Bugzilla4Intranet docker image

2016-12-29 19:01:21 +03:00 · 2016-12-29 19:01:21 +03:00 · 072a6b9ca3
commit 072a6b9ca3
12 changed files with 436 additions and 0 deletions
--- a/68
+++ b/68
@ -0,0 +1,68 @@
+FROM debian:stretch
+
+MAINTAINER Vitaliy Filippov
+
+ADD etc/apt/apt.conf /etc/apt/apt.conf
+ADD etc/locale.gen /etc/locale.gen
+
+RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confdef" \
+    -o Dpkg::Options::="--force-confold" install -y wget git zip unzip poppler-utils \
+    graphviz patchutils sphinxsearch mc nginx perl mariadb-server libreoffice libdbi-perl libdatetime-perl libemail-address-perl \
+    libtemplate-perl libjson-perl libemail-mime-perl libtest-taint-perl \
+    libxml-twig-perl libtext-tabulardisplay-perl libemail-sender-perl \
+    liblingua-translit-perl libarchive-zip-perl libdbd-mysql-perl libimage-magick-perl \
+    libgd-perl libtemplate-plugin-gd-perl libgd-graph-perl libgd-graph3d-perl \
+    libmail-rfc822-address-perl libemail-reply-perl \
+    libdevel-stacktrace-perl libemail-mime-attachment-stripper-perl \
+    libsoap-lite-perl libxmlrpc-lite-perl libjson-rpc-perl libjson-xs-perl libtext-csv-perl libhtml-strip-perl \
+    libtext-csv-xs-perl libspreadsheet-parseexcel-perl libspreadsheet-xlsx-perl \
+    liblingua-stem-snowball-perl libtheschwartz-perl \
+    libdaemon-generic-perl libhttp-server-simple-perl libnet-server-perl
+
+ADD etc /etc
+ADD home /home
+ADD usr /usr
+
+RUN service mysql start && echo "CREATE DATABASE bugzilla; \
+    GRANT ALL PRIVILEGES ON bugzilla.* TO bugzilla@localhost IDENTIFIED BY 'bugzilla'; \
+    FLUSH PRIVILEGES;" | mysql --defaults-file=/etc/mysql/debian.cnf
+
+RUN cpan CGI Math::Random::Secure Sys::Sendfile Date::Parse Text::Wrap MIME::Parser
+
+RUN mv /var/lib/mysql /home/data/mysql && \
+    mv /var/lib/sphinxsearch /home/data/sphinxsearch && \
+    ln -s /home/data/mysql /var/lib/mysql && \
+    ln -s /home/data/sphinxsearch /var/lib/sphinxsearch && \
+    mkdir /home/data/logs && \
+    mv /var/log/nginx /home/data/logs && \
+    ln -s /home/data/logs/nginx /var/log/nginx && \
+    mv /var/log/mysql /home/data/logs && \
+    ln -s /home/data/logs/mysql /var/log/mysql && \
+    mv /var/log/sphinxsearch /home/data/logs && \
+    ln -s /home/data/logs/sphinxsearch /var/log/sphinxsearch && \
+    cd /home && \
+    git clone -b beta https://github.com/vitalif/bugzilla-4intranet bugzilla && \
+    cd /home/bugzilla && \
+    mv data /home/data/bugzilla && \
+    chown www-data:www-data /home/data/bugzilla && \
+    ln -s /home/data/bugzilla data
+
+ADD localconfig /home/bugzilla/localconfig
