Skip to content

Commit

Permalink
XDOCKER-326: Upgrade stable version to 16.5.0
Browse files Browse the repository at this point in the history 
* Keep 16.4 as mid-year recommended version.
  • Loading branch information
@mflorea
mflorea committed Jun 26, 2024
1 parent 0871618 commit 4607590
Show file tree
Hide file tree
Showing 21 changed files with 1,602 additions and 0 deletions.
6 changes: 6 additions & 0 deletions 16.4/mariadb-tomcat/.env
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
# Default environment values
XWIKI_VERSION=16.4.0
DB_USER=xwiki
DB_PASSWORD=xwiki
DB_DATABASE=xwiki
MYSQL_ROOT_PASSWORD=xwiki
116 changes: 116 additions & 0 deletions 16.4/mariadb-tomcat/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,116 @@
# ---------------------------------------------------------------------------
# See the NOTICE file distributed with this work for additional
# information regarding copyright ownership.
#
# This is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as
# published by the Free Software Foundation; either version 2.1 of
# the License, or (at your option) any later version.
#
# This software is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this software; if not, write to the Free
# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
# 02110-1301 USA, or see the FSF site: http://www.fsf.org.
# ---------------------------------------------------------------------------
FROM tomcat:9-jre17

# ____ ____ ____ ____ _ __ _
# |_ _||_ _||_ _| |_ _|(_) [ | _ (_)
# \ \ / / \ \ /\ / / __ | | / ] __
# > `' < \ \/ \/ / [ | | '' < [ |
# _/ /'`\ \_ \ /\ / | | | |`\ \ | |
# |____||____| \/ \/ [___][__| \_][___]

LABEL org.opencontainers.image.authors='XWiki Development Team <[email protected]>'
LABEL org.opencontainers.image.url='https://hub.docker.com/_/xwiki'
LABEL org.opencontainers.image.documentation='https://hub.docker.com/_/xwiki'
LABEL org.opencontainers.image.source='https://github.com/xwiki/xwiki-docker.git'
LABEL org.opencontainers.image.vendor='xwiki.org'
LABEL org.opencontainers.image.licenses='LGPL-2.1'

# Note: when using docker-compose, the ENV values below are overridden from the .env file.

# Install LibreOffice + other tools
# Note that procps is required to get ps which is used by JODConverter to start LibreOffice
RUN apt-get update && \
apt-get --no-install-recommends -y install \
curl \
libreoffice \
unzip \
procps && \
rm -rf /var/lib/apt/lists/*

# Install XWiki as the ROOT webapp context in Tomcat
# Create the Tomcat temporary directory
# Configure the XWiki permanent directory
ENV XWIKI_VERSION="16.4.0"
ENV XWIKI_URL_PREFIX "https://maven.xwiki.org/releases/org/xwiki/platform/xwiki-platform-distribution-war/${XWIKI_VERSION}"
ENV XWIKI_DOWNLOAD_SHA256 ced263c074f3a61384717cafa192a52aebd34db122e9467f69af2999ab3b600e
RUN rm -rf /usr/local/tomcat/webapps/* && \
mkdir -p /usr/local/tomcat/temp && \
mkdir -p /usr/local/xwiki/data && \
curl -fSL "${XWIKI_URL_PREFIX}/xwiki-platform-distribution-war-${XWIKI_VERSION}.war" -o xwiki.war && \
echo "$XWIKI_DOWNLOAD_SHA256 xwiki.war" | sha256sum -c - && \
unzip -d /usr/local/tomcat/webapps/ROOT xwiki.war && \
rm -f xwiki.war

# Copy the JDBC driver in the XWiki webapp
# We take the database driver version from the Maven Central repository since we want to control the version
# used and have it being consistent with what is tested in the CI.
ENV MARIADB_JDBC_VERSION="3.4.0"
ENV MARIADB_JDBC_SHA256="d83970dcda3198ca480e59b38e9e7055df09833e40d898c8ec5778a1e767f93b"
ENV MARIADB_JDBC_PREFIX="https://repo1.maven.org/maven2/org/mariadb/jdbc/mariadb-java-client/${MARIADB_JDBC_VERSION}"
ENV MARIADB_JDBC_ARTIFACT="mariadb-java-client-${MARIADB_JDBC_VERSION}.jar"
ENV MARIADB_JDBC_TARGET="/usr/local/tomcat/webapps/ROOT/WEB-INF/lib/${MARIADB_JDBC_ARTIFACT}"
RUN curl -fSL "${MARIADB_JDBC_PREFIX}/${MARIADB_JDBC_ARTIFACT}" -o $MARIADB_JDBC_TARGET && \
echo "$MARIADB_JDBC_SHA256 $MARIADB_JDBC_TARGET" | sha256sum -c -

