yacy_search_server/docker/Dockerfile.alpine

# Build a docker image from latest YaCy sources on Alpine Linux

# Base image : latest stable official jdk 8 image from Docker based on Alpine Linux
FROM openjdk:8-alpine

# trace java version
RUN java -version

# Install needed packages not in base image
# (curl for sh scripts in /bin, and wkhtmltopdf,imagemagick,xvfb and ghostscript to enable PDF and image snapshot generation)
RUN apk add --no-cache curl imagemagick xvfb ghostscript && \
	apk add wkhtmltopdf --no-cache --repository https://uk.alpinelinux.org/alpine/edge/community/

# set current working dir
WORKDIR /tmp

# --- Begin of apache ant install : from binary distribution because ant is not in alpine packages

# set ant version once in a environment variable
ENV ANT_VERSION 1.10.5

# All in one step to reduce image size growth :
# - add gnupg package
# - get ant binary file from a mirror and PGP file signature from main repository
# - import gpg keys from main repository and verify binary file signature
# - extract binary, make /opt directory, move extracted ant to /opt/ant
# - remove archive and gnupg package
RUN apk update && \
	apk add --no-cache gnupg && \
	curl -fSL https://archive.apache.org/dist/ant/binaries/apache-ant-${ANT_VERSION}-bin.tar.gz -o apache-ant-${ANT_VERSION}-bin.tar.gz && \
	curl -fSL https://archive.apache.org/dist/ant/binaries/apache-ant-${ANT_VERSION}-bin.tar.gz.asc -o apache-ant-${ANT_VERSION}-bin.tar.gz.asc && \
	curl -fSL https://www.apache.org/dist/ant/KEYS | gpg --import && \
	gpg --verify apache-ant-${ANT_VERSION}-bin.tar.gz.asc && \
	tar xzf apache-ant-${ANT_VERSION}-bin.tar.gz && \
	mkdir /opt && \
	mv apache-ant-${ANT_VERSION} /opt/ant && \
	rm -f apache-ant-${ANT_VERSION}-bin.tar.gz && \
	apk del gnupg

# set ant required environment variables
ENV ANT_HOME /opt/ant
ENV PATH ${PATH}:/opt/ant/bin

# --- End of apache ant install

# set current working dir
WORKDIR /opt

# All in one step to reduce image size growth :
# - add git package
# - clone main YaCy git repository (we need to clone git repository to generate correct version when building from source)
# - compile with apache ant
# - remove unnecessary and size consuming .git directory
# - delete git package and ant binary install

# Possible alternative : copy directly your current sources an remove git clone command from the following RUN
# COPY . /opt/yacy_search_server/

RUN apk add --no-cache git && \
	git clone https://github.com/yacy/yacy_search_server.git && \
	ant compile -f /opt/yacy_search_server/build.xml && \
	rm -rf /opt/yacy_search_server/.git && \
	rm -rf /opt/ant && \
	apk del git

RUN \
# Set initial admin password : "docker" (encoded with custom yacy md5 function net.yacy.cora.order.Digest.encodeMD5Hex())
	sed -i "/adminAccountBase64MD5=/c\adminAccountBase64MD5=MD5:e672161ffdce91be4678605f4f4e6786" /opt/yacy_search_server/defaults/yacy.init && \
# Intially enable HTTPS : this is the most secure option for remote administrator authentication
	sed -i "/server.https=false/c\server.https=true" /opt/yacy_search_server/defaults/yacy.init && \
# Create user and group yacy : this user will be used to run YaCy main process
	addgroup yacy && adduser -S -G yacy -H -D yacy && \
# Set ownership of yacy install directory to yacy user/group
	chown yacy:yacy -R /opt/yacy_search_server

# Expose HTTP and HTTPS default ports
EXPOSE 8090 8443

# Set data volume : yacy data and configuration will persist aven after container stop or destruction
VOLUME ["/opt/yacy_search_server/DATA"]

# Next commands run as yacy as non-root user for improved security
USER yacy

# Start yacy as a foreground process (-f) to display console logs and to wait for yacy process
CMD ["/bin/sh","/opt/yacy_search_server/startYACY.sh","-f"]