+
+# Update image incrementally
+
+# ADD bugzilla4intranet-version /etc/mediawiki4intranet-version
+
+RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get -o Dpkg::Options::="--force-confdef" \
+    -o Dpkg::Options::="--force-confold" dist-upgrade -y \
+    && apt-get clean && rm -rf /var/lib/apt/lists/*
+
+RUN service sphinxsearch start && \
+    service mysql start && \
+    cd /home/bugzilla && \
+    git pull && \
+    ./checksetup.sh
+
+CMD /home/start.sh
+
+EXPOSE 80
--- a/etc/apt/apt.conf
+++ b/etc/apt/apt.conf
@ -0,0 +1,4 @@
+APT::Install-Suggests false;
+APT::Install-Recommends false;
+Acquire::Retries 5;
+Binary::apt::APT::Keep-Downloaded-Packages "false";
--- a/etc/bugzilla-http.conf
+++ b/etc/bugzilla-http.conf
@ -0,0 +1,16 @@
+class               Net::Server::PreFork
+port                0.0.0.0:8157
+min_servers         4
+max_servers         20
+min_spare_servers   4
+max_spare_servers   8
+max_requests        1000
+user                www-data
+group               www-data
+log_file            /home/data/logs/bugzilla.log
+log_level           2
+pid_file            /var/run/bugzilla.pid
+background          1
+deny_regexp         ^(localconfig|data/(?!webdot/)|.*\.(pm|pl|sh)($|\?)|(/|^)(CVS|\.(ht|svn|hg|bzr|git)).*)
+preload             *.cgi
+reload              1
--- a/etc/default/sphinxsearch
+++ b/etc/default/sphinxsearch
@ -0,0 +1 @@
+START=yes
--- a/etc/init.d/bugzilla
+++ b/etc/init.d/bugzilla
@ -0,0 +1,50 @@
+#!/bin/sh
+### BEGIN INIT INFO
+# Provides:          bugzilla
+# Required-Start:    $local_fs $remote_fs $network $syslog
+# Required-Stop:     $local_fs $remote_fs $network $syslog
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Start/stop standalone Bugzilla server.
+### END INIT INFO
+
+PATH=/sbin:/bin:/usr/sbin:/usr/bin
+PIDFILE=/var/run/bugzilla.pid
+DIR=/home/bugzilla
+CONFIG=/etc/bugzilla-http.conf
+NAME=bugzilla
+
+. /lib/lsb/init-functions
+
+export LANG=en_US.UTF-8
+export LC_ALL=en_US.UTF-8
+
+case "$1" in
+	start)
+		log_daemon_msg "Starting Bugzilla server" $NAME
+		perl -T $DIR/HTTPServerSimple.pl $CONFIG --background
+		log_end_msg $?
+		;;
+	stop)
+		log_daemon_msg "Stopping Bugzilla server" $NAME
+		if [ -e $PIDFILE ]; then
+			kill `cat $PIDFILE` 2>/dev/null >/dev/null && rm $PIDFILE
+			log_end_msg $?
+		else
+			echo -n ...not running
+			log_end_msg 0
+		fi
+		;;
+	restart|force-reload)
+		log_daemon_msg "Restarting Bugzilla server" $NAME
+		[ -e $PIDFILE ] && kill `cat $PIDFILE` 2>/dev/null >/dev/null && sleep 1 && rm $PIDFILE
+		perl -T $DIR/HTTPServerSimple.pl $CONFIG --background
+		log_end_msg $?
