├── .dockerignore ├── .gitignore ├── README.md ├── aio-base ├── Dockerfile ├── README.md ├── docker-compose.yml ├── docker-entrypoint.sh ├── nginx-ssl.conf └── nginx.conf ├── aio-builder ├── Dockerfile └── README.md └── aio-erp ├── Dockerfile └── README.md /.dockerignore: -------------------------------------------------------------------------------- 1 | volumes 2 | certs 3 | 4 | *.war 5 | *.properties 6 | 7 | .git 8 | .gitignore 9 | .dockerignore 10 | 11 | build.sh 12 | README.md 13 | Dockerfile 14 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | volumes 2 | certs 3 | 4 | *.war 5 | *.properties 6 | 7 | # Backup files 8 | *.sw[nop] 9 | *~ 10 | .#* 11 | [#]*# 12 | 13 | # Miscellaneous 14 | *.log 15 | .clover 16 | .DS_Store 17 | 18 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Axelor Dockerfiles 2 | 3 | This repository provides [Dockerfiles](https://docs.docker.com/engine/reference/builder/) and samples to build [Docker](https://www.docker.com/what-docker) images for [Axelor](https://axelor.com) apps. 4 | 5 | ## Build Images 6 | 7 | It assumes you have Docker installed on your system. 8 | 9 | ### Build base image 10 | 11 | ```sh 12 | $ cd aio-base 13 | $ docker build -t axelor/aio-base . 14 | ``` 15 | 16 | ### Build builder image 17 | 18 | ```sh 19 | $ cd aio-builder 20 | $ docker build -t axelor/aio-builder . 21 | ``` 22 | 23 | ### Build app image 24 | 25 | ```sh 26 | $ cd aio-erp 27 | $ docker build -t axelor/aio-erp . 28 | ``` 29 | 30 | ## Run app container 31 | 32 | Once app image is built, you can run it like this: 33 | 34 | ```sh 35 | $ docker run -it -p 8080:80 axelor/aio-erp 36 | ``` 37 | 38 | Once app completes database initialization, it can be access at: http://localhost:8080 39 | 40 | -------------------------------------------------------------------------------- /aio-base/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM adoptopenjdk/openjdk8 as builder 2 | 3 | RUN set -ex \ 4 | && DEBIAN_FRONTEND=noninteractive apt-get update \ 5 | && DEBIAN_FRONTEND=noninteractive apt-get upgrade -y \ 6 | && DEBIAN_FRONTEND=noninteractive apt-get install -y \ 7 | curl dpkg-dev gcc libapr1-dev libssl-dev make \ 8 | && rm -rf /var/lib/apt/lists/* 9 | 10 | # jdk 11 | ENV JAVA_HOME /opt/java/openjdk 12 | 13 | # tomcat 14 | ENV CATALINA_HOME /usr/local/tomcat 15 | ENV CATALINA_BASE /var/lib/tomcat 16 | 17 | RUN set -ex \ 18 | && export TOMCAT_MAJOR="8" \ 19 | && export TOMCAT_VERSION="8.5.38" \ 20 | && export TOMCAT_ESUM="3a3e624014faf87091e6dbb8bad13c68240955d62301d22cf3d75a1766859dd97500d6850fbd5d3dc012f08f9301eb24c24fa7175bcca616767fa5c18875072d" \ 21 | && export TOMCAT_PKG="apache-tomcat-$TOMCAT_VERSION.tar.gz" \ 22 | && mkdir -p $CATALINA_HOME \ 23 | && mkdir -p $CATALINA_BASE \ 24 | && cd $CATALINA_HOME \ 25 | && curl -L -O "https://www.apache.org/dyn/closer.cgi?action=download&filename=tomcat/tomcat-$TOMCAT_MAJOR/v$TOMCAT_VERSION/bin/$TOMCAT_PKG" \ 26 | && echo "$TOMCAT_ESUM $TOMCAT_PKG" | sha512sum -c - \ 27 | && tar -xvf $TOMCAT_PKG --strip-components=1 \ 28 | && rm -f $TOMCAT_PKG \ 29 | && rm -f $TOMCAT_HOME/bin/*.bat \ 30 | && chmod 755 $CATALINA_HOME/bin \ 31 | && chmod 755 $CATALINA_HOME/lib \ 32 | && chmod 755 $CATALINA_HOME/conf \ 33 | && chmod 644 $CATALINA_HOME/bin/* \ 34 | && chmod 644 $CATALINA_HOME/lib/* \ 35 | && chmod 644 $CATALINA_HOME/conf/* \ 36 | && chmod 