From cfb11eaf40b992084ebb4accc507efa1543f937f Mon Sep 17 00:00:00 2001 From: raffis Date: Wed, 2 Oct 2019 15:41:14 +0200 Subject: [PATCH] fixes #262 (removing ssl cert generation in docker image), is now distributed without https, for docker use an ssl nginx proxy, for debian an ssl cert gets created during postinstall --- CHANGELOG.md | 8 ++++++ Dockerfile | 23 +---------------- Makefile | 8 +++--- package.json | 24 ++++++++--------- packaging/debian/nginx-web.conf | 5 ++++ packaging/debian/nginx.conf | 21 +++++++++++++++ packaging/debian/postinst | 9 +++++++ packaging/nginx.conf | 46 --------------------------------- 8 files changed, 61 insertions(+), 83 deletions(-) create mode 100644 packaging/debian/nginx-web.conf create mode 100644 packaging/debian/nginx.conf delete mode 100755 packaging/nginx.conf diff --git a/CHANGELOG.md b/CHANGELOG.md index cbf0298..8606139 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,11 @@ +## 3.2.8 +**Maintainer**: balloon-team \ +**Date**: Wed Oct 02 14:33:22 CEST 2019 + +* [FIX] Cannot start container balloon_balloon-web_1 #262 +* [FIX] Updated dependencies (npm audit) + + ## 3.2.7 **Maintainer**: balloon-team \ **Date**: Wed Sep 11 16:31:23 CEST 2019 diff --git a/Dockerfile b/Dockerfile index 0214241..040806a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,23 +1,2 @@ FROM nginx:1-alpine - -RUN apk add --update openssl \ - && rm -rf /var/cache/apk/* - -RUN mkdir /usr/share/balloon-web/nginx -p -COPY build/ /usr/share/balloon-web/ -COPY packaging/nginx.conf /etc/nginx/conf.d/balloon.conf - -RUN sed -i "s#unix:/run/php/php7.2-fpm.sock#balloon:9000#g" /etc/nginx/conf.d/balloon.conf \ - && sed -i "s#/var/log/balloon/nginx_access.log#/dev/stdout#g" /etc/nginx/conf.d/balloon.conf \ - && sed -i "s#/var/log/balloon/nginx_error.log#/dev/stderr#g" /etc/nginx/conf.d/balloon.conf - -RUN openssl genrsa -des3 -passout pass:balloon -out server.pass.key 2048 \ - && openssl rsa -passin pass:balloon -in server.pass.key -out key.pem \ - && rm server.pass.key \ - && openssl req -new -key key.pem -out server.csr -subj "/C=CH/L=Zurich/O=Balloon/CN=balloon.local" \ - && openssl x509 -req -days 365 -in server.csr -signkey key.pem -out chain.pem \ - && rm server.csr \ - && mv key.pem /etc/ssl/balloon \ - && mv chain.pem /etc/ssl/balloon - -EXPOSE 80 443 +COPY build/ /usr/share/nginx/html diff --git a/Makefile b/Makefile index 44e975d..91780b0 100644 --- a/Makefile +++ b/Makefile @@ -70,7 +70,8 @@ $(DIST_DIR)/balloon-web-$(VERSION).deb: $(CHANGELOG_TARGET) $(BUILD_TARGET) @mkdir -p $(PACK_DIR)/usr/share/balloon-web @cp -Rp $(BUILD_DIR)/* $(PACK_DIR)/usr/share/balloon-web @mkdir $(PACK_DIR)/usr/share/balloon-web/nginx - @cp -Rp $(BASE_DIR)/packaging/nginx.conf $(PACK_DIR)/usr/share/balloon-web/nginx + @cp -Rp $(BASE_DIR)/packaging/debian/nginx.conf $(PACK_DIR)/usr/share/balloon-web/nginx + @cp -Rp $(BASE_DIR)/packaging/debian/nginx-web.conf $(PACK_DIR)/usr/share/balloon-web/nginx @-test -d $(DIST_DIR) || mkdir $(DIST_DIR) @dpkg-deb --build $(PACK_DIR) $@ @rm -rf $(PACK_DIR) @@ -184,5 +185,6 @@ install: $(INSTALL_TARGET) $(INSTALL_TARGET): $(BUILD_TARGET) @cp -Rp $(BUILD_DIR)/* $(INSTALL_PREFIX)/usr/share/balloon-web - @mkdir -p /etc/nginx/conf.d - @cp -Rp $(BASE_DIR)/packaging/nginx.conf /etc/nginx/conf.d + @mkdir -p /etc/nginx/conf.d/balloon + @cp -Rp $(BASE_DIR)/packaging/debian/nginx.conf /etc/nginx/conf.d/balloon.conf + @cp -Rp $(BASE_DIR)/packaging/debian/nginx-web.conf /etc/nginx/conf.d/balloon/web.conf diff --git a/package.json b/package.json index bf4df7b..8e41a1a 100644 --- a/package.json +++ b/package.json @@ -10,9 +10,9 @@ "postinstall": "echo > node_modules/kendo-ui-web/scripts/kendo.data.min.js; echo > node_modules/kendo-ui-web/scripts/kendo.draganddrop.min.js" }, "dependencies": { - "@babel/polyfill": "^7.4.4", + "@babel/polyfill": "^7.6.0", "@gyselroth/icon-collection": "^1.0.12", - "@openid/appauth": "^1.2.4", + "@openid/appauth": "^1.2.6", "bundle-loader": "^0.5.6", "i18next": "3.x", "i18next-browser-languagedetector": "^2.2.4", @@ -21,8 +21,8 @@ "i18next-xhr-backend": "^1.5.1", "jquery-i18next": "*", "kendo-ui-core": "^2018.3.1219", - "merge-jsons-webpack-plugin": "^1.0.19", - "mobile-pull-to-refresh": "^0.2.1", + "merge-jsons-webpack-plugin": "^1.0.20", + "mobile-pull-to-refresh": "^0.2.2", "qrcode.es": "^1.0.0", "showdown": "^1.9.0", "showdown-highlight": "^2.1.3", @@ -30,14 +30,14 @@ "slideout": "https://github.com/raffis/slideout/tarball/direction_fix", "sw-precache-webpack-plugin": "^0.11.5", "ubuntu-fontface": "^0.1.13", - "uglifyjs-webpack-plugin": "^2.1.3", + "uglifyjs-webpack-plugin": "^2.2.0", "webpack-pwa-manifest": "^4.0.0", "workbox-webpack-plugin": "^4.3.1", "workbox-window": "^4.3.1" }, "devDependencies": { - "@babel/core": "^7.4.5", - "@babel/preset-env": "^7.4.5", + "@babel/core": "^7.6.2", + "@babel/preset-env": "^7.6.2", "babel-loader": "^8.0.6", "babel-plugin-transform-async-to-generator": "^6.24.1", "babel-polyfill": "^6.26.0", @@ -53,15 +53,15 @@ "mini-css-extract-plugin": "^0.4.5", "napa": "^3.0.0", "node-sass": "^4.12.0", - "sass-loader": "^7.1.0", + "sass-loader": "^7.3.1", "source-map-loader": "^0.2.4", "style-loader": "^0.23.1", "svgxuse": "^1.2.6", "url-loader": "^1.1.2", - "webpack": "^4.35.0", - "webpack-cli": "^3.3.4", - "webpack-dev-server": "^3.7.2", - "webpack-merge": "^4.2.1" + "webpack": "^4.41.0", + "webpack-cli": "^3.3.9", + "webpack-dev-server": "^3.8.1", + "webpack-merge": "^4.2.2" }, "main": "index.html", "repository": { diff --git a/packaging/debian/nginx-web.conf b/packaging/debian/nginx-web.conf new file mode 100644 index 0000000..e183bc2 --- /dev/null +++ b/packaging/debian/nginx-web.conf @@ -0,0 +1,5 @@ +location / { + root /usr/share/balloon-web; + index index.html; + break; +} diff --git a/packaging/debian/nginx.conf b/packaging/debian/nginx.conf new file mode 100644 index 0000000..d50f6fa --- /dev/null +++ b/packaging/debian/nginx.conf @@ -0,0 +1,21 @@ +server { + listen 80; + access_log /var/log/balloon/nginx_access.log; + error_log /var/log/balloon/nginx_error.log; + rewrite ^(.*) https://$host$1 permanent; +} + +server { + listen 443; + client_max_body_size 16G; + + access_log /var/log/balloon/nginx_access.log; + error_log /var/log/balloon/nginx_error.log; + + ssl on; + ssl_certificate "/etc/ssl/balloon/chain.pem"; + ssl_certificate_key "/etc/ssl/balloon/key.pem"; + add_header Strict-Transport-Security "max-age=31556926"; + + include /etc/nginx/conf.d/balloon/*.conf; +} diff --git a/packaging/debian/postinst b/packaging/debian/postinst index a641c39..e076532 100755 --- a/packaging/debian/postinst +++ b/packaging/debian/postinst @@ -21,8 +21,17 @@ if [[ ! -f /etc/ssl/balloon/key.pem && ! -f /etc/ssl/balloon/chain.pem ]]; then mv chain.pem /etc/ssl/balloon fi +if [ ! -d /etc/nginx/conf.d/balloon ]; then + mkdir /etc/nginx/conf.d/balloon +fi + if [ ! -f /etc/nginx/conf.d/balloon.conf ]; then cp /usr/share/balloon-web/nginx/nginx.conf /etc/nginx/conf.d/balloon.conf fi +if [ ! -f /etc/nginx/conf.d/balloon/web.conf ]; then + cp /usr/share/balloon-web/nginx/nginx-web.conf /etc/nginx/conf.d/balloon/web.conf +fi + + service nginx restart diff --git a/packaging/nginx.conf b/packaging/nginx.conf deleted file mode 100755 index 5b520fd..0000000 --- a/packaging/nginx.conf +++ /dev/null @@ -1,46 +0,0 @@ -server { - listen 80; - access_log /var/log/balloon/nginx_access.log; - error_log /var/log/balloon/nginx_error.log; - rewrite ^(.*) https://$host$1 permanent; -} - -server { - listen 443; - client_max_body_size 16G; - - access_log /var/log/balloon/nginx_access.log; - error_log /var/log/balloon/nginx_error.log; - - ssl on; - ssl_certificate "/etc/ssl/balloon/chain.pem"; - ssl_certificate_key "/etc/ssl/balloon/key.pem"; - add_header Strict-Transport-Security "max-age=31556926"; - - location /docs { - alias /usr/share/balloon-apidoc; - index index.html; - break; - } - - location ~ ^/(api|webdav|share) { - index index.php; - root /usr/share/balloon/bin/httpdocs; - rewrite ^(.+)$ /index.php$1 last; - break; - } - - location ~ ^/index.php { - root /usr/share/balloon/bin/httpdocs; - fastcgi_pass unix:/run/php/php7.2-fpm.sock; - fastcgi_param SCRIPT_FILENAME /usr/share/balloon/bin/httpdocs$fastcgi_script_name; - fastcgi_param PATH_INFO $fastcgi_script_name; - include /etc/nginx/fastcgi_params; - } - - location / { - root /usr/share/balloon-web; - index index.html; - break; - } -}