+		;;
+	*)
+		echo "Usage: $0 {start|stop|restart|force-reload}"
+		exit 1
+		;;
+esac
+
+exit 0
--- a/etc/locale.gen
+++ b/etc/locale.gen
@ -0,0 +1,2 @@
+en_US.UTF-8 UTF-8
+ru_RU.UTF-8 UTF-8
--- a/etc/nginx/nginx.conf
+++ b/etc/nginx/nginx.conf
@ -0,0 +1,37 @@
+user www-data;
+worker_processes 4;
+pid /run/nginx.pid;
+
+events {
+	worker_connections 768;
+}
+
+http {
+
+	sendfile on;
+	tcp_nopush on;
+	tcp_nodelay on;
+	keepalive_timeout 65;
+	types_hash_max_size 2048;
+	client_max_body_size 512M;
+	fastcgi_read_timeout 600;
+	# server_tokens off;
+
+	# server_names_hash_bucket_size 64;
+	# server_name_in_redirect off;
+
+	include /etc/nginx/mime.types;
+	default_type application/octet-stream;
+
+	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
+	ssl_prefer_server_ciphers on;
+
+	access_log /home/wiki4intranet/data/logs/nginx/access.log;
+	error_log /home/wiki4intranet/data/logs/nginx/error.log;
+
+	gzip on;
+	gzip_disable "msie6";
+
+	include /etc/nginx/conf.d/*.conf;
+	include /etc/nginx/sites-enabled/*;
+}
--- a/etc/nginx/sites-available/wiki4intranet
+++ b/etc/nginx/sites-available/wiki4intranet
@ -0,0 +1,36 @@
+server {
+    listen 80 default;
+    server_name wiki4intranet.local;
+
+    root /home/wiki4intranet/www;
+
+    location ~ /\.svn\/|\.bzr\/|\.hg\/|\.git\// {
+        deny all;
+    }
+
+    # pass to php7.0-fpm
+    location / {
+        index index.php;
+        try_files $uri @index;
+    }
+    location ~ \.php$ {
+        fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_param PATH_INFO $fastcgi_path_info;
+        include fastcgi_params;
+    }
+    location @index {
+        fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
+        fastcgi_param SCRIPT_FILENAME $document_root/index.php;
+        fastcgi_param PATH_INFO $fastcgi_path_info;
+        include fastcgi_params;
+    }
+
+    location /images {
+        allow all;
+    }
+
+    location ~* ^/.*/.*\.(jpg|jpeg|gif|png|html|htm|ico)$ {
+        allow all;
+    }
+}
--- a/etc/nginx/sites-enabled/wiki4intranet
+++ b/etc/nginx/sites-enabled/wiki4intranet
@ -0,0 +1 @@
+../sites-available/wiki4intranet
--- a/etc/perl/CPAN/Config.pm
+++ b/etc/perl/CPAN/Config.pm
@ -0,0 +1,69 @@
+# This is CPAN.pm's systemwide configuration file. This file provides
+# defaults for users, and the values can be changed in a per-user
+# configuration file. The user-config file is being looked for as
+# ~/.cpan/CPAN/MyConfig.pm.
+
+$CPAN::Config = {
+  'applypatch' => q[],
+  'auto_commit' => q[0],
+  'build_cache' => q[100],
+  'build_dir' => q[/root/.cpan/build],
+  'build_dir_reuse' => q[1],
+  'build_requires_install_policy' => q[follow/yes],
+  'bzip2' => q[/bin/bzip2],
+  'cache_metadata' => q[1],
+  'check_sigs' => q[0],
+  'commandnumber_in_prompt' => q[1],
+  'cpan_home' => q[/root/.cpan],
+  'curl' => q[/usr/bin/curl],
+  'ftp' => q[/usr/bin/ftp],
+  'ftp_passive' => q[1],
+  'ftp_proxy' => q[],
+  'getcwd' => q[cwd],
+  'gpg' => q[/usr/bin/gpg],
+  'gzip' => q[/bin/gzip],
+  'histfile' => q[/root/.cpan/histfile],
+  'histsize' => q[100],
+  'http_proxy' => q[],
+  'inactivity_timeout' => q[0],
+  'index_expire' => q[1],
+  'inhibit_startup_message' => q[0],
+  'keep_source_where' => q[/root/.cpan/sources],
+  'load_module_verbosity' => q[v],
+  'lynx' => q[/usr/bin/lynx],
+  'make' => q[/usr/bin/make],
+  'make_arg' => q[],
+  'make_install_arg' => q[],
+  'make_install_make_command' => q[/usr/bin/make],
+  'makepl_arg' => q[INSTALLDIRS=site],
+  'mbuild_arg' => q[],
+  'mbuild_install_arg' => q[],
