docker/Dockerfile at main · ofiscal/docker · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
FROM debian:latest

RUN echo "2023 07 26"
RUN apt update --fix-missing -y && \
    apt upgrade -y

# PITFALL: These are massive. Don't reorder them
# or join them into one RUN command.
RUN apt install -y texlive
RUN apt install -y texlive-latex-extra

RUN apt install -y wget bzip2 ca-certificates \
      libglib2.0-0 libxext6 libsm6 libxrender1

RUN apt install -y \
      make curl grep sed dpkg git mercurial subversion

RUN apt install -y \
      build-essential graphviz cron jq
RUN apt install -y \
      libapache2-mod-wsgi-py3 ufw apache2
RUN apt install -y \
      ghc ghc-doc cabal
RUN apt install -y \
      python3-pip
RUN apt install -y \
      zip unzip

ADD makefile2graph.zip make.py.zip /home/

# makefile2graph is useful for drawing the dependency hierarchy
RUN cd /home &&              \
    unzip makefile2graph &&  \
    rm makefile2graph.zip && \
    cd makefile2graph &&     \
    make && make install

# make.py is a build tool that's better and easier than make
RUN cd /home && unzip make.py && rm make.py.zip && \
    ln -s /home/make.py/make.py /usr/bin/make.py

# PITFALL: Earlier this was installed via easy_install,
# which at least used to be included in the Python `setuptools` pakage.
# If it doesn't work, try installing it that way instead.
RUN apt install xlsx2csv csvtool

RUN echo "coconut \$1 \$1.py -l -t 3.7 --mypy" > /usr/bin/myCoconut && \
    chmod +x                                     /usr/bin/myCoconut

COPY requirements.txt /root/
RUN pip3 install -r /root/requirements.txt \
  --break-system-packages # safe since it's in a Docker container


#### #### #### #### #### #### #### #### #### #### #### ####
#### ####      No more installs, just config      #### ####
#### #### #### #### #### #### #### #### #### #### #### ####

# Somehow these "pam permissions" break crond in a Docker container, per
#   https://stackoverflow.com/a/21928878/916142
# Creating an empty cron.deny file overcomes that, bluntly,
# by permitting every user to use cron.
RUN sed -i '/session    required     pam_loginuid.so/c\#session    required     pam_loginuid.so' /etc/pam.d/cron && \
  touch /etc/cron.deny

COPY run-jupyter.sh /root/
COPY python-from-here /usr/bin
RUN chmod +777 /usr/bin/python-from-here

# So that the container runs without root privileges on the host.
# PITFALL: While the names "jeff" and "users" aren't important,
# the IDs are. This is designed to match my system,
# where "jeff" = 1000 and "users" = 100.
RUN groupmod -g 100 users            && \
    useradd -r -u 1000 -g users jeff && \
    mkdir /home/jeff                 && \
    chmod +777 /home/jeff            && \
    chown jeff /home/jeff

RUN cd /etc/apache2/                                && \
  adduser www-data www-data                         && \
  chown -R www-data:www-data /var/www               && \
  chmod -R g+rw /var/www                            && \
  find / -iname "*apache*" -exec chmod 777 -R {} \; && \
  sed -i "s/Listen 80/Listen 8000/g" /etc/apache2/ports.conf
# PITFALL: www-data is the name of a new group and a new user,
# both created by the adduser command.

# This prevents a weird error that recently (2021 June) started happening
# when pasting multiple lines of text into a shell.
# PITFALL: This needs to be in the home folder of both users.
# `root` (done here) and `jeff` (done below).
RUN echo "set enable-bracketed-paste off" >> /root/.inputrc
RUN echo "set enable-bracketed-paste off" >> /home/jeff/.inputrc

ENV LANG=C.UTF-8 LC_ALL=C.UTF-8
ENV TZ="America/Bogota"
USER jeff

RUN PATH=/root/.local/bin:$PATH
EXPOSE 8888
CMD ["/bin/bash"]