Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Fixes #55] Add rootless support for geonode-docker #56

Open
wants to merge 12 commits into
base: master
Choose a base branch
from
Open

[Fixes #55] Add rootless support for geonode-docker #56

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
c3c5fec
Reorganization of geoserver's Dockerfile and scripts (manage home dir…
cmotadev Feb 23, 2025
e98369f
Adjustements on docker-compose files
cmotadev Feb 23, 2025
66c9ff7
Add missing build context to geoserver and data dir
cmotadev Feb 23, 2025
3ab80db
first reorganization of geoserver_data image, to attend better practi…
cmotadev Feb 23, 2025
624dd9e
first reorganization of nginx image, to attend better practices with …
cmotadev Feb 24, 2025
bc8d522
Add suport for long names (ex: kubernetes ingress)
cmotadev Feb 24, 2025
e63c083
fixed userID detection (openshift injects a random user on container'…
cmotadev Feb 24, 2025
56b539e
Changed default port on nginx: rootless nginx dont bind on 80 and 443…
cmotadev Feb 24, 2025
0dbccc8
fixed syntax of mkdir, to run on sh
cmotadev Feb 24, 2025
3e05672
Change default ports of https conf
cmotadev Feb 25, 2025
a8ac75a
first atempt to clean letsencrypt image
cmotadev Feb 25, 2025
79acd10
Fixed userID detection, like geoserver entrypoint
cmotadev Feb 25, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
92 changes: 57 additions & 35 deletions docker/geoserver/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,33 +1,55 @@
ARG IMAGE_VERSION=9.0.90-jdk11-temurin-focal
ARG JAVA_HOME=/usr/local/openjdk-11

FROM tomcat:$IMAGE_VERSION
LABEL GeoNode Development Team

ARG GEOSERVER_VERSION=2.24.x
ARG GEOSERVER_CORS_ENABLED=False
ARG GEOSERVER_CORS_ALLOWED_ORIGINS=*
ARG GEOSERVER_CORS_ALLOWED_METHODS=GET,POST,PUT,DELETE,HEAD,OPTIONS
ARG GEOSERVER_CORS_ALLOWED_HEADERS=*
ARG GEONODE_LOG_DIR=/var/log/geonode

# Some label best practices
# https://www.docker.com/blog/docker-best-practices-using-tags-and-labels-to-manage-docker-image-sprawl/
LABEL org.opencontainers.image.title="GeoNode's Geoserver image" \
org.opencontainers.image.version=${GEOSERVER_VERSION} \
org.opencontainers.image.vendor="GeoNode Development Team"

#
# Set GeoServer version and data directory
#
ENV GEOSERVER_VERSION=${GEOSERVER_VERSION}
ENV GEOSERVER_DATA_DIR="/geoserver_data/data"
ENV GEOSERVER_CORS_ENABLED=$GEOSERVER_CORS_ENABLED
ENV GEOSERVER_CORS_ALLOWED_ORIGINS=$GEOSERVER_CORS_ALLOWED_ORIGINS
ENV GEOSERVER_CORS_ALLOWED_METHODS=$GEOSERVER_CORS_ALLOWED_METHODS
ENV GEOSERVER_CORS_ALLOWED_HEADERS=$GEOSERVER_CORS_ALLOWED_HEADERS
ENV GEOSERVER_VERSION=${GEOSERVER_VERSION} \
GEOSERVER_DATA_DIR="/geoserver_data/data" \
GEONODE_LOG_DIR=${GEONODE_LOG_DIR} \
GEOSERVER_CORS_ENABLED=false \
GEOSERVER_CORS_ALLOWED_ORIGINS="*" \
GEOSERVER_CORS_ALLOWED_METHODS="GET,POST,PUT,DELETE,HEAD,OPTIONS" \
GEOSERVER_CORS_ALLOWED_HEADERS="*" \
FORCE_REINIT=false \
INVOKE_LOG_STDOUT=true \
CATALINA_OPTS="-Djava.awt.headless=true -Dgwc.context.suffix=gwc -XX:+UnlockDiagnosticVMOptions -XX:+LogVMOutput -XX:LogFile=${GEONODE_LOG_DIR}/jvm.log -XX:MaxPermSize=512m -XX:PermSize=256m -Xms512m -Xmx2048m -XX:+UseConcMarkSweepGC -XX:ParallelGCThreads=4 -Dfile.encoding=UTF8 -Djavax.servlet.request.encoding=UTF-8 -Djavax.servlet.response.encoding=UTF-8 -Duser.timezone=GMT -Dorg.geotools.shapefile.datetime=false -DGS-SHAPEFILE-CHARSET=UTF-8 -DGEOSERVER_CSRF_DISABLED=true -DPRINT_BASE_URL=http://geoserver:8080/geoserver/pdf -Xbootclasspath/a:/usr/local/tomcat/webapps/geoserver/WEB-INF/lib/marlin-0.9.3.jar -Dsun.java2d.renderer=org.marlin.pisces.MarlinRenderingEngine"

