libreoffice-online/docker/from-source/ArchLinux
Michael Meeks 144b701453 cool#8703 - Drop random node creation and rely on inherited fd.
Re-using an inherited file descriptor to /dev/urandom frees us
from problems with mount options including 'nodev' and removes a
capability from the set we need.

Change-Id: I70337e923f802d7efbd3159c11a4e39f6529b6e6
Signed-off-by: Michael Meeks <michael.meeks@collabora.com>
2024-04-07 12:11:48 +02:00

41 lines
No EOL
1.4 KiB
Text

# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
FROM archlinux
RUN pacman -Syu --noconfirm && \
pacman -S --noconfirm libpng fontconfig cpio \
nano \
openssh inotify-tools \
libxcb libxrender libxext \
wqy-zenhei wqy-microhei ttf-droid \
noto-fonts-cjk perl
# copy freshly built LOKit and Collabora Online
COPY /instdir /
# copy the shell script which can start Collabora Online (coolwsd)
COPY /start-collabora-online.sh /
# set up Collabora Online (normally done by postinstall script of package)
# Fix permissions
RUN setcap cap_fowner,cap_chown,cap_sys_chroot=ep /usr/bin/coolforkit && \
setcap cap_sys_admin=ep /usr/bin/coolmount && \
useradd --system --user-group --create-home --home-dir /opt/cool cool && \
rm -rf /opt/cool && \
mkdir -p /opt/cool/child-roots && \
coolwsd-systemplate-setup /opt/cool/systemplate /opt/lokit >/dev/null 2>&1 && \
touch /var/log/coolwsd.log && \
chown cool:cool /var/log/coolwsd.log && \
chown -R cool:cool /opt/ && \
chown -R cool:cool /etc/coolwsd
EXPOSE 9980
RUN usermod -u 972 cool
# switch to cool user (use numeric user id to be compatible with Kubernetes Pod Security Policies)
USER 972
CMD ["/start-collabora-online.sh"]