755 $CATALINA_HOME/bin/*.sh \ 37 | && chown root:$TOMCAT_GROUP $CATALINA_HOME/conf/* \ 38 | && mkdir -p $CATALINA_BASE/conf \ 39 | && mkdir -p $CATALINA_BASE/temp \ 40 | && mkdir -p $CATALINA_BASE/webapps \ 41 | && cp $CATALINA_HOME/conf/tomcat-users.xml $CATALINA_BASE/conf/ \ 42 | && cp $CATALINA_HOME/conf/logging.properties $CATALINA_BASE/conf/ \ 43 | && cp $CATALINA_HOME/conf/server.xml $CATALINA_BASE/conf/ \ 44 | && cp $CATALINA_HOME/conf/web.xml $CATALINA_BASE/conf/ \ 45 | && sed -i 's/directory="logs"/directory="\/var\/log\/tomcat"/g' $CATALINA_BASE/conf/server.xml \ 46 | && sed -i 's/\${catalina\.base}\/logs/\/var\/log\/tomcat/g' $CATALINA_BASE/conf/logging.properties 47 | 48 | # tomcat-native lib path 49 | ENV TOMCAT_NATIVE_LIBDIR $CATALINA_HOME/native-jni-lib 50 | ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$TOMCAT_NATIVE_LIBDIR 51 | 52 | # build tomcat-native 53 | RUN set -ex \ 54 | && export NATIVE_BUILD_DIR="$(mktemp -d)" \ 55 | && tar -xvf $CATALINA_HOME/bin/tomcat-native.tar.gz -C "$NATIVE_BUILD_DIR" --strip-components=1 \ 56 | && cd $NATIVE_BUILD_DIR/native \ 57 | && ./configure \ 58 | --build="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)" \ 59 | --libdir="$TOMCAT_NATIVE_LIBDIR" \ 60 | --prefix="$CATALINA_HOME" \ 61 | --with-apr="$(which apr-1-config)" \ 62 | --with-java-home="$JAVA_HOME" \ 63 | --with-ssl=yes \ 64 | && make -j "$(nproc)" \ 65 | && make install \ 66 | && rm -f $CATALINA_HOME/bin/*.bat \ 67 | && rm -f $CATALINA_HOME/bin/*.tar.gz \ 68 | && rm -rf $NATIVE_BUILD_DIR 69 | 70 | ## end of builder stage 71 | 72 | FROM adoptopenjdk/openjdk8 73 | LABEL maintainer="Axelor " 74 | 75 | RUN set -ex \ 76 | && DEBIAN_FRONTEND=noninteractive apt-get update \ 77 | && DEBIAN_FRONTEND=noninteractive apt-get upgrade -y \ 78 | && DEBIAN_FRONTEND=noninteractive apt-get install -y gnupg dirmngr apt-transport-https locales \ 79 | && apt-key adv --batch --fetch-keys http://nginx.org/keys/nginx_signing.key \ 80 | && echo "deb http://nginx.org/packages/mainline/ubuntu/ bionic nginx" >> /etc/apt/sources.list \ 81 | && apt-key adv --batch --fetch-keys https://www.postgresql.org/media/keys/ACCC4CF8.asc \ 82 | && echo 'deb http://apt.postgresql.org/pub/repos/apt/ bionic-pgdg main' > /etc/apt/sources.list.d/pgdg.list \ 83 | && apt-key adv --batch --fetch-keys https://deb.nodesource.com/gpgkey/nodesource.gpg.key \ 84 | && echo 'deb https://deb.nodesource.com/node_8.x bionic main' > /etc/apt/sources.list.d/nodesource.list \ 85 | && apt-key adv --batch --fetch-keys https://dl.yarnpkg.com/debian/pubkey.gpg \ 86 | && echo 'deb https://dl.yarnpkg.com/debian/ stable main' > /etc/apt/sources.list.d/yarn.list \ 87 | && DEBIAN_FRONTEND=noninteractive apt-get update \ 88 | && DEBIAN_FRONTEND=noninteractive apt-get upgrade -y \ 89 | && DEBIAN_FRONTEND=noninteractive apt-get install -y \ 90 | supervisor gosu postgresql-9.6 postgresql-contrib-9.6 \ 91 | libapr1 nginx nginx-module-xslt nginx-module-geoip nginx-module-image-filter nginx-module-njs gettext-base \ 92 | git-core nodejs yarn \ 93 | && rm -rf /var/lib/apt/lists/* 94 | 95 | # update locale 96 | RUN set -ex && \ 97 | echo 'en_GB.UTF-8 UTF-8' >> /etc/locale.gen && \ 98 | echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen && locale-gen 99 | ENV LANG en_US.utf8 100 | 101 | # jdk 102 | ENV JAVA_HOME /opt/java/openjdk 103 | 104 | # tomcat 105 | ENV TOMCAT_USER tomcat 106 | ENV TOMCAT_GROUP tomcat 107 | 108 | ENV CATALINA_HOME /usr/local/tomcat 109 | ENV CATALINA_BASE /var/lib/tomcat 110 | 111 | # copy from builder 112 | COPY --from=builder $CATALINA_HOME $CATALINA_HOME 113 | COPY --from=builder $CATALINA_BASE $CATALINA_BASE 114 | 115 | RUN set -ex \ 116 | && addgroup --system "$TOMCAT_GROUP" --quiet \ 117 | && adduser \ 118 | --system --home "$CATALINA_BASE" --no-create-home \ 119 | --ingroup "$TOMCAT_GROUP" --disabled-password --shell /bin/false "$TOMCAT_USER" 120 | 121 | RUN set -ex \ 122 | && update-alternatives --install /usr/bin/java java $JAVA_HOME/bin/java 20000 \ 123 | && update-alternatives --install /usr/bin/javac javac $JAVA_HOME/bin/javac 20000 \ 124 | && update-alternatives --install /usr/bin/jar jar $JAVA_HOME/bin/jar 20000 \ 125 | && update-alternatives --install /usr/bin/tomcat tomcat $CATALINA_HOME/bin/catalina.sh 20000 \ 126 | && update-alternatives --install /usr/bin/tomcat-digest tomcat-digest $CATALINA_HOME/bin/digest.sh 20000 \ 127 | && update-alternatives --install /usr/bin/tomcat-tool-wrapper tomcat-tool-wrapper $CATALINA_HOME/bin/tool-wrapper.sh 20000 \ 128 | && chown root:$TOMCAT_GROUP $CATALINA_HOME/conf/* \ 129 | && mkdir -p /var/log/tomcat \ 130 | && chown -R $TOMCAT_USER:$TOMCAT_GROUP $CATALINA_BASE \ 131 | && chown -R $TOMCAT_USER:$TOMCAT_GROUP /var/log/tomcat 132 | 133 | # tomcat-native lib path 134 | ENV LD_LIBRARY_PATH ${LD_LIBRARY_PATH:+$LD_LIBRARY_PATH:}$CATALINA_HOME/native-jni-lib 135 | 136 | # postgres 137 | ENV POSTGRES_USER axelor 138 | ENV POSTGRES_PASSWORD axelor 139 | ENV POSTGRES_DB axelor 140 | 141 | ENV PATH $PATH:/usr/lib/postgresql/9.6/bin 142 | ENV PGDATA /var/lib/postgresql/9.6/main 143 | 144 | RUN set -ex \ 145 | && echo "host all all all md5" >> /etc/postgresql/9.6/main/pg_hba.conf \ 146 | && echo "listen_addresses='localhost'" >> /etc/postgresql/9.6/main/postgresql.conf \ 147 | && rm -rf /var/lib/postgresql/9.6/main \ 148 | && mkdir -p /var/lib/postgresql/9.6 \ 149 | && chown -R postgres:postgres /var/lib/postgresql 150 | 151 | # nginx 152 | ENV NGINX_HOST localhost 153 | ENV NGINX_PORT 443 154 | 155 | COPY nginx.conf /etc/nginx/conf.d.templates/ 156 | COPY nginx-ssl.conf /etc/nginx/conf.d.templates/ 157 | 158 | VOLUME ["/var/lib/tomcat", "/var/lib/postgresql", "/var/log/tomcat", "/var/log/postgresql"] 159 | 160 | EXPOSE 80 443 8080 5432 161 | 162 | COPY docker-entrypoint.sh /usr/local/bin/ 163 | RUN chmod +x /usr/local/bin/docker-entrypoint.sh && mkdir /docker-entrypoint-initdb.d 164 | 165 | ENTRYPOINT ["docker-entrypoint.sh"] 166 | 167 | CMD ["start"] 168 | 169 | -------------------------------------------------------------------------------- /aio-base/README.md: -------------------------------------------------------------------------------- 1 | # Axelor Docker 2 | 3 | This repository contains [docker][docker] and [docker-compose][docker-compose] files for [axelor apps][axelor]. 4 | 5 | ## Prerequisite 6 | 7 | Install `docker` & `docker-compose` as per the official [docker documentation][docker-doc]. 8 | 9 | ## Build 10 | 11 | You can build the base image like this: 12 | 13 | ```sh 14 | docker build -t axelor/aio-base . 