Home Explore Help
Sign In
sebastian
/
threema-web
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Docker: Add support for configuration variables

Danilo Bargen 6 years ago
parent
a06d082d10
commit
93b9af4c45
6 changed files with 85 additions and 6 deletions
Split View Show Diff Stats
  1. 17 2
      Dockerfile
  2. 6 3
      dist/build-package.js
  3. 9 1
      dist/package.sh
  4. 14 0
      docker/entrypoint.sh
  5. 31 0
      docs/docker.md
  6. 8 0
      docs/self_hosting.md

+ 17 - 2
Dockerfile
View File 

@@ -1,13 +1,21 @@
 
+# Dockerfile for Threema Web, based on the nginx alpine image.
 
+#
 
+# WARNING: This Dockerfile does not include TLS termination. Make sure to run
 
+#          the container behind a reverse proxy (e.g. Nginx) that does proper
 
+#          TLS termination.
 
+
 
 # First, build Threema Web in a node container
 
 
 FROM node:10 AS builder
 
+ENV NODE_ENV=production
 
 
 COPY . /opt/threema-web/
 
 WORKDIR /opt/threema-web/
 
 
-ENV NODE_ENV=production
 
+RUN sed -i "s/SELF_HOSTED: [^,]*,/SELF_HOSTED: true,/g" src/config.ts
 
+
 
 RUN npm ci
 
-RUN npm run dist
 
+RUN npm run dist -- d
 
 
 # Then, transfer the build artifacts to a minimal nginx container
 
 
@@ -15,3 +23,10 @@ FROM nginx:1.15-alpine
 
 
 RUN rm /usr/share/nginx/html/*
 
 COPY --from=builder /opt/threema-web/release/threema-web-* /usr/share/nginx/html/
 
+COPY docker/entrypoint.sh /usr/local/bin/
 
+
 
+ENV SALTYRTC_HOST="" \
 
+    SALTYRTC_PORT=443 \
 
+    SALTYRTC_SERVER_KEY="b1337fc8402f7db8ea639e05ed05d65463e24809792f91eca29e88101b4a2171"
 
+
 
+CMD ["/bin/sh", "/usr/local/bin/entrypoint.sh"]

+ 6 - 3
dist/build-package.js
View File 

@@ -1,12 +1,15 @@
 
 var spawn = require('child_process').spawn;
 
 var os = require('os');
 
+var process = require('process');
 
+
 
+var args = process.argv.slice(2);
 
 
 if (os.type() === 'Linux') {
 
-   spawn('bash', ['dist/package.sh'], {stdio: 'inherit'});
 
+   spawn('bash', ['dist/package.sh'].concat(args), {stdio: 'inherit'});
 
 } else if (os.type() === 'Darwin') {
 
-   spawn('bash', ['dist/package.sh'], {stdio: 'inherit'});
 
+   spawn('bash', ['dist/package.sh'].concat(args), {stdio: 'inherit'});
 
 } else if (os.type() === 'Windows_NT') {
 
-   spawn('powershell', ['dist/package.sh'], {stdio: 'inherit'});
 
+   spawn('powershell', ['dist/package.sh'].concat(args), {stdio: 'inherit'});
 
 } else {
 
    throw new Error("Unsupported OS found: " + os.type());
 
 }

+ 9 - 1
dist/package.sh
View File 

@@ -9,6 +9,13 @@ echo -e "  |_| |_|_|_| |___|___|_|_|_|__,|_____|___|___|\e[32m|_|\e[0m\n"
 
 
 echo -e "Creating release distribution for Threema Web\n"
 
 
+# Determine suffix
 
+if [ $# -gt 0 ]; then
 
+    SUFFIX="-$1"
 
+else
 
+    SUFFIX=""
 
+fi
 
+
 
 # Test whether we're in the root dir
 
 if [ ! -f "package.json" ]; then
 
     echo "Error: package.json not found."
 
@@ -28,7 +35,8 @@ if [ -e "release" ]; then
 
     done
 
 fi
 
 
-VERSION=$(grep "\"version\"" package.json  | sed 's/[[:blank:]]*\"version\": \"\([^\"]*\).*/\1/')
 
+VERSION=$(grep "\"version\"" package.json  | sed 's/[[:blank:]]*\"version\": \"\([^\"]*\).*/\1/')$SUFFIX
 
+echo "+ Building version $VERSION"
 
 
 DIR="release/threema-web-$VERSION"

+ 14 - 0
docker/entrypoint.sh
View File 

@@ -0,0 +1,14 @@
 
+#!/bin/sh
 
+set -euo pipefail
 
+
 
+# Patch config file
 
+echo "Patching config file..."
 
+cd /usr/share/nginx/html/
 
+if [ ! -z "$SALTYRTC_HOST" ]; then
 
+    sed -i "s/SALTYRTC_HOST: null,/SALTYRTC_HOST: '${SALTYRTC_HOST}',/g" dist/app.js
 
+fi
 
+sed -i "s/SALTYRTC_PORT: [^,]*,/SALTYRTC_PORT: ${SALTYRTC_PORT},/g" dist/app.js
 
+sed -i "s/SALTYRTC_SERVER_KEY: '[^']*',/SALTYRTC_SERVER_KEY: '${SALTYRTC_SERVER_KEY}',/g" dist/app.js
 
+
 
+echo "Starting Threema Web..."
 
+exec nginx -g 'daemon off;'

+ 31 - 0
docs/docker.md
View File 

@@ -0,0 +1,31 @@
 
+# Running Threema Web with Docker
 
+
 
+
 
+## Building the Image
 
+
 
+To build the Docker image:
 
+
 
+    $ docker build . -t example/threema-web:latest
 
+
 
+
 
+## Running the Image
 
+
 
+To run the Docker image:
 
+
 
+    $ docker run --rm -p 8080:80 threema/threema-web
 
+
 
+Now you can open `http://localhost:8080/` in your browser to use Threema Web.
 
+
 
+**IMPORTANT:** Note that this Dockerfile does not contain TLS termination. Make
 
+sure to serve Threema Web only via https, behind a reverse proxy like Nginx. We
 
+also recommend to enable HSTS, HPKP, CSP and other available security
 
+mechanisms in your web server.
 
+
 
+
 
+## Config Variables
 
+
 
+| Variable | Default | Description |
 
+| -------- | ------- | ----------- |
 
+| `SALTYRTC_HOST` | null | The SaltyRTC signaling server hostname |
 
+| `SALTYRTC_PORT` | 443 | The SaltyRTC signaling server port |
 
+| `SALTYRTC_SERVER_KEY` | "b1337fc8402f7db8ea639e05ed05d65463e24809792f91eca29e88101b4a2171" | The SaltyRTC signaling server public key |

+ 8 - 0
docs/self_hosting.md
View File 

@@ -52,16 +52,24 @@ SaltyRTC/STUN/TURN servers.
 
 
 Cryptographic signatures are provided for the downloads.
 
 
+### Docker Image
 
+
 
+If you're interested in hosting Threema Web through Docker, check out the
 
+`docs/docker.md` file for more information.
 
+
 
+
 
 ## SaltyRTC Server
 
 
 For instructions on how to run your own SaltyRTC server, see
 
 https://github.com/saltyrtc/saltyrtc-server-python
 
 
+
 
 ## STUN / TURN Server
 
 
 You can run any WebRTC-compliant STUN / TURN server, e.g.
 
 [coturn](https://coturn.github.io).
 
 
+
 
 ## Push Relay
 
 
 While you could in theory host your own version of the push server, it won't