#
# Install required packages (no need to use curl and wget)
#
RUN apt-get update -y && \
apt-get install -y --no-install-recommends --no-install-suggests \
curl \
# wget \
unzip \
procps \
less \
python3-minimal \
python3-pip && \
apt-get autoremove && \
rm -rf /var/lib/apt/lists/* && \
pip install --no-cache-dir j2cli invoke==2.2.0 requests==2.31.0

#
# Download and install GeoServer
#
RUN apt-get update -y && apt-get install curl wget unzip -y
RUN cd /usr/local/tomcat/webapps \
&& wget --no-check-certificate --progress=bar:force:noscroll https://artifacts.geonode.org/geoserver/${GEOSERVER_VERSION}/geoserver.war -O geoserver.war \
&& unzip -q geoserver.war -d geoserver \
&& rm geoserver.war \
&& mkdir -p $GEOSERVER_DATA_DIR
WORKDIR /usr/local/tomcat/webapps

VOLUME $GEOSERVER_DATA_DIR
RUN curl --fail --silent --show-error --location --output geoserver.war \
https://artifacts.geonode.org/geoserver/${GEOSERVER_VERSION}/geoserver.war && \
unzip -q geoserver.war -d geoserver && \
rm geoserver.war

# no longer used since 2.24.2
#ENV GEOSERVER_LIB_DIR="/usr/local/tomcat/webapps/geoserver/WEB-INF/lib"
Expand All @@ -37,28 +59,28 @@ VOLUME $GEOSERVER_DATA_DIR
# mv hibernate-spatial-postgis-1.1.3.2.jar $GEOSERVER_LIB_DIR && \
# mv postgis-jdbc-1.3.3.jar $GEOSERVER_LIB_DIR


# copy the script and perform the run of scripts from entrypoint.sh
RUN mkdir -p /usr/local/tomcat/tmp
WORKDIR /usr/local/tomcat/tmp
COPY set_geoserver_auth.sh \
entrypoint.sh \
tasks.py \
multidump.sh \
multidump-alt.sh \

COPY set_geoserver_auth.sh entrypoint.sh tasks.py multidump.sh multidump-alt.sh \
/usr/local/tomcat/tmp/

COPY ./templates /templates

RUN chmod +x \
/usr/local/tomcat/tmp/set_geoserver_auth.sh \
/usr/local/tomcat/tmp/entrypoint.sh

RUN apt-get install -y procps less && \
apt-get install -y python3 python3-pip python3-dev
# create the data and logs directory and set permissions
RUN mkdir -p ${GEOSERVER_DATA_DIR} ${GEONODE_LOG_DIR} ${CATALINA_HOME}/conf/Catalina/localhost && \
chmod +x set_geoserver_auth.sh entrypoint.sh && \
cp ${CATALINA_HOME}/conf/catalina.properties ${CATALINA_HOME}/conf/catalina.properties.orig && \
cp ${CATALINA_HOME}/webapps/geoserver/WEB-INF/web.xml ${CATALINA_HOME}/webapps/geoserver/WEB-INF/web.xml.orig && \
chmod -R g=u \
${GEOSERVER_DATA_DIR} \
${GEONODE_LOG_DIR} \
${CATALINA_HOME}/conf/Catalina/localhost \
${CATALINA_HOME}/conf/catalina.properties \
${CATALINA_HOME}/webapps/geoserver/WEB-INF/web.xml