15 | ``` 16 | 17 | ## Run app 18 | 19 | You can use the base image to run your app. 20 | 21 | Copy the war package of your application in current directory and start container like this: 22 | 23 | ```sh 24 | docker run -it --name axelor-demo \ 25 | -p 80:80 \ 26 | -e NGINX_HOST=your.hostname.com \ 27 | -v `pwd`/volumes/var/lib/postgresql:/var/lib/postgresql \ 28 | -v `pwd`/volumes/var/lib/tomcat:/var/lib/tomcat \ 29 | -v `pwd`/axelor-demo.war:/var/lib/tomcat/webapps/ROOT.war:ro \ 30 | axelor/aio-base 31 | ``` 32 | 33 | The data will be stored under `volumes` directory. 34 | 35 | ## SSL Support 36 | 37 | You can run the application with https. 38 | 39 | Prepare `certs` directory with following files: 40 | 41 | - `certs/dhparam.pem` - dhparam file 42 | - `certs/nginx.crt` - certificate file 43 | - `certs/nginx.key` - certificate key 44 | 45 | and start container like this: 46 | 47 | ```sh 48 | docker run -it --name axelor-demo \ 49 | -p 80:80 \ 50 | -p 443:443 \ 51 | -e NGINX_HOST=your.hostname.com \ 52 | -e NGINX_PORT=443 \ 53 | -v `pwd`/certs:/etc/nginx/certs:ro \ 54 | -v `pwd`/volumes/var/lib/postgresql:/var/lib/postgresql \ 55 | -v `pwd`/volumes/var/lib/tomcat:/var/lib/tomcat \ 56 | -v `pwd`/axelor-demo.war:/var/lib/tomcat/webapps/ROOT.war:ro \ 57 | axelor/aio-base 58 | ``` 59 | 60 | ## Next? 61 | 62 | This is still very early work. We are going to make it official docker image 63 | for production deployment. 64 | 65 | In the meantime, follow the [docker documentation][docker-doc] to get familiar with it. 66 | 67 | [axelor]: https://www.axelor.com/ 68 | [docker]: https://www.docker.com/ 69 | [docker-doc]: https://docs.docker.com/ 70 | [docker-compose]: https://docs.docker.com/compose/ 71 | -------------------------------------------------------------------------------- /aio-base/docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: '3' 2 | services: 3 | axelor: 4 | image: axelor/aio-base 5 | build: . 6 | ports: 7 | - 80:80 8 | - 443:443 9 | environment: 10 | - NGINX_HOST=localhost 11 | - NGINX_PORT=443 12 | volumes: 13 | - ./certs:/etc/nginx/certs:ro 14 | - ./volumes/var/lib/postgresql:/var/lib/postgresql 15 | - ./volumes/var/log/postgresql:/var/log/postgresql 16 | - ./volumes/var/lib/tomcat:/var/lib/tomcat 17 | - ./volumes/var/log/tomcat:/var/log/tomcat 18 | -------------------------------------------------------------------------------- /aio-base/docker-entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | set -e 3 | 4 | start_nginx() { 5 | local conf=nginx.conf 6 | [ -e /etc/nginx/certs/nginx.crt -a \ 7 | -e /etc/nginx/certs/nginx.key -a \ 8 | -e /etc/nginx/certs/dhparam.pem ] && conf=nginx-ssl.conf 9 | envsubst '$NGINX_HOST $NGINX_PORT' < /etc/nginx/conf.d.templates/${conf} > /etc/nginx/conf.d/default.conf 10 | service nginx start 11 | } 12 | 13 | start_postgres() { 14 | 15 | if [ -s "$PGDATA/PG_VERSION" ]; then 16 | # start postgres 17 | service postgresql start 18 | else 19 | # initialize postgresql 20 | mkdir -p $PGDATA 21 | mkdir -p /var/log/postgresql 22 | 23 | chown -R postgres:postgres $PGDATA 24 | chown -R postgres:postgres /var/log/postgresql 25 | 26 | gosu postgres initdb --username=postgres 27 | [ -e $PGDATA/pg_hba.conf ] && echo "host all all all md5" >> $PGDATA/pg_hba.conf 28 | [ -e $PGDATA/postgresql.conf ] && echo "listen_addresses='localhost'" >> $PGDATA/postgresql.conf 29 | 30 | # start postgres 31 | service postgresql start 32 | 33 | local PSQL="gosu postgres psql" 34 | 35 | # create user 36 | if [ "$POSTGRES_USER" = 'postgres' ]; then 37 | $PSQL --command "ALTER USER $POSTGRES_USER WITH SUPERUSER PASSWORD '$POSTGRES_PASSWORD'" 38 | else 39 | $PSQL --command "CREATE USER $POSTGRES_USER WITH SUPERUSER PASSWORD '$POSTGRES_PASSWORD'" 40 | fi 41 | 42 | # create db 43 | if [ "$POSTGRES_DB" != 'postgres' ]; then 44 | $PSQL --command "CREATE DATABASE $POSTGRES_DB WITH OWNER '$POSTGRES_USER'" 45 | fi 46 | 47 | for f in /docker-entrypoint-initdb.d/*; do 48 | case "$f" in 49 | *.sh) echo "$0: running $f"; . "$f" ;; 50 | *.sql) echo "$0: running $f"; $PSQL -U $POSTGRES_USER -d $POSTGRES_DB -f "$f"; echo ;; 51 | *.sql.gz) echo "$0: running $f"; gunzip -c "$f" | $PSQL -U $POSTGRES_USER -d $POSTGRES_DB; echo ;; 52 | *) echo "$0: ignoring $f" ;; 53 | esac 54 | echo 55 | done 56 | fi 57 | } 58 | 59 | start_tomcat() { 60 | if [ -f "$CATALINA_BASE/app.properties" ]; then 61 | JAVA_OPTS="-Daxelor.config=$CATALINA_BASE/app.properties $JAVA_OPTS" gosu tomcat tomcat run 62 | else 63 | gosu tomcat tomcat run 64 | fi 65 | } 66 | 67 | prepare_app() { 68 | 69 | # ensure tomcat specific dirs exist 70 | mkdir -p /var/log/tomcat 71 | mkdir -p $CATALINA_BASE/{conf,temp,webapps} 72 | 73 | # prepare tomcat base 74 | if [ ! -f $CATALINA_BASE/conf/server.xml ]; then 75 | mkdir -p $CATALINA_BASE/{conf,temp,webapps} 76 | cp $CATALINA_HOME/conf/tomcat-users.xml $CATALINA_BASE/conf/ 77 | cp $CATALINA_HOME/conf/logging.properties $CATALINA_BASE/conf/ 78 | cp $CATALINA_HOME/conf/server.xml $CATALINA_BASE/conf/ 79 | cp $CATALINA_HOME/conf/web.xml $CATALINA_BASE/conf/ 80 | sed -i 's/directory="logs"/directory="\/var\/log\/tomcat"/g' $CATALINA_BASE/conf/server.xml 81 | sed -i 's/\${catalina.base}\/logs/\/var\/log\/tomcat/g' $CATALINA_BASE/conf/logging.properties 82 | fi 83 | 84 | # prepare config file and save it as app.properties 85 | ( 86 | cd $CATALINA_BASE; \ 87 | [ ! -e application.properties -a -e webapps/ROOT.war ] \ 88 | && jar xf webapps/ROOT.war WEB-INF/classes/application.properties \ 89 | && mv WEB-INF/classes/application.properties . \ 90 | && rm -rf WEB-INF; 91 | [ ! -e app.properties -a -e application.properties ] \ 92 | && cp application.properties app.properties \ 93 | && echo >> app.properties \ 94 | && echo "application.mode = prod" >> app.properties \ 95 | && echo "db.default.url = jdbc:postgresql://localhost:5432/$POSTGRES_DB" >> app.properties \ 96 | && echo "db.default.user = axelor" >> app.properties \ 97 | && echo "db.default.password = axelor" >> app.properties; 98 | exit 0; 99 | ) 100 | 101 | # ensure proper permissions 102 | ( chown -hfR $TOMCAT_USER:adm /var/log/tomcat || exit 0 ) 103 | ( chown -hfR $TOMCAT_USER:$TOMCAT_GROUP $CATALINA_BASE || exit 0 ) 104 | 105 | # copy static files in a separate directory for nginx 106 | ( 107 | cd $CATALINA_BASE/webapps; \ 108 | [ ! -d static -a -e ROOT.war ] \ 109 | && mkdir -p static \ 110 | && cd static \ 111 | && jar xf ../ROOT.war css js img ico lib dist partials \ 112 | && cd .. \ 113 | && chown -R tomcat:nginx static; 114 | exit 0; 115 | ) 116 | } 117 | 118 | if [ "$1" = "start" ]; then 119 | shift 120 | prepare_app 121 | start_nginx 122 | start_postgres 123 | start_tomcat 124 | fi 125 | 126 | # Else default to run whatever the user wanted like "bash" 127 | exec "$@" 128 | -------------------------------------------------------------------------------- /aio-base/nginx-ssl.conf: -------------------------------------------------------------------------------- 1 | gzip on; 2 | gzip_vary on; 3 | gzip_proxied any; 4 | gzip_types 5 | text/plain 6 | text/css 7 | application/javascript 8 | application/json 9 | application/x-javascript 10 | text/xml 11 | application/xml 12 | application/xml+rss 13 | text/javascript; 14 | 15 | upstream tomcat { 16 | server 127.0.0.1:8080; 17 | } 18 | 19 | server { 20 | listen 80; 21 | server_name ${NGINX_HOST}; 22 | return 301 https://${NGINX_HOST}:${NGINX_PORT}$request_uri; 23 | } 24 | 25 | server { 26 | listen 443 ssl http2; 27 | server_name ${NGINX_HOST}; 28 | 29 | root /var/lib/tomcat/webapps/static; 30 | 31 | ssl on; 32 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 33 | ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:!DSS'; 34 | ssl_prefer_server_ciphers on; 35 | ssl_session_timeout 5m; 36 | ssl_session_cache shared:SSL:50m; 37 | ssl_session_tickets off; 38 | ssl_certificate certs/nginx.crt; 39 | ssl_certificate_key certs/nginx.key; 40 | ssl_dhparam certs/dhparam.pem; 41 | 42 | add_header Strict-Transport-Security "max-age=31536000" always; 43 | 44 | location @proxy { 45 | proxy_http_version 1.1; 46 | proxy_buffering off; 47 | proxy_set_header Host $http_host; 48 | proxy_set_header X-Real-IP $remote_addr; 49 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 50 | proxy_set_header X-Forwarded-Host $http_host; 51 | proxy_set_header X-Forwarded-Server $host; 52 | proxy_set_header X-Forwarded-Proto https; 53 | 54 | # Mitigate httpoxy attack 55 | proxy_set_header Proxy ""; 56 | 57 | proxy_pass http://tomcat; 58 | 59 | # rewrite Location header, so we that don't have to change tomcat server.xml 60 | proxy_redirect ~^(https?://[^/]+)(/.*)$ https://$http_host$2; 61 | } 62 | 63 | location / { 64 | try_files $uri @proxy; 65 | } 66 | 67 | location ~ gzip.(js|css)$ { 68 | rewrite ^(.*?)\.gzip\.(js|css)$ $1.min.$2; 69 | } 70 | 71 | location ~ (.*?)/(lib|js|css|img|ico|dist|partials)/(.*) { 72 | try_files /$2/$3 @proxy; 73 | expires 1M; 74 | access_log off; 75 | add_header Cache-Control "public"; 76 | } 77 | } 78 | -------------------------------------------------------------------------------- /aio-base/nginx.conf: -------------------------------------------------------------------------------- 1 | gzip on; 2 | gzip_vary on; 3 | gzip_proxied any; 4 | gzip_types 5 | text/plain 6 | text/css 7 | application/javascript 8 | application/json 9 | application/x-javascript 10 | text/xml 11 | application/xml 12 | application/xml+rss 13 | text/javascript; 14 | 15 | upstream tomcat { 16 | server 127.0.0.1:8080; 17 | } 18 | 19 | server { 20 | listen 80; 21 | server_name ${NGINX_HOST}; 22 | 23 | root /var/lib/tomcat/webapps/static; 24 | 25 | location @proxy { 26 | proxy_http_version 1.1; 27 | proxy_buffering off; 28 | proxy_set_header Host $http_host; 29 | proxy_set_header X-Real-IP $remote_addr; 30 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 31 | proxy_set_header X-Forwarded-Host $http_host; 32 | proxy_set_header X-Forwarded-Server $host; 33 | 34 | proxy_pass http://tomcat; 35 | proxy_redirect off; 36 | } 37 | 38 | location / { 39 | try_files $uri @proxy; 40 | } 41 | 42 | location ~ gzip.(js|css)$ { 43 | rewrite ^(.*?)\.gzip\.(js|css)$ $1.min.$2; 44 | } 45 | 46 | location ~ (.*?)/(lib|js|css|img|ico|dist|partials)/(.