FROM ubuntu:xenial HEALTHCHECK --start-period=30s CMD curl --insecure https://127.0.0.1/ ENV RUBY_VERSION=2.4.4 ENV RUBY_MAJOR_VERSION=2.4 ENV TINI_VERSION v0.18.0 ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /tini RUN chmod +x /tini RUN apt-get -qq update \ && DEBIAN_FRONTEND=noninteractive apt-get -qq upgrade -y \ && DEBIAN_FRONTEND=noninteractive apt-get -qq install -y \ build-essential \ libssl-dev \ libyaml-dev \ libreadline-dev \ openssl \ curl \ git-core \ zlib1g-dev \ bison \ libxml2-dev \ libxslt1-dev \ libcurl4-openssl-dev \ libsqlite3-dev \ sqlite3 \ wget \ apt-transport-https \ ca-certificates \ mysql-client \ libmysqlclient-dev \ postfix \ nodejs \ nginx \ lsb-release \ dirmngr \ gnupg \ && wget http://cache.ruby-lang.org/pub/ruby/${RUBY_MAJOR_VERSION}/ruby-${RUBY_VERSION}.tar.gz \ && tar -xzf ruby-${RUBY_VERSION}.tar.gz \ && cd ruby-${RUBY_VERSION} \ && ./configure \ && make && make install \ && apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 561F9B9CAC40B2F7 \ && sh -c 'echo deb https://oss-binaries.phusionpassenger.com/apt/passenger $(lsb_release -c --short) main > /etc/apt/sources.list.d/passenger.list' \ && apt-get -qq update \ && DEBIAN_FRONTEND=noninteractive apt-get -qq install -y \ passenger \ nginx-extras \ && apt-get -qq clean \ && apt-get autoremove -y \ && rm -rf \ /var/lib/apt/lists/* \ /tmp/* \ /var/tmp/* # Set timezone inside the container RUN echo "America/New_York" > /etc/timezone \ && rm /etc/localtime \ && ln -s /usr/share/zoneinfo/America/New_York /etc/localtime #New Relic #RUN echo deb http://apt.newrelic.com/debian/ newrelic non-free >> /etc/apt/sources.list.d/newrelic.list \ # && wget -O- https://download.newrelic.com/548C16BF.gpg | apt-key add - \ # && apt-get update \ # && apt-get install newrelic-sysmond -y \ # && nrsysmond-config --set license_key=$NEW_RELIC_LICENSE_KEY #SSL RUN mkdir /ssl \ && openssl req -sha256 -subj '/CN=home/O=home LTD./C=US' \ -x509 -nodes -days 365 -newkey rsa:4096 -keyout /ssl/server.key -out /ssl/server.crt EXPOSE 80 EXPOSE 443 RUN gem install --no-rdoc --no-ri bundler #Cache gems so they don't install on every code change WORKDIR /tmp COPY Gemfile Gemfile COPY Gemfile.lock Gemfile.lock RUN bundle install # Copy site into place. RUN rm -rf /rails && mkdir /rails WORKDIR /rails/ ADD . /rails/ # Nginx configurations (nginx does not pass envs which is why you need nginx-env.conf) COPY ./deploy/nginx-wrestlingdev.conf /etc/nginx/sites-available/default COPY ./deploy/nginx-env.conf /etc/nginx/main.d/nginx-env.conf COPY ./deploy/nginx.conf /etc/nginx/nginx.conf RUN echo "passenger_default_user root;" >> /etc/nginx/passenger.conf #Need temp secret keys to precompile assets ENV WRESTLINGDEV_SECRET_KEY_BASE 077cdbef5c2ccf22543fb17a67339f234306b7fa2e1e4463d851c444c10a5611829a2290b253da78339427f131571fac9a42c83d960b2d25ecc10a4a0a7ce1a2 ENV WRESTLINGDEV_DEVISE_SECRET_KEY 2f29d49db6704377ba263f7cb9db085b386bcb301c0cd501126a674686ab1a109754071165b08cd72af03cec4642a4dd04361c994462254dd5d85e9594e8b9aa RUN RAILS_ENV=production bundle exec rake assets:precompile # Tini solves the zombie PID problem ENTRYPOINT ["/tini", "--"] WORKDIR /rails #CMD bundle exec puma -t 3:3 -b 'ssl://0.0.0.0:443?key=/ssl/server.key&verify_mode=none&cert=/ssl/server.crt' -e production #CMD bundle exec passenger start --max-pool-size 3 --environment production --ssl --ssl-certificate /ssl/server.crt --ssl-certificate-key /ssl/server.key CMD ["nginx"]