+  'mbuild_install_build_command' => q[./Build],
+  'mbuildpl_arg' => q[],
+  'ncftpget' => q[/usr/bin/ncftpget],
+  'no_proxy' => q[],
+  'pager' => q[/usr/bin/less],
+  'patch' => q[/usr/bin/patch],
+  'prefer_installer' => q[MB],
+  'prefs_dir' => q[/root/.cpan/prefs],
+  'prerequisites_policy' => q[follow],
+  'proxy_user' => q[],
+  'scan_cache' => q[atstart],
+  'shell' => q[/bin/bash],
+  'show_unparsable_versions' => q[0],
+  'show_upload_date' => q[0],
+  'show_zero_versions' => q[0],
+  'tar' => q[/bin/tar],
+  'tar_verbosity' => q[v],
+  'term_is_latin' => q[1],
+  'term_ornaments' => q[1],
+  'test_report' => q[0],
+  'unzip' => q[/usr/bin/unzip],
+  'urllist' => [q[http://cpan-mirror.rbc.ru/pub/CPAN/], q[ftp://cpan.rinet.ru/pub/mirror/CPAN/], q[ftp://mirror.yandex.ru/mirrors/cpan/]],
+  'use_sqlite' => q[1],
+  'wget' => q[/usr/bin/wget],
+  'yaml_load_code' => q[0],
+  'yaml_module' => q[YAML],
+};
+1;
+__END__
--- a/etc/sphinxsearch/sphinx.conf
+++ b/etc/sphinxsearch/sphinx.conf
@ -0,0 +1,36 @@
+# bugzilla
+
+index bugzilla
+{
+    type          = rt
+    path          = /var/lib/sphinxsearch/data/bugzilla
+    rt_field      = short_desc
+    rt_field      = comments
+    rt_field      = comments_private
+    docinfo       = extern
+    charset_table = 0..9, A..Z->a..z, a..z, U+410..U+42F->U+430..U+44F, U+430..U+44F
+    blend_chars   = _, -, &, +, @, $
+    morphology    = stem_enru
+    min_word_len  = 2
+}
+
+### General configuration ###
+
+indexer
+{
+    mem_limit = 128M
+}
+
+searchd
+{
+    listen       = 127.0.0.1:3112
+    log          = /var/log/sphinxsearch/sphinx.log
+    binlog_path  = /var/lib/sphinxsearch/data
+    query_log    = /var/log/sphinxsearch/query.log
+    read_timeout = 5
+    max_children = 30
+    pid_file     = /var/run/sphinxsearch/searchd.pid
+    listen       = /var/run/sphinxsearch/searchd.sock:mysql41
+    workers      = threads
+    rt_flush_period = 3600
+}
--- a/116
+++ b/116
@ -0,0 +1,116 @@
+
+# If you are using Apache as your web server, Bugzilla can create .htaccess
+# files for you that will instruct Apache not to serve files that shouldn't
+# be accessed from the web browser (like your local configuration data and non-cgi
+# executable files).  For this to work, the directory your Bugzilla
+# installation is in must be within the jurisdiction of a <Directory> block
+# in the httpd.conf file that has 'AllowOverride Limit' in it.  If it has
+# 'AllowOverride All' or other options with Limit, that's fine.
+# (Older Apache installations may use an access.conf file to store these
+# <Directory> blocks.)
+# If this is set to 1, Bugzilla will create these files if they don't exist.
+# If this is set to 0, Bugzilla will not create these files.
+$create_htaccess = 1;
+
+# Usually, this is the group your web server runs as.
+# If you have a Windows box, ignore this setting.
+# If you have use_suexec switched on below, this is the group Apache switches
+# to in order to run Bugzilla scripts.
+# If you do not have access to the group your scripts will run under,
+# set this to "". If you do set this to "", then your Bugzilla installation
+# will be _VERY_ insecure, because some files will be world readable/writable,
+# and so anyone who can get local access to your machine can do whatever they
+# want. You should only have this set to "" if this is a testing installation
+# and you cannot set this up any other way. YOU HAVE BEEN WARNED!
+# If you set this to anything other than "", you will need to run checksetup.pl
+# asroot, or as a user who is a member of the specified group.
