Merge pull request #30 from oznu/0.13.1

0.13.1

Dockerfile

@@ -1,20 +1,21 @@
 # Multi-stage build - See https://docs.docker.com/engine/userguide/eng-image/multistage-build
-FROM ubnt/unms:0.13.0 as unms
-FROM ubnt/unms-netflow:0.13.0 as unms-netflow
-FROM oznu/s6-node:10.13.0-r2-amd64
-
-# base deps redis, rabbitmq
-RUN apk add --no-cache redis rabbitmq-server --repository http://dl-cdn.alpinelinux.org/alpine/edge/testing \
-  && apk del ${devDeps} \
-  && deluser rabbitmq \
-  && addgroup -S rabbitmq && adduser -S -h /var/lib/rabbitmq -G rabbitmq rabbitmq \
-  && mkdir -p /var/lib/rabbitmq /etc/rabbitmq \
-  && chown -R rabbitmq:rabbitmq /var/lib/rabbitmq /etc/rabbitmq \
-  && chmod -R 777 /var/lib/rabbitmq /etc/rabbitmq \
-  && ln -sf /var/lib/rabbitmq/.erlang.cookie /root/
-
-# postgres 9.6.10 https://pkgs.alpinelinux.org/packages?name=postgresql&branch=v3.6
-RUN apk add --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/v3.6/main postgresql==9.6.10-r0 postgresql-client=9.6.10-r0 postgresql-contrib=9.6.10-r0 libpq=9.6.10-r0 
+FROM ubnt/unms:0.13.1 as unms
+FROM ubnt/unms-netflow:0.13.1 as unms-netflow
+FROM oznu/s6-node:10.13.0-r2-debian-amd64
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+# base deps redis, rabbitmq, postgres 9.6
+RUN set -x \
+  && echo "deb http://ftp.debian.org/debian stretch-backports main" >> /etc/apt/sources.list \
+  && apt-get update \
+  && mkdir -p /usr/share/man/man1 /usr/share/man/man7 \
+  && mkdir -p /usr/share/man/man7 \
+  && apt-get install -y build-essential rabbitmq-server redis-server \
+    postgresql-9.6 postgresql-contrib-9.6 postgresql-client-9.6 libpq-dev \
+    gzip bash vim openssl libcap-dev dumb-init sudo gettext zlibc zlib1g zlib1g-dev \
+    iproute2 netcat wget libpcre3 libpcre3-dev libssl-dev \
+  && apt-get install -y certbot -t stretch-backports
 
 # start ubnt/unms dockerfile #
 RUN mkdir -p /home/app/unms
@@ -24,19 +25,14 @@ WORKDIR /home/app/unms
 # Copy UNMS app from offical image since the source code is not published at this time
 COPY --from=unms /home/app/unms /home/app/unms
 
-RUN devDeps="g++ make python" \
-    && apk add --no-cache ${devDeps} su-exec gzip bash vim dumb-init openssl libcap \
-    && rm -rf node_modules \
+RUN rm -rf node_modules \
     && JOBS=$(nproc) npm install sharp@latest \
     && JOBS=$(nproc) npm install --production \
-    && apk del ${devDeps} \
     && mkdir -p -m 777 "$HOME/unms/public/site-images" \
     && mkdir -p -m 777 "$HOME/unms/data/config-backups" \
     && mkdir -p -m 777 "$HOME/unms/data/unms-backups" \
     && mkdir -p -m 777 "$HOME/unms/data/import"
 
-RUN setcap cap_net_raw=pe $(which node)
-
 COPY --from=unms /usr/local/bin/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
 RUN chmod +x /usr/local/bin/docker-entrypoint.sh
 # end ubnt/unms dockerfile #
@@ -46,25 +42,22 @@ RUN mkdir -p /home/app/netflow
 
 COPY --from=unms-netflow /home/app /home/app/netflow
 
-RUN devDeps="make python g++" \
-  && apk add --no-cache ${devDeps} \
-  && cd /home/app/netflow \
-  && JOBS=$(nproc) npm install --production \
-  && apk del ${devDeps}
+RUN cd /home/app/netflow \
+  && rm -rf node_modules \
+  && JOBS=$(nproc) npm install --production
 
 # end unms-netflow dockerfile #
 
 # ubnt/nginx docker file #
 ENV NGINX_UID=1000 \
     NGINX_VERSION=nginx-1.12.2 \
-    LUAJIT_VERSION=2.1.0-beta3
+    LUAJIT_VERSION=2.1.0-beta3 \
+    LUA_NGINX_VERSION=0.10.13
 