RUN pip install j2cli invoke==2.2.0 requests==2.31.0
VOLUME ${GEOSERVER_DATA_DIR}

ENV JAVA_OPTS="-Djava.awt.headless=true -Dgwc.context.suffix=gwc -XX:+UnlockDiagnosticVMOptions -XX:+LogVMOutput -XX:LogFile=/var/log/jvm.log -XX:MaxPermSize=512m -XX:PermSize=256m -Xms512m -Xmx2048m -XX:+UseConcMarkSweepGC -XX:ParallelGCThreads=4 -Dfile.encoding=UTF8 -Djavax.servlet.request.encoding=UTF-8 -Djavax.servlet.response.encoding=UTF-8 -Duser.timezone=GMT -Dorg.geotools.shapefile.datetime=false -DGS-SHAPEFILE-CHARSET=UTF-8 -DGEOSERVER_CSRF_DISABLED=true -DPRINT_BASE_URL=http://geoserver:8080/geoserver/pdf -Xbootclasspath/a:/usr/local/tomcat/webapps/geoserver/WEB-INF/lib/marlin-0.9.3.jar -Dsun.java2d.renderer=org.marlin.pisces.MarlinRenderingEngine"
ENTRYPOINT [ "/usr/local/tomcat/tmp/entrypoint.sh" ]

CMD ["/usr/local/tomcat/tmp/entrypoint.sh"]
CMD [ "catalina.sh", "run"]
10 changes: 10 additions & 0 deletions docker/geoserver/docker-compose-dev.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
version: '3.9'

services:
geoserver:
image: geonode/geoserver:dev
data-dir-conf:
image: geonode/geoserver_data:dev
postgis:
ports:
- "5432:5432"
43 changes: 27 additions & 16 deletions docker/geoserver/docker-compose.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,12 @@
version: '3.9'

services:

postgis:
image: geonode/postgis:13
ports:
- "25432:5432"
image: geonode/postgis:15.3-latest
environment:
POSTGRES_PASSWORD: postgres
volumes:
- /srv/docker/geoserver/postgis:/var/lib/postgresql
#volumes_from:
#- pgstore
- pgdata:/var/lib/postgresql/data
healthcheck:
test: "pg_isready -d postgres -U postgres"
restart: on-failure
Expand All @@ -18,36 +15,50 @@ services:
image: geonode/geoserver:2.24.x
build:
context: .
args:
GEOSERVER_VERSION: 2.24.x
links:
- postgis
ports:
- "8080:8080"
volumes:
- /geoserver_data/data
- data:/geoserver_data/data
environment:
- NGINX_BASE_URL=http://localhost
NGINX_BASE_URL: http://localhost
# GEOSERVER_CORS_ENABLED: true
# GEOSERVER_CORS_ALLOWED_ORIGINS: localhost
# GEOSERVER_CORS_ALLOWED_METHODS: GET,POST,PUT,DELETE,HEAD,OPTIONS
# GEOSERVER_CORS_ALLOWED_HEADERS: "*"
# INVOKE_LOG_STDOUT: false
# FORCE_REINIT: true
depends_on:
postgis:
condition: service_completed_successfully
condition: service_healthy
data-dir-conf:
condition: service_healthy
user: '1000'
healthcheck:
test: curl --fail -s http://localhost:8080/geoserver/rest/workspaces/geonode.html || exit 1
interval: 1m30s
# geoserver can't test with rest, because it needs authorization.
test: curl --fail -s http://localhost:8080/geoserver/index.html || exit 1
interval: 30s
timeout: 10s
retries: 3
restart: on-failure

data-dir-conf:
image: geonode/geoserver_data:2.24.x
container_name: geoserver_data_dir # named data container
entrypoint: sleep infinity
build:
context: ../geoserver_data
args:
GEOSERVER_VERSION: 2.24.x
command: ["sleep", "infinity"]
volumes:
- /geoserver_data/data
- data:/geoserver_data/data
healthcheck:
test: "ls -A '/geoserver_data/data' | wc -l"
restart: on-failure

volumes:
# reference to the named data container that holds the preloaded geoserver data directory
geoserver_data_dir:
data:
pgdata:
Loading