# Configure Tomcat. For example set the memory for the Tomcat JVM since the default value is too small for XWiki
COPY tomcat/setenv.sh /usr/local/tomcat/bin/

# Setup the XWiki Hibernate configuration
COPY xwiki/hibernate.cfg.xml /usr/local/tomcat/webapps/ROOT/WEB-INF/hibernate.cfg.xml

# Set a specific distribution id in XWiki for this docker packaging.
RUN sed -i 's/<id>org.xwiki.platform:xwiki-platform-distribution-war/<id>org.xwiki.platform:xwiki-platform-distribution-docker/' \
/usr/local/tomcat/webapps/ROOT/META-INF/extension.xed

# Add scripts required to make changes to XWiki configuration files at execution time
# Note: we don't run CHMOD since 1) it's not required since the executabe bit is already set in git and 2) running
# CHMOD after a COPY will sometimes fail, depending on different host-specific factors (especially on AUFS).
COPY xwiki/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh

# Make the XWiki directory (the permanent directory is included in it) persist on the host (so that it's not recreated
# across runs)
VOLUME /usr/local/xwiki

# At this point the image is done and what remains below are the runtime configuration used by the user to configure
# the container that will be created out of the image. Namely the user can override some environment variables with
# docker run -e "var1=val1" -e "var2=val2" ...
# The supported environment variables that can be overridden are:
# - DB_USER: the name of the user configured for XWiki in the DB. Default is "xwiki". This is used to configure
# xwiki's hibernate.cfg.xml file.
# - DB_PASSWORD: the password for the user configured for XWiki in the DB. Default is "xwiki". This is used to
# configure xwiki's hibernate.cfg.xml file.
# - DB_DATABASE: the name of the database to use. Default is "xwiki". This is used to configure xwiki's
# hibernate.cfg.xml file.
# - DB_HOST: The name of the host (or docker container) containing the database. Default is "db". This is used to
# configure xwiki's hibernate.cfg.xml file.
# - CONTEXT_PATH: The name of the context path under which XWiki will be deployed in Tomcat. If not specified then it'll
# be deployed as ROOT.
# - JDBC_PARAMS: Replaces the default JDBC parameters with the passed ones.

# Example:
# docker run -it -e "DB_USER=xwiki" -e "DB_PASSWORD=xwiki" <imagename>

# Starts XWiki by starting Tomcat. All options passed to "docker run [OPTIONS] IMAGE[:TAG|@DIGEST] [COMMAND] [ARG...]"
# are also passed to docker-entrypoint.sh. If "xwiki" is passed then XWiki will be configured the first time the
# container executes and Tomcat will be started. If some other parameter is passed then it'll be executed to comply
# with best practices defined at https://github.com/docker-library/official-images#consistency.
ENTRYPOINT ["docker-entrypoint.sh"]
CMD ["xwiki"]
76 changes: 76 additions & 0 deletions 16.4/mariadb-tomcat/docker-compose.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
# ---------------------------------------------------------------------------
# See the NOTICE file distributed with this work for additional
# information regarding copyright ownership.
#
# This is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as
# published by the Free Software Foundation; either version 2.1 of
# the License, or (at your option) any later version.
#
# This software is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this software; if not, write to the Free
# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
# 02110-1301 USA, or see the FSF site: http://www.fsf.org.
# ---------------------------------------------------------------------------
version: '2'
networks:
bridge:
driver: bridge
services:
# The container that runs XWiki in Tomcat, with the appropriate JDBC driver (for mariadb).
web:
image: "xwiki:${XWIKI_VERSION}-mariadb-tomcat"
container_name: xwiki-mariadb-tomcat-web
depends_on:
- db
ports:
- "8080:8080"
# Default values defined in .env file.
# The DB_USER/DB_PASSWORD/DB_DATABASE/DB_HOST variables are used in the hibernate.cfg.xml file.
environment:
- XWIKI_VERSION=${XWIKI_VERSION}
- DB_USER=${DB_USER}
- DB_PASSWORD=${DB_PASSWORD}
- DB_DATABASE=${DB_DATABASE}
- DB_HOST=xwiki-mariadb-db
# Provide a name instead of an auto-generated id for xwiki data (the permanent directory in included in it)
# configured in the Dockerfile, to make it simpler to identify in 'docker volume ls'.
volumes:
- xwiki-data:/usr/local/xwiki
networks:
- bridge
# The container that runs the database (mariadb)
db:
image: "mariadb:11.3"
container_name: xwiki-mariadb-db
# - Provide a name instead of an auto-generated id for the mariadb data, to make it simpler to identify in
# 'docker volume ls'
# - Provide a SQL script to be executed when the db image starts (to set permissions to create subwikis)
volumes:
- mariadb-data:/var/lib/mysql
- ./init.sql:/docker-entrypoint-initdb.d/init.sql

