FROM ubuntu:xenial

HEALTHCHECK --start-period=30s CMD curl --insecure https://127.0.0.1/

ENV RUBY_VERSION=2.4.4
ENV RUBY_MAJOR_VERSION=2.4

ENV TINI_VERSION v0.18.0
ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini
RUN chmod +x /tini

RUN apt-get -qq update \
  && DEBIAN_FRONTEND=noninteractive apt-get -qq upgrade -y \
  && DEBIAN_FRONTEND=noninteractive apt-get -qq install -y \
    build-essential \
    libssl-dev \
    libyaml-dev \
    libreadline-dev \
    openssl \
    curl \
    git-core \
    zlib1g-dev \
    bison \
    libxml2-dev \
    libxslt1-dev \
    libcurl4-openssl-dev \
    libsqlite3-dev \
    sqlite3 \
    wget \
    apt-transport-https \
    ca-certificates \
    mysql-client \
    libmysqlclient-dev \
    postfix \
    nodejs \
    nginx \
    lsb-release \
    dirmngr \
    gnupg \
  && wget http://cache.ruby-lang.org/pub/ruby/${RUBY_MAJOR_VERSION}/ruby-${RUBY_VERSION}.tar.gz \
  && tar -xzf ruby-${RUBY_VERSION}.tar.gz \
  && cd ruby-${RUBY_VERSION} \
  && ./configure \
  && make && make install \
  && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 561F9B9CAC40B2F7 \
  && sh -c 'echo deb https://oss-binaries.phusionpassenger.com/apt/passenger $(lsb_release -c --short) main > /etc/apt/sources.list.d/passenger.list' \
  && apt-get -qq update \
  && DEBIAN_FRONTEND=noninteractive apt-get -qq install -y \
    passenger \
    nginx-extras \
  && apt-get -qq clean \
  && apt-get autoremove -y \
  && rm -rf \
    /var/lib/apt/lists/* \
    /tmp/* \
    /var/tmp/*

# Set timezone inside the container
RUN echo "America/New_York" > /etc/timezone \
 && rm /etc/localtime \
 && ln -s /usr/share/zoneinfo/America/New_York /etc/localtime

#New Relic
#RUN echo deb http://apt.newrelic.com/debian/ newrelic non-free >> /etc/apt/sources.list.d/newrelic.list \
# && wget -O- https://download.newrelic.com/548C16BF.gpg | apt-key add - \
# && apt-get update \
# && apt-get install newrelic-sysmond -y \
# && nrsysmond-config --set license_key=$NEW_RELIC_LICENSE_KEY

#SSL
RUN mkdir /ssl \
  && openssl req -sha256 -subj '/CN=home/O=home LTD./C=US' \
    -x509 -nodes -days 365 -newkey rsa:4096 -keyout /ssl/server.key -out /ssl/server.crt

EXPOSE 80
EXPOSE 443

RUN gem install --no-rdoc --no-ri bundler
#Cache gems so they don't install on every code change
WORKDIR /tmp
COPY Gemfile Gemfile
COPY Gemfile.lock Gemfile.lock
RUN bundle install

# Copy site into place.
RUN rm -rf /rails && mkdir /rails
WORKDIR /rails/
ADD . /rails/

# Nginx configurations (nginx does not pass envs which is why you need nginx-env.conf)
COPY ./deploy/nginx-wrestlingdev.conf /etc/nginx/sites-available/default
COPY ./deploy/nginx-env.conf /etc/nginx/main.d/nginx-env.conf
COPY ./deploy/nginx.conf /etc/nginx/nginx.conf
RUN echo "passenger_default_user root;" >> /etc/nginx/passenger.conf

#Need temp secret keys to precompile assets
ENV WRESTLINGDEV_SECRET_KEY_BASE 077cdbef5c2ccf22543fb17a67339f234306b7fa2e1e4463d851c444c10a5611829a2290b253da78339427f131571fac9a42c83d960b2d25ecc10a4a0a7ce1a2
ENV WRESTLINGDEV_DEVISE_SECRET_KEY 2f29d49db6704377ba263f7cb9db085b386bcb301c0cd501126a674686ab1a109754071165b08cd72af03cec4642a4dd04361c994462254dd5d85e9594e8b9aa
RUN RAILS_ENV=production bundle exec rake assets:precompile

# Tini solves the zombie PID problem
ENTRYPOINT ["/tini", "--"]

WORKDIR /rails
#CMD bundle exec puma -t 3:3 -b 'ssl://0.0.0.0:443?key=/ssl/server.key&verify_mode=none&cert=/ssl/server.crt'  -e production
#CMD bundle exec passenger start --max-pool-size 3 --environment production --ssl --ssl-certificate /ssl/server.crt --ssl-certificate-key /ssl/server.key
CMD ["nginx"]