-RUN set -x && devDeps="wget pcre-dev zlib-dev build-base libffi-dev python-dev build-base" \
-    # && apk del libressl-dev curl-dev libssh2-dev \
-    && apk add --no-cache --update ${devDeps} sudo dumb-init pcre libgcc gettext py-pip certbot \
+RUN set -x \
     && mkdir -p /tmp/src && cd /tmp/src \
     && wget -q http://nginx.org/download/${NGINX_VERSION}.tar.gz -O nginx.tar.gz \
-    && wget -q https://github.com/openresty/lua-nginx-module/archive/v0.10.11.tar.gz -O lua-nginx-module.tar.gz \
+    && wget -q https://github.com/openresty/lua-nginx-module/archive/v${LUA_NGINX_VERSION}.tar.gz -O lua-nginx-module.tar.gz \
     && wget -q https://github.com/simpl/ngx_devel_kit/archive/v0.3.0.tar.gz -O ndk.tar.gz \
     && wget -q http://luajit.org/download/LuaJIT-${LUAJIT_VERSION}.tar.gz -O luajit.tar.gz \
     && tar -zxvf lua-nginx-module.tar.gz \
@@ -78,7 +71,7 @@ RUN set -x && devDeps="wget pcre-dev zlib-dev build-base libffi-dev python-dev b
         --with-ld-opt='-Wl,-Bsymbolic-functions -fPIE -pie -Wl,-z,relro -Wl,-z,now -fPIC' \
         --with-pcre-jit \
         --with-threads \
-        --add-module=/tmp/src/lua-nginx-module-0.10.11 \
+        --add-module=/tmp/src/lua-nginx-module-${LUA_NGINX_VERSION} \
         --add-module=/tmp/src/ngx_devel_kit-0.3.0 \
         --with-http_ssl_module \
         --with-http_realip_module \
@@ -104,7 +97,6 @@ RUN set -x && devDeps="wget pcre-dev zlib-dev build-base libffi-dev python-dev b
         --http-proxy-temp-path=/tmp/proxy \
     && make -j $(nproc) \
     && make install \
-    && apk del ${devDeps} \
     && rm /usr/bin/luajit-${LUAJIT_VERSION} \
     && rm -rf /tmp/src \
     && rm -rf /var/cache/apk/* \
@@ -120,9 +112,13 @@ RUN cd /tmp \
     && mkdir -p /www/public \
     && cp -R public /www/ \
     && chmod +x /entrypoint.sh /fill-template.sh /refresh-certificate.sh
+
+# make compatible with debian
+RUN sed -i "s#/bin/sh#/bin/bash#g" /entrypoint.sh \
+  && sed -i "s#adduser -D#adduser --disabled-password --gecos \"\"#g" /entrypoint.sh
 # end ubnt/nginx docker file #
 
-ENV PATH=/home/app/unms/node_modules/.bin:$PATH \
+ENV PATH=/home/app/unms/node_modules/.bin:$PATH:/usr/lib/postgresql/9.6/bin \
   PGDATA=/config/postgres \
   POSTGRES_DB=unms \
   QUIET_MODE=0 \

Dockerfile.raspberry-pi

@@ -1,20 +1,21 @@
 # Multi-stage build - See https://docs.docker.com/engine/userguide/eng-image/multistage-build
-FROM ubnt/unms:0.13.0 as unms
-FROM ubnt/unms-netflow:0.13.0 as unms-netflow
-FROM oznu/s6-node:10.13.0-r2-armhf
-
-# base deps redis, rabbitmq
-RUN apk add --no-cache redis rabbitmq-server --repository http://dl-cdn.alpinelinux.org/alpine/edge/testing \
-  && apk del ${devDeps} \
-  && deluser rabbitmq \
-  && addgroup -S rabbitmq && adduser -S -h /var/lib/rabbitmq -G rabbitmq rabbitmq \
-  && mkdir -p /var/lib/rabbitmq /etc/rabbitmq \
-  && chown -R rabbitmq:rabbitmq /var/lib/rabbitmq /etc/rabbitmq \
-  && chmod -R 777 /var/lib/rabbitmq /etc/rabbitmq \
-  && ln -sf /var/lib/rabbitmq/.erlang.cookie /root/
-
-# postgres 9.6.10 https://pkgs.alpinelinux.org/packages?name=postgresql&branch=v3.6
-RUN apk add --no-cache --repository http://dl-cdn.alpinelinux.org/alpine/v3.6/main postgresql==9.6.10-r0 postgresql-client=9.6.10-r0 postgresql-contrib=9.6.10-r0 libpq=9.6.10-r0 
+FROM ubnt/unms:0.13.1 as unms
+FROM ubnt/unms-netflow:0.13.1 as unms-netflow
+FROM oznu/s6-node:10.13.0-r2-debian-armhf
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+# base deps redis, rabbitmq, postgres 9.6
+RUN set -x \
+  && echo "deb http://ftp.debian.org/debian stretch-backports main" >> /etc/apt/sources.list \
+  && apt-get update \
+  && mkdir -p /usr/share/man/man1 /usr/share/man/man7 \
+  && mkdir -p /usr/share/man/man7 \
+  && apt-get install -y build-essential rabbitmq-server redis-server \
+    postgresql-9.6 postgresql-contrib-9.6 postgresql-client-9.6 libpq-dev \
+    gzip bash vim openssl libcap-dev dumb-init sudo gettext zlibc zlib1g zlib1g-dev \
+    iproute2 netcat wget libpcre3 libpcre3-dev libssl-dev \
+  && apt-get install -y certbot -t stretch-backports
 
