search

retspen / webvirtcloud

WebVirtCloud is virtualization web interface for admins and users
1.63k stars 362 forks source link

Volumes in Docker #509

Open cairoapcampos opened 2 years ago

cairoapcampos commented 2 years ago

I found the link below on how to create volumes for webvirtcloud:

https://www.nodinrogers.com/post/2021-12-30-webvirtcloud-in-a-docker-container/

Is this the best way to create volumes in a production environment?

cairoapcampos commented 2 years ago

I've already made some changes locally that have comments in bold. See the docker file below.

Some doubts:

1° Is it possible to change the script webvirtcloud/conf/runit/secret_generator.py not to generate keys that have quotes?

2° Is it possible to run the container with a non-root user?

FROM phusion/baseimage:jammy-1.0.0

EXPOSE 80
EXPOSE 6080

# Use baseimage-docker's init system.
CMD ["/sbin/my_init"]

RUN echo 'APT::Get::Clean=always;' >> /etc/apt/apt.conf.d/99AutomaticClean

RUN apt-get update -qqy \
    && DEBIAN_FRONTEND=noninteractive apt-get -qyy install \
    --no-install-recommends \
    git \
    python3-venv \
    python3-dev \
    python3-lxml \
    libvirt-dev \
    zlib1g-dev \
    nginx \
    pkg-config \
    gcc \
    libldap2-dev \
    libssl-dev \
    libsasl2-dev \
    libsasl2-modules \
    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

# Modified Now

COPY . /srv/webvirtcloud
Run mkdir /srv/webvirtcloud/data && \
   mkdir /var/www/.ssh && \
    cp /srv/webvirtcloud/webvirtcloud/settings.py.template /srv/webvirtcloud/webvirtcloud/settings.py && \
    sed -i "s|db.sqlite3|data/db.sqlite3|" /srv/webvirtcloud/webvirtcloud/settings.py && \
    sed -i "s/SECRET_KEY \= \"\"/SECRET_KEY = \"$(python3 /srv/webvirtcloud/conf/runit/secret_generator.py)\"/" /srv/webvirtcloud/webvirtcloud/settings.py && \
    chown -R www-data:www-data /srv/webvirtcloud && \
   chown www-data:www-data /var/www/.ssh
# Setup webvirtcloud
WORKDIR /srv/webvirtcloud
RUN python3 -m venv venv && \
    . venv/bin/activate && \
    pip3 install -U pip && \
    pip3 install wheel && \
    pip3 install -r conf/requirements.txt && \
    chown -R www-data:www-data /srv/webvirtcloud

RUN . venv/bin/activate && \
    python3 manage.py migrate && \
    chown -R www-data:www-data /srv/webvirtcloud

# Setup Nginx
RUN printf "\n%s" "daemon off;" >> /etc/nginx/nginx.conf && \
    rm /etc/nginx/sites-enabled/default && \
    chown -R www-data:www-data /var/lib/nginx

COPY conf/nginx/webvirtcloud.conf /etc/nginx/conf.d/

# Register services to runit
RUN mkdir /etc/service/nginx && \
    mkdir /etc/service/nginx-log-forwarder && \
    mkdir /etc/service/webvirtcloud && \
    mkdir /etc/service/novnc
COPY conf/runit/nginx               /etc/service/nginx/run
COPY conf/runit/nginx-log-forwarder /etc/service/nginx-log-forwarder/run
COPY conf/runit/novncd.sh           /etc/service/novnc/run
COPY conf/runit/webvirtcloud.sh     /etc/service/webvirtcloud/run

# Define mountable directories.

VOLUME ["/srv/webvirtcloud/data","/var/www/.ssh"]
WORKDIR /srv/webvirtcloud
catborise commented 2 years ago

"1° Is it possible to change the script webvirtcloud/conf/runit/secret_generator.py not to generate keys that have quotes?"

we especially did not automate settings.py modification. some user may want to use mysql/postgresql instead of "db.sqlite3"... volumes also related with this situation.

cairoapcampos commented 1 year ago

This question can be closed.

I'll try the tip in the link to see if it's possible to use a non-root user:

https://github.com/phusion/baseimage-docker/issues/617

Thanks for changing the script webvirtcloud/conf/runit/secret_generator.py.