# This docker image is used for building Freechat in Gitlab pipelines # WARN: this image uses a lot of "lazy" practices in terms of security as its # not at all meant to be ran in a production environment. Attempts to use this # a "production/live" are not recommended FROM rust:slim-buster # required for building rust things and grabbing node RUN apt-get update && apt-get upgrade -y && apt-get install \ git default-libmysqlclient-dev pkg-config \ curl libssl-dev ca-certificates gnupg \ python3 python3-pip \ -y --no-install-recommends && \ pip3 install virtualenv # Install virtualenv as its semi-required for python packages in freechat # This is a (very) small goal: removing all python dependancies outside of testing # Because frankly Rust binaries + Node BS + Python is just too awful to maintain # Setup node # grab key RUN curl -sSL https://deb.nodesource.com/gpgkey/nodesource.gpg.key | apt-key add - && \ echo "deb https://deb.nodesource.com/node_14.x sid main" > /etc/apt/sources.list.d/nodesource.list && \ echo "deb-src https://deb.nodesource.com/node_14.x sid main" >> /etc/apt/sources.list.d/nodesource.list && \ apt-get update && apt-get install nodejs \ -y --no-install-recommends # Mysql setup # NOTE: Keep in mind that because I'm basically throwing security out the window # with this docker that we're mostly just using Mysql's default everything # Later on in another script we setup a proper user to interface with sql but still, # nothing here is to be used in prod(once again) RUN mkdir /opt/mysql-setup && \ curl "https://repo.mysql.com//mysql-apt-config_0.8.17-1_all.deb" \ -o /opt/mysql-setup/mysql-apt-config_0.8.17-1_all.deb && \ export DEBIAN_FRONTEND=noninteractive && \ apt-get update && \ apt-get install /opt/mysql-setup/mysql-apt-config_0.8.17-1_all.deb \ -y --no-install-recommends && \ apt-get update && apt-get install mysql-community-server \ -y --no-install-recommends RUN apt-get remove curl gnupg ca-certificates -y && apt-get autoremove -y && \ rm -rf /var/lib/apt/lists/* # The entrypoint script not only starts the mysql service for us but it also gives # us a shell to run commands in COPY entrypoint.sh /entrypoint.sh ENTRYPOINT ["/entrypoint.sh"]