Rewrite docker files for 1.5 support.

Builds from source. Carries out security checks on downloads.
eclipse · Oct 24, 2018 · d60b9d4 · d60b9d4
1 parent 976edc6
commit d60b9d4
Show file tree

Hide file tree

Showing 16 changed files with 210 additions and 229 deletions.
diff --git a/docker/1.4.10/Dockerfile b/docker/1.4.10/Dockerfile
diff --git a/docker/1.4.10/README.md b/docker/1.4.10/README.md
diff --git a/docker/1.4.10/docker-entrypoint.sh b/docker/1.4.10/docker-entrypoint.sh
diff --git a/docker/1.4.14/Dockerfile b/docker/1.4.14/Dockerfile
diff --git a/docker/1.4.4/Dockerfile b/docker/1.4.4/Dockerfile
diff --git a/docker/1.4.4/README.md b/docker/1.4.4/README.md
diff --git a/docker/1.4.8/Dockerfile b/docker/1.4.8/Dockerfile
diff --git a/docker/1.4.8/README.md b/docker/1.4.8/README.md
diff --git a/docker/1.4.8/docker-entrypoint.sh b/docker/1.4.8/docker-entrypoint.sh
diff --git a/docker/1.5/Dockerfile b/docker/1.5/Dockerfile
@@ -0,0 +1,69 @@
+FROM alpine:3.8
+
+LABEL maintainer="Roger Light <[email protected]>" \
+ description="Eclipse Mosquitto MQTT Broker"
+
+ENV VERSION=1.5.3 \
+ DOWNLOAD_SHA256=3081a998d303a883b1cd064009beabc88aa9159e26f5258a4ae6007160491d10 \
+ GPG_KEYS=A0D6EEA1DCAE49A635A3B2F0779B22DFB3E717B7
+
+RUN set -x && \
+ apk --no-cache add --virtual build-deps \
+ build-base \
+ curl \
+ gnupg \
+ libressl-dev \
+ libwebsockets-dev \
+ util-linux-dev && \
+ curl -fSL https://mosquitto.org/files/source/mosquitto-${VERSION}.tar.gz -o /tmp/mosq.tar.gz && \
+ echo "$DOWNLOAD_SHA256 /tmp/mosq.tar.gz" | sha256sum -c - && \
+ curl -fSL https://mosquitto.org/files/source/mosquitto-${VERSION}.tar.gz.asc -o /tmp/mosq.tar.gz.asc && \
+ export GNUPGHOME="$(mktemp -d)" && \
+ found=''; \
+ for server in \
+ ha.pool.sks-keyservers.net \
+ hkp:https://keyserver.ubuntu.com:80 \
+ hkp:https://p80.pool.sks-keyservers.net:80 \
+ pgp.mit.edu \
+ ; do \
+ echo "Fetching GPG key $GPG_KEYS from $server"; \
+ gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$GPG_KEYS" && found=yes && break; \
+ done; \
+ test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \
+ gpg --batch --verify /tmp/mosq.tar.gz.asc /tmp/mosq.tar.gz && \
+ gpgconf --kill all && \
+ rm -rf "$GNUPGHOME" /tmp/mosq.tar.gz.asc && \
+ mkdir -p /build && \
+ tar --strip=1 -xf /tmp/mosq.tar.gz -C /build && \
+ rm /tmp/mosq.tar.gz && \
+ make -C /build -j "$(nproc)" \
+ WITH_ADNS=no \
+ WITH_DOCS=no \
+ WITH_MEMORY_TRACKING=no \
+ WITH_SHARED_LIBRARIES=no \
+ WITH_SRV=no \
+ WITH_STRIP=yes \
+ WITH_TLS_PSK=no \
+ WITH_WEBSOCKETS=yes \
+ prefix=/usr \
+ binary && \
+ addgroup -S mosquitto 2>/dev/null && \
+ adduser -S -D -H -h /var/empty -s /sbin/nologin -G mosquitto -g mosquitto mosquitto 2>/dev/null && \
+ mkdir -p /mosquitto/config /mosquitto/data /mosquitto/log && \
+ install -d /usr/sbin/ && \
+ install -s -m755 /build/src/mosquitto /usr/sbin/mosquitto && \
+ install -m644 /build/mosquitto.conf /mosquitto/config/mosquitto.conf && \
+ sed -i -e 's/#log_dest stderr/log_dest syslog/' /mosquitto/config/mosquitto.conf && \
+ chown -R mosquitto:mosquitto /mosquitto && \
+ apk del build-deps && \
+ apk --no-cache add \
+ libuuid \
+ libwebsockets && \
+ rm -rf /build /etc/apk /lib/apk
+
+VOLUME ["/mosquitto/config", "/mosquitto/data", "/mosquitto/log"]
+
+# Set up the entry point script and default command
+COPY docker-entrypoint.sh /
+ENTRYPOINT ["/docker-entrypoint.sh"]
+CMD ["/usr/sbin/mosquitto", "-c", "/mosquitto/config/mosquitto.conf"]
diff --git a/docker/1.5/README.md b/docker/1.5/README.md
@@ -0,0 +1,40 @@
+# Eclipse Mosquitto Docker Image
+Containers built with this Dockerfile build as source from published tarballs.
+
+## Mount Points
+Three docker volumes have been created in the image to be used for configuration, persistent storage and logs.
+```
+/mosquitto/config
+/mosquitto/data
+/mosquitto/log
+```
+
+## Configuration
+When creating a container from the image, the default configuration values are used.
+To use a custom configuration file, mount a **local** configuration file to `/mosquitto/config/mosquitto.conf`
+```
+docker run -it -p 1883:1883 -v <absolute-path-to-configuration-file>:/mosquitto/config/mosquitto.conf eclipse-mosquitto:<version>
+```
+
+:boom: if the mosquitto configuration (mosquitto.conf) was modified
+to use non-default ports, the docker run command will need to be updated
+to expose the ports that have been configured, for example:
+
+```
+docker run -it -p 1883:1883 -p 9001:9001 -v <absolute-path-to-configuration-file>:/mosquitto/config/mosquitto.conf eclipse-mosquitto:<version>
+```
+
+Configuration can be changed to:
+
+* persist data to `/mosquitto/data`
+* log to `/mosquitto/log/mosquitto.log`
+
+i.e. add the following to `mosquitto.conf`:
+```
+persistence true
+persistence_location /mosquitto/data/
+
+log_dest file /mosquitto/log/mosquitto.log
+```
+
+**Note**: For any volume used, the data will be persistent between containers.
diff --git a/docker/1.4.14/docker-entrypoint.sh → docker/1.5/docker-entrypoint.sh b/docker/1.4.14/docker-entrypoint.sh → docker/1.5/docker-entrypoint.sh
@@ -1,5 +1,4 @@
 #!/bin/ash
-
 set -e
-exec "$@"
 
+exec "$@"
diff --git a/docker/README.md b/docker/README.md
@@ -1,4 +1,19 @@
 # Docker Images 
 
-This directory contains the required files to build Mosquitto Docker images.
+This directory contains Docker files for Mosquitto.
+
+The `1.4` and `1.5` directories contain the latest version of Mosquitto for
+those releases, and provide the basis of the official images.
+
+`1.4.12` is the version using Alpine packaged Mosquitto, which will be removed
+at the next minor release.
+
+The `generic` directory contains a generic Dockerfile that can be used to build
+arbitrary versions of Mosquitto based on the released tarballs as follows:
+
+```
+cd generic
+docker build -t eclipse-mosquitto:1.5.1 --build-arg VERSION="1.5.1" .
+docker run --rm -it eclipse-mosquitto:1.5.1
+```