more freshup

author: Victor Näslund <victor@sunet.se> 2022-11-02 15:31:23 +0100
committer: Victor Näslund <victor@sunet.se> 2022-11-02 15:31:23 +0100
commit: 8baecf339e8061160bee519e87ffe837d1525c18 (patch)
tree: 22664c10f22382b1d4647b5f2e96bcea4220d879 /docker
parent: ffb26f4a81a9ca61c4105df037f7e1beb8dc5fb0 (diff)
4 files changed, 40 insertions, 12 deletions
diff --git a/docker/collector/Dockerfile b/docker/collector/Dockerfile
index a62d78e..099bc0a 100644
--- a/docker/collector/Dockerfile
+++ b/docker/collector/Dockerfile
@@ -1,23 +1,49 @@
 FROM debian:bullseye-20221024-slim@sha256:76cdda8fe5eb597ef5e712e4c9a9f5f1fb119e69f353daaa7bd6d0f6e66e541d
 
 # FROM debian:bullseye
+# ENV DEBIAN_FRONTEND noninteractive
+# RUN apt-get update
+# RUN apt-get install -y git supervisor emacs-nox virtualenv procps
 
-ENV DEBIAN_FRONTEND noninteractive
+COPY ./requirements.txt /opt/collector/requirements.txt
 
-RUN apt update
-RUN apt install -y git supervisor emacs-nox virtualenv procps
-RUN apt clean
+RUN apt-get update \
+    && apt-get install -y python3 python3-pip \
+    && pip3 install -r /opt/collector/requirements.txt \
+    && apt-get remove -y \
+    gcc \
+    curl \
+    wget \
+    python3-pip \
+    python3-dev \
+    && apt-get autoremove -y \
+    && apt-get clean
 
-WORKDIR /opt/
 
-RUN git clone https://git.sunet.se/soc_collector.git /opt/collector
+# Remove setuid and setgid
+RUN find / -xdev -perm /6000 -type f -exec chmod a-s {} \; || true
+
+# Add user
+RUN useradd collector -u 1500 -s /usr/sbin/nologin
+
+COPY ./src /opt/collector/src
 
 WORKDIR /opt/collector/
 
-COPY setup.sh /opt/collector/
-COPY supervisord.conf /etc/supervisor/
+USER collector
+
+ENTRYPOINT ["uvicorn", "src.collector.main:app", "--host", "0.0.0.0", "--workers", "1", "--header", "server:collector"]
+# ENTRYPOINT ["sleep", "300"]
+
+# RUN git clone https://git.sunet.se/soc_collector.git /opt/collector
+# WORKDIR /opt/collector/
+# COPY setup.sh /opt/collector/
+# COPY supervisord.conf /etc/supervisor/
+
+# RUN /opt/collector/setup.sh
+# ENTRYPOINT supervisord -c /etc/supervisor/supervisord.conf
+
+
 
-RUN /opt/collector/setup.sh
 
-ENTRYPOINT supervisord -c /etc/supervisor/supervisord.conf
 
diff --git a/docker/collector/Dockerfile-dev b/docker/collector/_dev_dockerfile_dev
index 15a6ebe..15a6ebe 100644
--- a/docker/collector/Dockerfile-dev
+++ b/docker/collector/_dev_dockerfile_dev
diff --git a/docker/collector/supervisord.conf b/docker/collector/supervisord.conf
index 7e260c6..2a2f5ca 100644
--- a/docker/collector/supervisord.conf
+++ b/docker/collector/supervisord.conf
@@ -3,7 +3,7 @@ nodaemon=true
 
 [program:uvicorn]
 directory = /opt/collector/src/
-command = /opt/collector/venv/bin/uvicorn --proxy-headers --host 0.0.0.0 --port 8000 main:app
+command = /opt/collector/venv/bin/uvicorn --log-level debug --proxy-headers --host 0.0.0.0 --port 8000 main:app
 stdout_logfile=/dev/stdout
 stdout_logfile_maxbytes=0
 stderr_logfile=/dev/stderr
diff --git a/docker/docker-compose.yaml b/docker/docker-compose.yaml
index 23a543b..119d3a9 100644
--- a/docker/docker-compose.yaml
+++ b/docker/docker-compose.yaml
@@ -10,7 +10,9 @@ services:
       - certs:/etc/ssl/collector/
 
   collector:
-    build: ./collector/
+    build:
+      context: ..
+      dockerfile: docker/collector/Dockerfile
     environment:
       - COUCHDB_USER
       - COUCHDB_PASSWORD
author	Victor Näslund <victor@sunet.se>	2022-11-02 15:31:23 +0100
committer	Victor Näslund <victor@sunet.se>	2022-11-02 15:31:23 +0100
commit	8baecf339e8061160bee519e87ffe837d1525c18 (patch)
tree	22664c10f22382b1d4647b5f2e96bcea4220d879 /docker
parent	ffb26f4a81a9ca61c4105df037f7e1beb8dc5fb0 (diff)