*) { 47 | try_files /$2/$3 @proxy; 48 | expires 1M; 49 | access_log off; 50 | add_header Cache-Control "public"; 51 | } 52 | } 53 | -------------------------------------------------------------------------------- /aio-builder/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM adoptopenjdk/openjdk8 2 | LABEL maintainer="Axelor " 3 | 4 | RUN set -ex \ 5 | && DEBIAN_FRONTEND=noninteractive apt-get update \ 6 | && DEBIAN_FRONTEND=noninteractive apt-get upgrade -y \ 7 | && DEBIAN_FRONTEND=noninteractive apt-get install -y gnupg dirmngr apt-transport-https locales \ 8 | && apt-key adv --batch --fetch-keys https://deb.nodesource.com/gpgkey/nodesource.gpg.key \ 9 | && echo 'deb https://deb.nodesource.com/node_8.x bionic main' > /etc/apt/sources.list.d/nodesource.list \ 10 | && apt-key adv --batch --fetch-keys https://dl.yarnpkg.com/debian/pubkey.gpg \ 11 | && echo 'deb https://dl.yarnpkg.com/debian/ stable main' > /etc/apt/sources.list.d/yarn.list \ 12 | && DEBIAN_FRONTEND=noninteractive apt-get update \ 13 | && DEBIAN_FRONTEND=noninteractive apt-get upgrade -y \ 14 | && DEBIAN_FRONTEND=noninteractive apt-get install -y \ 15 | git-core nodejs yarn \ 16 | && rm -rf /var/lib/apt/lists/* 17 | 18 | # update locale 19 | RUN set -ex && \ 20 | echo 'en_GB.UTF-8 UTF-8' >> /etc/locale.gen && \ 21 | echo 'en_US.UTF-8 UTF-8' >> /etc/locale.gen && locale-gen 22 | ENV LANG en_US.utf8 23 | 24 | # jdk 25 | ENV JAVA_HOME /opt/java/openjdk 26 | 27 | RUN set -ex \ 28 | && update-alternatives --install /usr/bin/java java $JAVA_HOME/bin/java 20000 \ 29 | && update-alternatives --install /usr/bin/javac javac $JAVA_HOME/bin/javac 20000 \ 30 | && update-alternatives --install /usr/bin/jar jar $JAVA_HOME/bin/jar 20000 31 | 32 | RUN \ 33 | set -ex && \ 34 | mkdir -p /app/src && cd /app/src && \ 35 | git clone https://github.com/axelor/axelor-development-kit.git && \ 36 | cd axelor-development-kit && \ 37 | ./gradlew --no-daemon -x test build 38 | 39 | RUN \ 40 | set -ex && \ 41 | cd /app/src && \ 42 | git clone https://github.com/axelor/abs-webapp.git axelor-erp && \ 43 | sed -e 's|git@github.com:|https://github.com/|' -i axelor-erp/.gitmodules && \ 44 | cd axelor-erp && \ 45 | git checkout master && \ 46 | git submodule sync && \ 47 | git submodule init && \ 48 | git submodule update && \ 49 | git submodule foreach git checkout master && \ 50 | git submodule foreach git pull origin master && \ 51 | sed -e 's|^application.theme.*|application.theme = modern|g' -i src/main/resources/application.properties && \ 52 | ./gradlew --no-daemon -x test npm-build build && \ 53 | rm -rf /app 54 | 55 | -------------------------------------------------------------------------------- /aio-builder/README.md: -------------------------------------------------------------------------------- 1 | # All-in-One : Axelor Builder 2 | 3 | The Dockerfile to build All-in-One docker image of build Axelor Apps. 4 | 5 | The image includes OpenJDK8 from AdoptOpenJDK, Node.js 8.x and Yarn. 6 | 7 | The image also caches build dependencies of the latest Axelor ERP 8 | so that we can rebuild the ERP with same dependencies. 9 | 10 | ## Build Image 11 | 12 | ```sh 13 | $ docker build -t axelor/aio-builder . 