diff --git a/Dockerfile.rockylinux b/Dockerfile.rockylinux new file mode 100644 index 0000000..9ec32e5 --- /dev/null +++ b/Dockerfile.rockylinux @@ -0,0 +1,49 @@ +FROM rockylinux:8.6-minimal + +# Install dependencies +RUN microdnf -y install epel-release && \ + microdnf -y install bash wget unzip \ + python3-daemon bubblewrap gcc iproute \ + bzip2 openssh openssh-clients python2-psutil\ + python36 python36-devel python39-setuptools\ + nginx supervisor glibc-locale-source glibc-langpack-en && \ + localedef -c -i en_US -f UTF-8 en_US.UTF-8 + +RUN pip3 install --upgrade pip + +RUN /usr/bin/python3 -m pip install ansible cryptography docutils psutil PyYAML \ + pyOpenSSL flask flask-restful uwsgi netaddr notario && \ + /usr/bin/python3 -m pip install --no-cache-dir ansible-runner==1.4.6 && \ + rm -rf /var/cache/yum + +# Create CA certificate folder +RUN mkdir -p /etc/ansible-runner-service/certs/server + +# Create self-signed CA +RUN openssl req -new -newkey rsa:4096 -days 3650 -nodes -x509 -subj "/C=UT/ST=UT/L=Utopia/O=Acme/CN=ansible-runner" -keyout /etc/ansible-runner-service/certs/server/server.key -out /etc/ansible-runner-service/certs/server/server.crt && \ + cp /etc/ansible-runner-service/certs/server/server.crt /etc/ansible-runner-service/certs/server/ca.crt + +# Prepare folders for shared access and ssh +RUN mkdir -p /etc/ansible-runner-service && \ + mkdir -p /root/.ssh && \ + mkdir -p /usr/share/ansible-runner-service/{artifacts,env,project,inventory,client_cert} + +# Install Ansible Runner +WORKDIR /root +COPY ./*.py ansible-runner-service/ +COPY ./*.yaml ansible-runner-service/ +COPY ./runner_service ansible-runner-service/runner_service +COPY ./samples ansible-runner-service/samples + +# Put configuration files in the right places +# Nginx configuration +COPY misc/nginx/nginx.conf /etc/nginx/ +# Ansible Runner Service nginx virtual server +COPY misc/nginx/ars_site_nginx.conf /etc/nginx/conf.d +# Ansible Runner Service uwsgi settings +COPY misc/nginx/uwsgi.ini /root/ansible-runner-service +# Supervisor start sequence +COPY misc/nginx/supervisord.conf /root/ansible-runner-service + +# Start services +CMD ["/usr/bin/supervisord", "-c", "/root/ansible-runner-service/supervisord.conf"]