diff options
Diffstat (limited to 'devops')
-rw-r--r-- | devops/chameleon-config.edn | 10 | ||||
-rw-r--r-- | devops/chameleon.service | 13 | ||||
-rw-r--r-- | devops/chameleon/Dockerfile | 45 | ||||
-rw-r--r-- | devops/chameleon/build-chameleon | 2 | ||||
-rw-r--r-- | devops/chameleon/docker-entrypoint.sh | 5 | ||||
-rw-r--r-- | devops/docker-compose.yml | 16 | ||||
-rw-r--r-- | devops/install-service | 6 | ||||
-rw-r--r-- | devops/nginx/Dockerfile | 9 | ||||
-rw-r--r-- | devops/nginx/default.conf | 23 | ||||
-rw-r--r-- | devops/nginx/nginx.conf | 33 |
10 files changed, 162 insertions, 0 deletions
diff --git a/devops/chameleon-config.edn b/devops/chameleon-config.edn new file mode 100644 index 0000000..32e830e --- /dev/null +++ b/devops/chameleon-config.edn @@ -0,0 +1,10 @@ +{:event-config {:host "localhost:3904" + :topic "spikeEvents" + :motsid "" + :pass "" + :consumer-group "chameleon" + :consumer-id "chameleon" + :timeout 15000 + :batch-size 8 + :type "HTTPAUTH"} + :gallifrey-host "localhost:443"} diff --git a/devops/chameleon.service b/devops/chameleon.service new file mode 100644 index 0000000..0c4b937 --- /dev/null +++ b/devops/chameleon.service @@ -0,0 +1,13 @@ +[Unit] +Description=Chameleon container +After=docker.socket early-docker.target network.target network-online.target +Wants=network-online.target +BindsTo=docker.service + +[Service] +Restart=always +ExecStart=/usr/bin/docker-compose -f /opt/chameleon/docker-compose.yml -p chameleon up +ExecStop=/usr/bin/docker-compose -f /opt/chameleon/docker-compose.yml -p chameleon down + +[Install] +WantedBy=multi-user.target diff --git a/devops/chameleon/Dockerfile b/devops/chameleon/Dockerfile new file mode 100644 index 0000000..97e9c3b --- /dev/null +++ b/devops/chameleon/Dockerfile @@ -0,0 +1,45 @@ +FROM alpine:3.6 + +# Java Version +ENV JAVA_VERSION_MAJOR 8 +ENV JAVA_VERSION_MINOR 131 +ENV JAVA_VERSION_BUILD 11 +ENV JAVA_PACKAGE jre +ENV GLIBC_VERSION 2.25-r0 + +ENV JAVA_8_BASE_URL http://download.oracle.com/otn-pub/java/jdk/${JAVA_VERSION_MAJOR}u${JAVA_VERSION_MINOR}-b${JAVA_VERSION_BUILD}/d54c1d3a095b4ff2b6607d096fa80163/${JAVA_PACKAGE}-${JAVA_VERSION_MAJOR}u${JAVA_VERSION_MINOR} + +RUN apk update +RUN apk add curl + +# Install glibc (required for java) +RUN curl -jsSL -o /etc/apk/keys/sgerrand.rsa.pub https://raw.githubusercontent.com/sgerrand/alpine-pkg-glibc/master/sgerrand.rsa.pub && \ + curl -jsSL -O https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VERSION}/glibc-${GLIBC_VERSION}.apk && \ + apk add glibc-${GLIBC_VERSION}.apk && \ + rm -f glibc-${GLIBC_VERSION}.apk + +# Install Java +RUN mkdir /opt && \ + curl -jsSL -H "Cookie: oraclelicense=accept-securebackup-cookie" ${JAVA_8_BASE_URL}-linux-x64.tar.gz | tar -xzf - -C /opt && \ + ln -s /opt/${JAVA_PACKAGE}1.${JAVA_VERSION_MAJOR}.0_${JAVA_VERSION_MINOR} /opt/${JAVA_PACKAGE} && \ + cd /opt/${JAVA_PACKAGE}/ && rm -rf *src.zip lib/missioncontrol lib/visualvm lib/plugin.jar plugin lib/*javafx* lib/*jfx* lib/ext/jfxrt.jar bin/javaws lib/javaws.jar lib/desktop lib/deploy* lib/amd64/libdecora_sse.so lib/amd64/libprism_*.so lib/amd64/libfxplugins.so lib/amd64/libglass.so lib/amd64/libgstreamer-lite.so lib/amd64/libjavafx*.so lib/amd64/libjfx*. + +# Install Java Cryptography Extension (JCE) Unlimited Strength +RUN curl -jksSLH "Cookie: oraclelicense=accept-securebackup-cookie" -o /tmp/jce_policy.zip \ + http://download.oracle.com/otn-pub/java/jce/${JAVA_VERSION_MAJOR}/jce_policy-${JAVA_VERSION_MAJOR}.zip && \ + unzip -o -d /opt/${JAVA_PACKAGE}/lib/security /tmp/jce_policy.zip && rm -f /tmp/jce_policy.zip + +RUN apk del curl + +ENV PATH /opt/jre/bin:${PATH} + +RUN apk add zip openssh-keygen openssh-client + +EXPOSE 80 + +RUN mkdir -p /opt/chameleon +COPY chameleon.jar /opt/chameleon + +COPY ./docker-entrypoint.sh / +RUN chmod 700 /docker-entrypoint.sh +ENTRYPOINT ["/docker-entrypoint.sh"] diff --git a/devops/chameleon/build-chameleon b/devops/chameleon/build-chameleon new file mode 100644 index 0000000..4421407 --- /dev/null +++ b/devops/chameleon/build-chameleon @@ -0,0 +1,2 @@ +lein uberjar +cp -f ../../target/chameleon.jar . diff --git a/devops/chameleon/docker-entrypoint.sh b/devops/chameleon/docker-entrypoint.sh new file mode 100644 index 0000000..4a0b529 --- /dev/null +++ b/devops/chameleon/docker-entrypoint.sh @@ -0,0 +1,5 @@ +#!/bin/sh + +set -e + +java -jar /opt/chameleon/chameleon.jar diff --git a/devops/docker-compose.yml b/devops/docker-compose.yml new file mode 100644 index 0000000..b17a98b --- /dev/null +++ b/devops/docker-compose.yml @@ -0,0 +1,16 @@ +chameleon: + build: ./chameleon + container_name: chameleon + environment: + - CONFIG_LOCATION=/opt/chameleon/chameleon-config.edn + volumes: + - ./chameleon-config.edn:/opt/chameleon/chameleon-config.edn + +nginx: + build: ./nginx + container_name: nginx + links: + - chameleon + ports: + - 80:80 + - 443:443 diff --git a/devops/install-service b/devops/install-service new file mode 100644 index 0000000..a54b884 --- /dev/null +++ b/devops/install-service @@ -0,0 +1,6 @@ +sudo cp chameleon.service /etc/systemd/system +sudo chown root:root /etc/systemd/system/chameleon.service +sudo chmod 644 /etc/systemd/system/chameleon.service + +sudo systemctl enable chameleon +sudo systemctl daemon-reload diff --git a/devops/nginx/Dockerfile b/devops/nginx/Dockerfile new file mode 100644 index 0000000..4f2ba9f --- /dev/null +++ b/devops/nginx/Dockerfile @@ -0,0 +1,9 @@ +FROM nginx:alpine + +COPY ssl-cert-snakeoil.pem /etc/ssl/certs/ +COPY ssl-cert-snakeoil.key /etc/ssl/private/ +RUN chown -R nginx:nginx /etc/ssl +RUN chmod 640 /etc/ssl/private/ssl-cert-snakeoil.key +RUN chmod 750 /etc/ssl/private + +COPY default.conf /etc/nginx/conf.d/ diff --git a/devops/nginx/default.conf b/devops/nginx/default.conf new file mode 100644 index 0000000..541f5db --- /dev/null +++ b/devops/nginx/default.conf @@ -0,0 +1,23 @@ + +server { +# Listen on 80 and 443 +listen 80; +listen 443 ssl; +# Self-signed certificate. +ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem; +ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key; + +# Redirect all non-SSL traffic to SSL. +if ($ssl_protocol = "") { +rewrite ^ https://$host$request_uri? permanent; +} + +# Split off traffic to chameleon, and make sure that websockets +# are managed correctly. +location / { +proxy_pass http://chameleon:8082; +proxy_http_version 1.1; +proxy_set_header Upgrade websocket; +proxy_set_header Connection upgrade; +} +} diff --git a/devops/nginx/nginx.conf b/devops/nginx/nginx.conf new file mode 100644 index 0000000..3ebc618 --- /dev/null +++ b/devops/nginx/nginx.conf @@ -0,0 +1,33 @@ + +user nginx; +worker_processes 1; + +error_log /var/log/nginx/error.log warn; +pid /var/run/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + access_log /var/log/nginx/access.log main; + + sendfile on; + #tcp_nopush on; + + keepalive_timeout 65; + + #gzip on; + + include /etc/nginx/conf.d/*.conf; + include /etc/nginx/sites-available/*.conf; +} |