 # start ubnt/unms dockerfile #
 RUN mkdir -p /home/app/unms
@@ -24,26 +25,14 @@ WORKDIR /home/app/unms
 # Copy UNMS app from offical image since the source code is not published at this time
 COPY --from=unms /home/app/unms /home/app/unms
 
-## RPI ONLY ##
-RUN apk add --update --no-cache gcc g++ make libc6-compat
-RUN apk add vips-dev fftw-dev build-base --no-cache \
-  --repository https://dl-3.alpinelinux.org/alpine/edge/testing/ \
-  --repository https://dl-3.alpinelinux.org/alpine/edge/main
-## END RPI ONLY ##
-
-RUN devDeps="g++ make python" \
-    && apk add --no-cache ${devDeps} su-exec gzip bash vim dumb-init openssl libcap \
-    && rm -rf node_modules \
+RUN rm -rf node_modules \
     && JOBS=$(nproc) npm install sharp@latest \
     && JOBS=$(nproc) npm install --production \
-    && apk del ${devDeps} \
     && mkdir -p -m 777 "$HOME/unms/public/site-images" \
     && mkdir -p -m 777 "$HOME/unms/data/config-backups" \
     && mkdir -p -m 777 "$HOME/unms/data/unms-backups" \
     && mkdir -p -m 777 "$HOME/unms/data/import"
 
-RUN setcap cap_net_raw=pe $(which node)
-
 COPY --from=unms /usr/local/bin/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
 RUN chmod +x /usr/local/bin/docker-entrypoint.sh
 # end ubnt/unms dockerfile #
@@ -53,25 +42,22 @@ RUN mkdir -p /home/app/netflow
 
 COPY --from=unms-netflow /home/app /home/app/netflow
 
-RUN devDeps="make python g++" \
-  && apk add --no-cache ${devDeps} \
-  && cd /home/app/netflow \
-  && JOBS=$(nproc) npm install --production \
-  && apk del ${devDeps}
+RUN cd /home/app/netflow \
+  && rm -rf node_modules \
+  && JOBS=$(nproc) npm install --production
 
 # end unms-netflow dockerfile #
 
 # ubnt/nginx docker file #
 ENV NGINX_UID=1000 \
     NGINX_VERSION=nginx-1.12.2 \
-    LUAJIT_VERSION=2.1.0-beta3
+    LUAJIT_VERSION=2.1.0-beta3 \
+    LUA_NGINX_VERSION=0.10.13
 
-RUN set -x && devDeps="wget pcre-dev zlib-dev build-base libffi-dev python-dev build-base" \
-    # && apk del libressl-dev curl-dev libssh2-dev \
-    && apk add --no-cache --update ${devDeps} sudo dumb-init pcre libgcc gettext py-pip certbot \
+RUN set -x \
     && mkdir -p /tmp/src && cd /tmp/src \
     && wget -q http://nginx.org/download/${NGINX_VERSION}.tar.gz -O nginx.tar.gz \
-    && wget -q https://github.com/openresty/lua-nginx-module/archive/v0.10.11.tar.gz -O lua-nginx-module.tar.gz \
+    && wget -q https://github.com/openresty/lua-nginx-module/archive/v${LUA_NGINX_VERSION}.tar.gz -O lua-nginx-module.tar.gz \
     && wget -q https://github.com/simpl/ngx_devel_kit/archive/v0.3.0.tar.gz -O ndk.tar.gz \
     && wget -q http://luajit.org/download/LuaJIT-${LUAJIT_VERSION}.tar.gz -O luajit.tar.gz \
     && tar -zxvf lua-nginx-module.tar.gz \
@@ -85,7 +71,7 @@ RUN set -x && devDeps="wget pcre-dev zlib-dev build-base libffi-dev python-dev b
         --with-ld-opt='-Wl,-Bsymbolic-functions -fPIE -pie -Wl,-z,relro -Wl,-z,now -fPIC' \
         --with-pcre-jit \
         --with-threads \
-        --add-module=/tmp/src/lua-nginx-module-0.10.11 \
+        --add-module=/tmp/src/lua-nginx-module-${LUA_NGINX_VERSION} \
         --add-module=/tmp/src/ngx_devel_kit-0.3.0 \
         --with-http_ssl_module \
         --with-http_realip_module \
@@ -111,7 +97,6 @@ RUN set -x && devDeps="wget pcre-dev zlib-dev build-base libffi-dev python-dev b
         --http-proxy-temp-path=/tmp/proxy \
     && make -j $(nproc) \
     && make install \
-    && apk del ${devDeps} \
     && rm /usr/bin/luajit-${LUAJIT_VERSION} \
     && rm -rf /tmp/src \
     && rm -rf /var/cache/apk/* \
@@ -127,9 +112,13 @@ RUN cd /tmp \
     && mkdir -p /www/public \
     && cp -R public /www/ \
     && chmod +x /entrypoint.sh /fill-template.sh /refresh-certificate.sh
+
+# make compatible with debian
+RUN sed -i "s#/bin/sh#/bin/bash#g" /entrypoint.sh \
+  && sed -i "s#adduser -D#adduser --disabled-password --gecos \"\"#g" /entrypoint.sh
 # end ubnt/nginx docker file #
 