# Configure the MariaDB database and create a user with provided name/password.
# See https://hub.docker.com/_/mariadb/ for more details.
# Default values defined in .env file.
environment:
- MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}
- MYSQL_USER=${DB_USER}
- MYSQL_PASSWORD=${DB_PASSWORD}
- MYSQL_DATABASE=${DB_DATABASE}

# Pass arguments to configure the database
command:
- "--character-set-server=utf8mb4"
- "--collation-server=utf8mb4_bin"
- "--explicit-defaults-for-timestamp=1"
networks:
- bridge
volumes:
mariadb-data: {}
xwiki-data: {}
1 change: 1 addition & 0 deletions 16.4/mariadb-tomcat/mariadb/init.sql
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
grant all privileges on *.* to xwiki@'%'
54 changes: 54 additions & 0 deletions 16.4/mariadb-tomcat/tomcat/setenv.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,54 @@
#!/bin/bash
# ---------------------------------------------------------------------------
# See the NOTICE file distributed with this work for additional
# information regarding copyright ownership.
#
# This is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as
# published by the Free Software Foundation; either version 2.1 of
# the License, or (at your option) any later version.
#
# This software is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this software; if not, write to the Free
# Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
# 02110-1301 USA, or see the FSF site: http://www.fsf.org.
# ---------------------------------------------------------------------------

# We're making the following changes to the default:
# * Adding more memory (default is 512MB which is not enough for XWiki)
# * By default, Tomcat does not allow the usage of encoded slash '%2F' and backslash '%5C' in URLs, as noted in
# https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.10. We want to allow for them as it's useful to
# be able to have '/' and '' in wiki page names.
# * On some system /dev/random is slow to init leading to a slow Tomcat and thus Xwiki startup.

# Users can override these values by setting the JAVA_OPTS environment variable. For example:
# -e JAVA_OPTS="-Xmx2048m"

XMX="-Xmx1024m"
ALLOW_ENCODED_SLASH="-Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true"
ALLOW_BACKSLASH="-Dorg.apache.catalina.connector.CoyoteAdapter.ALLOW_BACKSLASH=true"
SECURERANDOM="-Djava.security.egd=file:/dev/./urandom"

if [[ ! -z "$JAVA_OPTS" ]]; then
if [[ ! $JAVA_OPTS =~ .*-Xmx[0-9]+.* ]]; then
JAVA_OPTS="$JAVA_OPTS $XMX"
fi
if [[ ! $JAVA_OPTS =~ .*ALLOW_ENCODED_SLASH.* ]]; then
JAVA_OPTS="$JAVA_OPTS $ALLOW_ENCODED_SLASH"
fi
if [[ ! $JAVA_OPTS =~ .*ALLOW_BACKSLASH.* ]]; then
JAVA_OPTS="$JAVA_OPTS $ALLOW_BACKSLASH"
fi
if [[ ! $JAVA_OPTS =~ .*java\.security\.egd.* ]]; then
JAVA_OPTS="$JAVA_OPTS $SECURERANDOM"
fi
else
JAVA_OPTS="$XMX $ALLOW_ENCODED_SLASH $ALLOW_BACKSLASH $SECURERANDOM"
fi

export JAVA_OPTS
Loading

0 comments on commit 4607590

Please sign in to comment.