14 | ``` 15 | 16 | ## Build App 17 | 18 | ```sh 19 | $ docker run --rm -it -v /path/to/app-source:/src -w /src axelor/aio-builder \ 20 | ./gradlew -x test build 21 | ``` 22 | 23 | For example, to build Axelor ERP: 24 | 25 | ``` 26 | $ docker run --rm -it -v `pwd`/abs-webapp:/src -w /src axelor/aio-builder \ 27 | ./gradlew -x test build 28 | ``` 29 | 30 | -------------------------------------------------------------------------------- /aio-erp/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM axelor/aio-builder as builder 2 | 3 | RUN mkdir -p /app/src 4 | WORKDIR /app/src 5 | 6 | RUN \ 7 | set -ex && \ 8 | git clone https://github.com/axelor/abs-webapp.git axelor-erp && \ 9 | sed -e 's|git@github.com:|https://github.com/|' -i axelor-erp/.gitmodules && \ 10 | cd axelor-erp && \ 11 | git checkout master && \ 12 | git submodule sync && \ 13 | git submodule init && \ 14 | git submodule update && \ 15 | git submodule foreach git checkout master && \ 16 | git submodule foreach git pull origin master && \ 17 | sed -e 's|^application.theme.*|application.theme = modern|g' -i src/main/resources/application.properties && \ 18 | ./gradlew --no-daemon -x test npm-build build 19 | 20 | FROM axelor/aio-base 21 | LABEL maintainer="Axelor " 22 | 23 | COPY --from=builder /app/src/axelor-erp/build/libs/axelor-erp-*.war $CATALINA_BASE/webapps/ROOT.war 24 | 25 | CMD ["start"] 26 | -------------------------------------------------------------------------------- /aio-erp/README.md: -------------------------------------------------------------------------------- 1 | # All-in-One : Axelor ERP 2 | 3 | The Dockerfile to build All-in-One docker image of Axelor ERP. 4 | 5 | ## Build Image 6 | 7 | ```sh 8 | $ docker build -t axelor/aio-erp . 9 | ``` 10 | 11 | ## Run app container 12 | 13 | ```sh 14 | $ docker run -it -p 8080:80 axelor/aio-erp 15 | ``` 16 | 17 | ## Run with SSL 18 | 19 | ```sh 20 | $ docker run -it -v /path/to/your/certs:/etc/nginx/certs -p 80:80 -p 443:443 axelor/aio-erp 21 | ``` 22 | 23 | The `certs` directory should contain certificates with following names: 24 | 25 | * `nginx.key` - the key file 26 | * `nginx.crt` - the certificate file 27 | * `dhparam.pem` - the dhparam file 28 | 29 | ## Custom app config 30 | 31 | The image uses default `application.properties` from ABS source. You can provide your own 32 | configuration file as bellow: 33 | 34 | ```sh 35 | $ docker run -it -v /path/to/application.properties:/application.properties -p 8080:80 axelor/aio-erp 36 | ``` 37 | 38 | ## Other Options 39 | 40 | The docker image exposes following ports: 41 | 42 | * `80` - nginx http port 43 | * `443` - nginx https port 44 | * `8080` - tomcat http port 45 | * `5432` - postgresql port 46 | 47 | The docker image exposes following volumes: 48 | 49 | * `/var/lib/tomcat` - tomcat base directory 50 | * `/var/lib/postgresql` - postgresql data directory 51 | * `/var/log/tomcat` - tomcat log files 52 | * `/var/log/postgresql` - postgresql log files 53 | 54 | Following environment variables can be used to change container settings: 55 | 56 | * `NGINX_HOST` - the public host name (default: localhost) 57 | * `NGINX_PORT` - the public port (default: 443) 58 | * `POSTGRES_USER` - the postgresql user name (default: axelor) 59 | * `POSTGRES_PASSWORD` - the postgresql user password (default: axelor) 60 | * `POSTGRES_DB` - the postgresql database name (default: axelor) 61 | --------------------------------------------------------------------------------