYSQL='mysql' + elif [ "$POSTGRES_PORT_5432_TCP" ] && [ -z "$REDMINE_DB_POSTGRES" ]; then + export REDMINE_DB_POSTGRES='postgres' + fi + + if [ "$REDMINE_DB_MYSQL" ]; then + adapter='mysql2' + host="$REDMINE_DB_MYSQL" + file_env 'REDMINE_DB_PORT' '3306' + file_env 'REDMINE_DB_USERNAME' "${MYSQL_ENV_MYSQL_USER:-root}" + file_env 'REDMINE_DB_PASSWORD' "${MYSQL_ENV_MYSQL_PASSWORD:-${MYSQL_ENV_MYSQL_ROOT_PASSWORD:-}}" + file_env 'REDMINE_DB_DATABASE' "${MYSQL_ENV_MYSQL_DATABASE:-${MYSQL_ENV_MYSQL_USER:-redmine}}" + file_env 'REDMINE_DB_ENCODING' '' + elif [ "$REDMINE_DB_POSTGRES" ]; then + adapter='postgresql' + host="$REDMINE_DB_POSTGRES" + file_env 'REDMINE_DB_PORT' '5432' + file_env 'REDMINE_DB_USERNAME' "${POSTGRES_ENV_POSTGRES_USER:-postgres}" + file_env 'REDMINE_DB_PASSWORD' "${POSTGRES_ENV_POSTGRES_PASSWORD}" + file_env 'REDMINE_DB_DATABASE' "${POSTGRES_ENV_POSTGRES_DB:-${REDMINE_DB_USERNAME:-}}" + file_env 'REDMINE_DB_ENCODING' 'utf8' + elif [ "$REDMINE_DB_SQLSERVER" ]; then + adapter='sqlserver' + host="$REDMINE_DB_SQLSERVER" + file_env 'REDMINE_DB_PORT' '1433' + file_env 'REDMINE_DB_USERNAME' '' + file_env 'REDMINE_DB_PASSWORD' '' + file_env 'REDMINE_DB_DATABASE' '' + file_env 'REDMINE_DB_ENCODING' '' + else + echo >&2 + echo >&2 'warning: missing REDMINE_DB_MYSQL, REDMINE_DB_POSTGRES, or REDMINE_DB_SQLSERVER environment variables' + echo >&2 + echo >&2 '*** Using sqlite3 as fallback. ***' + echo >&2 + + adapter='sqlite3' + host='localhost' + file_env 'REDMINE_DB_PORT' '' + file_env 'REDMINE_DB_USERNAME' 'redmine' + file_env 'REDMINE_DB_PASSWORD' '' + file_env 'REDMINE_DB_DATABASE' 'sqlite/redmine.db' + file_env 'REDMINE_DB_ENCODING' 'utf8' + + mkdir -p "$(dirname "$REDMINE_DB_DATABASE")" + if [ "$(id -u)" = '0' ]; then + find "$(dirname "$REDMINE_DB_DATABASE")" \! -user redmine -exec chown redmine '{}' + + fi + fi + + REDMINE_DB_ADAPTER="$adapter" + REDMINE_DB_HOST="$host" + echo "$RAILS_ENV:" > config/database.yml + for var in \ + adapter \ + host \ + port \ + username \ + password \ + database \ + encoding \ + ; do + env="REDMINE_DB_${var^^}" + val="${!env}" + [ -n "$val" ] || continue + echo " $var: \"$val\"" >> config/database.yml + done + fi + + # install additional gems for Gemfile.local and plugins + bundle check || bundle install + + if [ ! -s config/secrets.yml ]; then + file_env 'REDMINE_SECRET_KEY_BASE' + if [ -n "$REDMINE_SECRET_KEY_BASE" ]; then + cat > 'config/secrets.yml' <<-YML + $RAILS_ENV: + secret_key_base: "$REDMINE_SECRET_KEY_BASE" + YML + elif [ ! -f config/initializers/secret_token.rb ]; then + rake generate_secret_token + fi + fi + if [ "$1" != 'rake' -a -z "$REDMINE_NO_DB_MIGRATE" ]; then + rake db:migrate + fi + + if [ "$1" != 'rake' -a -n "$REDMINE_PLUGINS_MIGRATE" ]; then + rake redmine:plugins:migrate + fi + + # remove PID file to enable restarting the container + rm -f tmp/pids/server.pid +fi + +exec "$@" diff --git a/generate-stackbrew-library.sh b/generate-stackbrew-library.sh index 98e9664..c858d37 100755 --- a/generate-stackbrew-library.sh +++ b/generate-stackbrew-library.sh @@ -2,7 +2,8 @@ set -Eeuo pipefail declare -A aliases=( - [5.1]='5 latest' + [5.1]='5' + [6.0]='6 latest' ) self="$(basename "$BASH_SOURCE")" diff --git a/versions.json b/versions.json index e9ec9d9..c9ec692 100644 --- a/versions.json +++ b/versions.json @@ -28,5 +28,20 @@ "alpine3.19" ], "version": "5.1.4" + }, + "6.0": { + "alpine": "3.20", + "debian": "bookworm", + "downloadUrl": "https://www.redmine.org/releases/redmine-6.0.1.tar.gz", + "ruby": { + "version": "3.3" + }, + "sha256": "dcee3f15e3c15b9dbefba1fa9d8dfa12e89a7d40b3f3ed82da903d80d2548030", + "variants": [ + "bookworm", + "alpine3.20", + "alpine3.19" + ], + "version": "6.0.1" } } diff --git a/versions.sh b/versions.sh index 2c61dbd..d9896f7 100755 --- a/versions.sh +++ b/versions.sh @@ -18,9 +18,10 @@ declare -A alpineVersions=( #[5.0]='3.16' ) # see https://www.redmine.org/projects/redmine/wiki/redmineinstall -defaultRubyVersion='3.2' +defaultRubyVersion='3.3' declare -A rubyVersions=( [5.0]='3.1' + [5.1]='3.2' ) cd "$(dirname "$(readlink -f "$BASH_SOURCE")")"