libreoffice-online/docker/from-source/Ubuntu
Michael Meeks 144b701453 cool#8703 - Drop random node creation and rely on inherited fd.
Re-using an inherited file descriptor to /dev/urandom frees us
from problems with mount options including 'nodev' and removes a
capability from the set we need.

Change-Id: I70337e923f802d7efbd3159c11a4e39f6529b6e6
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
2024-04-07 12:11:48 +02:00

45 lines
1.8 KiB
Text

# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
FROM ubuntu:18.04
# refresh repos otherwise installations later may fail
# install LibreOffice run-time dependencies
# install adduser, findutils, openssl and cpio that we need later
# install tzdata to accept the TZ environment variable
# install an editor
# tdf#117557 - Add CJK Fonts to Collabora Online Docker Image
RUN apt-get update && \
apt-get -y install libpng16-16 fontconfig adduser cpio tzdata \
findutils nano \
libcap2-bin openssl openssh-client inotify-tools procps \
libxcb-shm0 libxcb-render0 libxrender1 libxext6 \
fonts-wqy-zenhei fonts-wqy-microhei fonts-droid-fallback \
fonts-noto-cjk
# copy freshly built LOKit and Collabora Online
COPY /instdir /
# copy the shell script which can start Collabora Online (coolwsd)
COPY /start-collabora-online.sh /
# set up Collabora Online (normally done by postinstall script of package)
# Fix permissions
RUN setcap cap_fowner,cap_chown,cap_sys_chroot=ep /usr/bin/coolforkit && \
setcap cap_sys_admin=ep /usr/bin/coolmount && \
adduser --quiet --system --group --home /opt/cool cool && \
rm -rf /opt/cool && \
mkdir -p /opt/cool/child-roots && \
coolwsd-systemplate-setup /opt/cool/systemplate /opt/lokit >/dev/null 2>&1 && \
touch /var/log/coolwsd.log && \
chown cool:cool /var/log/coolwsd.log && \
chown -R cool:cool /opt/ && \
chown -R cool:cool /etc/coolwsd
EXPOSE 9980
# switch to cool user (use numeric user id to be compatible with Kubernetes Pod Security Policies)
USER 101
CMD ["/start-collabora-online.sh"]