+$webservergroup = 'www-data';
+
+# Set this if Bugzilla runs in an Apache SuexecUserGroup environment.
+# (If your web server runs control panel software (cPanel, Plesk or similar),
+# or if your Bugzilla is to run in a shared hosting environment, then you are
+# almost certainly in an Apache SuexecUserGroup environment.)
+# If you have a Windows box, ignore this setting.
+# If set to 0, Bugzilla will set file permissions as tightly as possible.
+# If set to 1, Bugzilla will set file permissions so that it may work in an
+# SuexecUserGroup environment. The difference is that static files (CSS,
+# JavaScript and so on) will receive world read permissions.
+$use_suexec = 0;
+
+# What SQL database to use. Default is mysql. List of supported databases
+# can be obtained by listing Bugzilla/DB directory - every module corresponds
+# to one supported database and the name corresponds to a driver name.
+$db_driver = 'mysql';
+
+# The DNS name of the host that the database server runs on.
+$db_host = 'localhost';
+
+# The name of the database
+$db_name = 'bugzilla';
+
+# Who we connect to the database as.
+$db_user = 'bugzilla';
+
+# Enter your database password here. It's normally advisable to specify
+# a password for your bugzilla database user.
+# If you use apostrophe (') or a backslash (\) in your password, you'll
+# need to escape it by preceding it with a '\' character. (\') or (\)
+# (Far simpler just not to use those characters.)
+$db_pass = 'bugzilla';
+
+# Sometimes the database server is running on a non-standard port. If that's
+# the case for your database server, set this to the port number that your
+# database server is running on. Setting this to 0 means "use the default
+# port for my database server."
+$db_port = 0;
+
+# MySQL Only: Enter a path to the unix socket for MySQL. If this is
+# blank, then MySQL's compiled-in default will be used. You probably
+# want that.
+$db_sock = '/var/run/mysqld/mysqld.sock';
+
+# The name of Sphinx Search index to use for fulltext search
+# '' means don't use Sphinx, but use MySQL fulltext search instead
+# Sphinx is MUCH MUCH faster, but requires separate configuration (see data/sphinx.conf)
+$sphinx_index = 'bugzilla';
+
+# The DNS name of the host that the Sphinx server runs on.
+$sphinx_host = '127.0.0.1';
+
+# Sphinx port (listening MySQL protocol)
+$sphinx_port = 0;
+
+# Sphinx UNIX socket (listening MySQL protocol)
+$sphinx_sock = '/var/run/sphinxsearch/searchd.sock';
+
+# To use MySQL Sphinx Storage Engine (bundled with MariaDB), specify
+# a non-zero port on which Sphinx is listening for non-SphinxQL requests
+$sphinxse_port = 3112;
+
+# Should checksetup.pl try to verify that your database setup is correct?
+# (with some combinations of database servers/Perl modules/moonphase this
+# doesn't work)
+$db_check = 1;
+
+# For some optional functions of Bugzilla (such as the pretty-print patch
+# viewer), we need the cvs binary to access files and revisions.
+# Because it's possible that this program is not in your path, you can specify
+# its location here.  Please specify the full path to the executable.
+$cvsbin = '/usr/bin/cvs';
+
+# For some optional functions of Bugzilla (such as the pretty-print patch
+# viewer), we need the interdiff binary to make diffs between two patches.
+# Because it's possible that this program is not in your path, you can specify
+# its location here.  Please specify the full path to the executable.
+$interdiffbin = '/usr/bin/interdiff';
+
+# The interdiff feature needs diff, so we have to have that path.
+# Please specify the directory name only; do not use trailing slash.
+$diffpath = '/usr/bin';
+
+# This secret key is used by your installation for the creation and
+# validation of encrypted tokens to prevent unsolicited changes,
+# such as bug changes. A random string is generated by default.
+# It's very important that this key is kept secret. It also must be
+# very long.
+$site_wide_secret = '';