##############################################################################
# Dockerfile to build nginx and shibboleth for LINDAT Dspace container
# Based on Ubuntu
##############################################################################

ARG UBUNTU_VERSION=16.04
FROM ubuntu:$UBUNTU_VERSION
ARG UBUNTU_VERSION

ARG LABEL_VCS_URL="https://gitlab.inf.unibz.it/commul/docker/clarin-dspace"
LABEL maintainer="Alexander König <Alexander.Koenig@eurac.edu>" \
      maintainer="Egon W. Stemle <egon.stemle@eurac.edu>"

ENV TERM linux
# APT(-GET) tweaks
# Set some sane defaults for apt inside docker
ENV DEBIAN_FRONTEND=noninteractive
COPY apt.local.conf /etc/apt/apt.conf.d/99local.conf
# use fast(er) local mirrors
COPY ubuntu-$UBUNTU_VERSION.sources.list /etc/apt/sources.list
RUN apt-get update && \
    apt-get upgrade

# install cpanm and dependencies
RUN apt-get update \
&&  apt-get install make gcc wget cpanminus

RUN cpanm -n File::Spec::Functions
RUN cpanm Term::ReadLine

# install jdk, ant, psql, mvn, make, libxml, xsltproc, zip, wget
RUN apt-get update \
&& apt-get install ant curl libxml2-utils maven openjdk-8-jdk unzip xsltproc yui-compressor

# install convenience apps for debug purposes (vim and jsbeautifier)
RUN apt-get update && apt-get install vim less python-pip
RUN pip install --upgrade pip
RUN pip install jsbeautifier
COPY commul-customization/__init__.py /usr/local/lib/python2.7/dist-packages/jsbeautifier/

# set up a proper locale
RUN apt-get update && apt-get install locales
RUN locale-gen en_US.UTF-8
COPY commul-customization/default_locale /etc/default/locale
RUN chmod 0755 /etc/default/locale

ENV LC_ALL=en_US.UTF-8
ENV LANG=en_US.UTF-8
ENV LANGUAGE=en_US.UTF-8

# build nginx
RUN apt-get update && apt-get install zlib1g zlib1g-dev libpcre3 libpcre3-dev curl
RUN cpanm File::Spec::Functions
RUN cpanm Term::ReadLine
COPY commul-customization/nginx_build.sh /tmp/nginx_build.sh
RUN chmod a+x /tmp/nginx_build.sh
WORKDIR /tmp/
RUN ./nginx_build.sh
# copy the init script
COPY commul-customization/nginx /etc/init.d/
RUN chmod a+x /etc/init.d/nginx
# add a symlink
RUN ln -s /opt/nginx/sbin/nginx /usr/sbin/nginx
# copy over static html
COPY commul-customization/webpage/ /opt/nginx/html/
# copy over robots.txt
COPY commul-customization/robots-clarin-dev.txt /opt/nginx/html/robots.txt
COPY commul-customization/google4a439c0ac1ac30d0.html /opt/nginx/html/
RUN chown -R www-data:www-data /opt/nginx/html/

#RUN mkdir /opt/nginx/html/img
#COPY commul-customization/index.html /opt/nginx/html/
#COPY commul-customization/eurac.png /opt/nginx/html/img/

# install php
RUN apt-get update && apt-get install php-fpm php-xml
# copy over aa-statistics script
RUN mkdir /opt/nginx/html/php
COPY commul-customization/aa-statistics.php /opt/nginx/html/php/

# get aai project
RUN apt-get update && apt-get install git
RUN git clone https://github.com/ufal/lindat-aai-discovery.git /opt/repository/sources/lindat-aai-discovery

# install shibboleth
COPY commul-customization/shibboleth_sp_with_fastcgi.sh /tmp/
WORKDIR /tmp
RUN chmod u+x /tmp/shibboleth_sp_with_fastcgi.sh
RUN /tmp/shibboleth_sp_with_fastcgi.sh
# copy the init script
RUN cp /opt/shibboleth-sp-fastcgi/etc/shibboleth/shibd-debian /etc/init.d/shibd
RUN chmod a+x /etc/init.d/shibd

# create the test secure folder and set up perl fastcgi
RUN mkdir /opt/nginx/html/secure
RUN apt-get update && apt-get install fcgiwrap
RUN cpanm CGI URI XML::Twig LWP::Protocol::https
COPY commul-customization/shib_test.pl /opt/nginx/html/secure/
COPY commul-customization/shib_fastcgi_params /opt/nginx/conf/
COPY commul-customization/attribute-map.xml /opt/shibboleth-sp-fastcgi/etc/shibboleth/
RUN chown -R www-data:www-data /opt/nginx/html/secure
RUN chmod a+x /opt/nginx/html/secure/shib_test.pl

# install supervisor
RUN apt-get update && apt-get install python-setuptools
RUN easy_install supervisor
COPY commul-customization/supervisord.conf /etc/
RUN mkdir -p /var/log/supervisor
# create dirs for php-fpm socket/pid and log files
RUN mkdir -p /run/php
RUN mkdir -p /var/log/php-fpm/
COPY commul-customization/php-fpm.conf /etc/php/7.0/fpm/
COPY commul-customization/php.ini /etc/php/7.0/fpm/

# copy over config files
COPY commul-customization/nginx.default.conf /opt/nginx/conf/
COPY commul-customization/nginx.conf /opt/nginx/conf/
COPY commul-customization/repository_auth /opt/nginx/conf/
COPY commul-customization/shibboleth2.xml /opt/shibboleth-sp-fastcgi/etc/shibboleth/
COPY commul-customization/clarin.eurac.edu.template.metadata.xml /opt/shibboleth-sp-fastcgi/etc/shibboleth/
COPY commul-customization/shib_clear_headers /opt/nginx/conf/

# copy over config files
COPY commul-customization/aai.js /opt/repository/sources/lindat-aai-discovery/
WORKDIR /opt/repository/sources/lindat-aai-discovery/
# this does not always work, because the website is often down or the certificate has run out
# RUN touch /opt/repository/sources/lindat-aai-discovery/aai.js
# RUN make aai.min.js
RUN yui-compressor -o aai.min.js aai.js

# copy certificate for clarin-dev
# COPY commul-customization/certs/clarin-dev.key /etc/ssl/private/
# COPY commul-customization/certs/clarin-dev_eurac_edu.crt /etc/ssl/certs/

# if deployed on clarin instead of clarin-dev comment the two lines above and uncomment the following lines

## copy certificate for clarin
# COPY commul-customization/certs/clarin.key /etc/ssl/private/
# COPY commul-customization/certs/clarin_eurac_edu.crt /etc/ssl/certs/

# add IdP metadata from CLARIN server
ADD https://infra.clarin.eu/aai/prod_md_about_spf_idps.xml /opt/shibboleth-sp-fastcgi/var/cache/shibboleth/

ARG LABEL_VERSION
ARG LABEL_BUILD_DATE
LABEL org.label-schema.version=$LABEL_VERSION \
      org.label-schema.build-date=$LABEL_BUILD_DATE \
      org.label-schema.vcs-url=$LABEL_VCS_URL

ENTRYPOINT ["/usr/local/bin/supervisord", "-c", "/etc/supervisord.conf"]