-ENV PATH=/home/app/unms/node_modules/.bin:$PATH \
+ENV PATH=/home/app/unms/node_modules/.bin:$PATH:/usr/lib/postgresql/9.6/bin \
   PGDATA=/config/postgres \
   POSTGRES_DB=unms \
   QUIET_MODE=0 \

README.md

@@ -2,7 +2,7 @@
 
 # Docker UNMS
 
-This is an all-in-one Alpine Linux based Docker image for running the [Ubiquiti Network Management System](https://unms.com/). This image contains all the components required to run [UNMS](https://unms.com/) in a single container and uses the [s6-overlay](https://github.com/just-containers/s6-overlay) for process management.
+This is an all-in-one Docker image for running the [Ubiquiti Network Management System](https://unms.com/). This image contains all the components required to run [UNMS](https://unms.com/) in a single container and uses the [s6-overlay](https://github.com/just-containers/s6-overlay) for process management.
 
 This image will run on most platforms that support Docker including [Docker for Mac](https://www.docker.com/docker-mac), [Docker for Windows](https://www.docker.com/docker-windows), Synology DSM and Raspberry Pi boards.
 
@@ -18,9 +18,9 @@ docker run \
   oznu/unms:latest
 ```
 
-## Raspberry Pi / ARMv6
+## Raspberry Pi / ARMv7
 
-This image will also allow you to run [UNMS](https://unms.com/) on a Raspberry Pi or other Docker-enabled ARMv6/7/8 devices by using the `armhf` tag.
+This image will also allow you to run [UNMS](https://unms.com/) on a Raspberry Pi or other Docker-enabled ARMv7/8 devices by using the `armhf` tag.
 
 ```
 docker run -d --name unms -p 80:80 -p 443:443 -p 2055:2055/udp -v </path/to/config>:/config oznu/unms:armhf

root/etc/cont-init.d/40-prepare

@@ -25,5 +25,8 @@ chown -R nobody:nobody /config/unms/logs
 [ -e /config/logs ] || mkdir -p /config/logs
 chown -R nobody:nobody /config/logs
 
+# Clean cron
+[ -f /var/run/crond.pid ] rm -rf /var/run/crond.pid
+
 # Fix hosts file
 echo "127.0.0.1 unms" >> /etc/hosts

root/etc/cont-init.d/50-postgres

@@ -1,7 +1,7 @@
 #!/usr/bin/with-contenv sh
 
 mkdir -p /config/postgres /run/postgresql
-chown postgres:postgres /config/postgres /run/postgresql
+chown -R postgres:postgres /config/postgres /run/postgresql
 chmod 0700 /config/postgres
 
 if [ -e /config/postgres/postgresql.conf ]; then

root/etc/services.d/cron/run

@@ -1,3 +1,3 @@
 #!/usr/bin/with-contenv sh
 
-exec /usr/sbin/crond -f -S -l 5 -c /etc/crontabs
+exec /usr/sbin/cron -f -l 5

root/etc/services.d/netflow/run

@@ -18,4 +18,10 @@ export NODE_ENV=production
 
 echo "Starting unms-netflow..."
 
-s6-setuidgid root node /home/app/netflow/index.js
+if [ "$QUIET_MODE" = "1" ]; then
+  echo "Starting Netflow in quiet mode..."
+  s6-setuidgid root node /home/app/netflow/index.js >> /config/unms/logs/unms.log 2>&1
+
+else
+  s6-setuidgid root node /home/app/netflow/index.js 2>&1 | tee -a /config/unms/logs/unms.log
+fi