Last active
January 24, 2017 22:56
-
-
Save NikolausDemmel/7281ae200f6c251b5695e96563ab60a9 to your computer and use it in GitHub Desktop.
Dockerfile for marv-robotics
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM ros:indigo | |
MAINTAINER Nikolaus Demmel <Nikolaus.Demmel@de.bosch.com> | |
################################################################################ | |
## ARGUMENTS | |
# optional use --build-arg or ARG for proxy variables instead, but for our case | |
# we want them set also in the running container for convenience | |
ARG DOCKER_HOST_IP=172.17.0.1 | |
ENV no_proxy="127.0.0.1,$DOCKER_HOST_IP" | |
ENV http_proxy=http://$DOCKER_HOST_IP:3128/ | |
ENV https_proxy=https://$DOCKER_HOST_IP:3128/ | |
# allow to change the uid/gid when starting the container | |
ENV MARV_USERID=1000 | |
ENV MARV_GROUPID=1000 | |
# the user and group name is not supposed to be changed when running a container, | |
# but it is still used in the entrypoint script | |
ENV MARV_USER=marv | |
ENV MARV_GROUP=marv | |
################################################################################ | |
## BOILERPLATE | |
# Use the "noninteractive" debconf frontend since we're installing in a non-interactive way. | |
ARG DEBIAN_FRONTEND=noninteractive | |
# install bosch proxy certificates (for installingg gosu with https download) | |
RUN mkdir -p /usr/share/ca-certificates/bosch | |
COPY certificates/BoschInternetProxyCA2.crt /usr/share/ca-certificates/bosch | |
RUN for f in /usr/share/ca-certificates/bosch/*.crt; do echo "bosch/$(basename $f)" >> /etc/ca-certificates.conf; done | |
RUN update-ca-certificates | |
# gosu for easy step-down from root, which we use in our entrypoint script | |
# see: https://github.com/tianon/gosu | |
ARG GOSU_VERSION=1.9 | |
RUN set -x \ | |
&& apt-get update && apt-get install -y --no-install-recommends wget && rm -rf /var/lib/apt/lists/* \ | |
&& dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')" \ | |
&& wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \ | |
&& wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc" \ | |
&& export GNUPGHOME="$(mktemp -d)" \ | |
&& gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \ | |
&& gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu \ | |
&& rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc \ | |
&& chmod +x /usr/local/bin/gosu \ | |
&& gosu nobody true \ | |
&& apt-get purge -y --auto-remove wget | |
################################################################################ | |
## INSTALL MARV-ROBOTICS SYSTEM DEPENDENCIES | |
# get a more recent version of python 2.7 from a PPA | |
RUN apt-get update && apt-get install -y software-properties-common \ | |
&& add-apt-repository ppa:fkrull/deadsnakes-python2.7 \ | |
&& apt-get update \ | |
&& apt-get upgrade -y \ | |
&& rm -rf /var/lib/apt/lists/* | |
# system dependencies | |
RUN apt-get update && apt-get install -y \ | |
curl \ | |
ros-indigo-ros-base \ | |
python2.7-dev \ | |
ros-indigo-cv-bridge \ | |
python-opencv \ | |
python-virtualenv \ | |
libjpeg-dev \ | |
libz-dev \ | |
libffi-dev \ | |
&& rm -rf /var/lib/apt/lists/* | |
################################################################################ | |
## PREPARE USER DIR AND ENTRYPOINT | |
# add user and group | |
RUN groupadd -g $MARV_GROUPID $MARV_GROUP && \ | |
useradd -m -u $MARV_USERID -g $MARV_GROUPID $MARV_USER | |
# prepare entry point and environment | |
COPY marv_entrypoint.sh / | |
COPY marv_env.sh / | |
RUN echo ". /marv_env.sh" >> /etc/bash.bashrc | |
# prepare user and directory | |
RUN mkdir -p /marv/site | |
RUN chown -R $MARV_USER:$MARV_GROUP /marv | |
USER $MARV_USER | |
WORKDIR /marv | |
RUN touch .firstrun | |
################################################################################ | |
## INSTALL MARV-ROBOTICCS | |
# prepare virtualenv with ROS | |
RUN rosdep update | |
RUN . /opt/ros/indigo/setup.sh \ | |
&& virtualenv -p python2.7 --system-site-packages venv | |
# manually upgrade setuptools (needed on 14.04) | |
RUN . venv/bin/activate \ | |
&& pip install -U setuptools | |
# install marv robotics | |
RUN . venv/bin/activate \ | |
&& pip install -U --pre marv-robotics | |
# install uswgi server | |
RUN . venv/bin/activate \ | |
&& pip install uwsgi | |
# default command: wsgi server; run as root since entrypoint drops privileges after setting permissions | |
WORKDIR /marv/site | |
USER root | |
ENTRYPOINT ["/marv_entrypoint.sh"] | |
CMD ["uwsgi", "--ini", "/marv/site/uwsgi.conf"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
set -e | |
# Drop root privileges if we are running uwsgi or marv, but otherwise | |
# if the the container is run with `--user` or with a custom command, don't | |
# touch the uid | |
if [[ ("$1" = 'uwsgi' || "$1" = 'marv') && "$(id -u)" = '0' ]]; then | |
# allow the user to specify the uid/gid of the marv user | |
if [ -f /marv/.firstrun ]; then | |
# update ids of user and group | |
usermod -u $MARV_USERID $MARV_USER | |
groupmod -g $MARV_GROUPID $MARV_GROUP | |
usermod -g $MARV_GROUPID $MARV_USER | |
# Update ownership of /marv to that of the container | |
chown -R $MARV_USER:$MARV_GROUP /marv | |
if [ -d /marv/$MARV_USER ]; then | |
chown -R $MARV_USER:$MARV_GROUP /home/$MARV_USER | |
fi | |
# remove flag to run this only once | |
rm /marv/.firstrun | |
fi | |
# change arguments to run with 'gosu' (drop root privileges) | |
set -- gosu $MARV_USER "$@" | |
fi | |
# setup environment | |
source /marv_env.sh | |
# execute command | |
exec "$@" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
set -e | |
source "/opt/ros/$ROS_DISTRO/setup.bash" | |
source /marv/venv/bin/activate | |
set +e |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment