diff options
author | Mike Crute <mike@crute.us> | 2017-11-26 22:53:24 +0000 |
---|---|---|
committer | Mike Crute <mike@crute.us> | 2017-11-26 22:53:24 +0000 |
commit | 3245c7a74f93fcd9572c6b83735379bf04273218 (patch) | |
tree | e2de36108becf35291c2bd76b16ef1c66d7a528d /unifi-video | |
parent | 9576d787bbbfe7d8ab5949c8357bcecc4ba11a9d (diff) | |
download | dockerfiles-3245c7a74f93fcd9572c6b83735379bf04273218.tar.bz2 dockerfiles-3245c7a74f93fcd9572c6b83735379bf04273218.tar.xz dockerfiles-3245c7a74f93fcd9572c6b83735379bf04273218.zip |
Convert unifi video to alpine
Diffstat (limited to 'unifi-video')
-rw-r--r-- | unifi-video/Dockerfile | 61 | ||||
-rw-r--r-- | unifi-video/Makefile | 41 | ||||
-rwxr-xr-x | unifi-video/entrypoint.sh | 90 | ||||
-rw-r--r-- | unifi-video/log4j2.json | 135 | ||||
-rwxr-xr-x | unifi-video/lsb_release | 13 |
5 files changed, 340 insertions, 0 deletions
diff --git a/unifi-video/Dockerfile b/unifi-video/Dockerfile new file mode 100644 index 0000000..2cb7b52 --- /dev/null +++ b/unifi-video/Dockerfile | |||
@@ -0,0 +1,61 @@ | |||
1 | FROM frolvlad/alpine-oraclejdk8:slim | ||
2 | LABEL maintainer="Mike Crute <mike@crute.us>" | ||
3 | |||
4 | ARG version | ||
5 | |||
6 | ADD lsb_release /usr/bin | ||
7 | ADD log4j2.json /tmp | ||
8 | |||
9 | RUN \ | ||
10 | # Validate required arguments were passed | ||
11 | test -z "${version}" && { echo -e "\033[31mMissing build parameter 'version'\033[39m"; exit 1; }; \ | ||
12 | \ | ||
13 | # Install build and run dependencies | ||
14 | apk add --no-cache --virtual .build-deps \ | ||
15 | binutils \ | ||
16 | ca-certificates \ | ||
17 | curl \ | ||
18 | && apk add --no-cache \ | ||
19 | dumb-init \ | ||
20 | libcap \ | ||
21 | mongodb \ | ||
22 | su-exec \ | ||
23 | \ | ||
24 | # Fetch the Unifi package | ||
25 | && cd /tmp \ | ||
26 | && curl -s -o unifi_video.deb "https://dl.ubnt.com/firmwares/ufv/v${version}/unifi-video.Ubuntu16.04_amd64.v${version}.deb" \ | ||
27 | \ | ||
28 | # Unpack the debian package and "install" it | ||
29 | && ar x unifi_video.deb \ | ||
30 | && mkdir debian \ | ||
31 | && tar -C debian -xzf control.tar.gz \ | ||
32 | && tar -xzf data.tar.gz \ | ||
33 | && rm -rf usr/share usr/sbin \ | ||
34 | && mv usr/lib/unifi-video /usr/lib \ | ||
35 | \ | ||
36 | # Create directories and link everything together | ||
37 | && mkdir -p /var/lib/unifi-video /var/log/unifi-video /var/run/unifi-video \ | ||
38 | && ln -sf /usr/bin/mongod /usr/lib/unifi-video/bin/mongod \ | ||
39 | && ln -sf /var/lib/unifi-video /usr/lib/unifi-video/data \ | ||
40 | && ln -sf /var/log/unifi-video /usr/lib/unifi-video/logs \ | ||
41 | && ln -sf /var/run/unifi-video /usr/lib/unifi-video/run \ | ||
42 | \ | ||
43 | # Create Tomcat directories | ||
44 | && mkdir -p /usr/lib/unifi-video/conf/Catalina \ | ||
45 | && mkdir -p /usr/lib/unifi-video/work \ | ||
46 | \ | ||
47 | # Write out version file | ||
48 | && VERSIG=$(awk '/^VERSIG/ { split($1, a, "="); print a[2]; }' debian/postinst) \ | ||
49 | && echo "NVR.x86_64.${VERSIG}" > /etc/discovery.version \ | ||
50 | \ | ||
51 | # Install our customizations | ||
52 | && mv /tmp/log4j2.json /usr/lib/unifi-video \ | ||
53 | \ | ||
54 | # Cleanup | ||
55 | && apk del .build-deps \ | ||
56 | && rm -rf /tmp/* | ||
57 | |||
58 | ADD entrypoint.sh / | ||
59 | |||
60 | STOPSIGNAL SIGTERM | ||
61 | ENTRYPOINT [ "/entrypoint.sh" ] | ||
diff --git a/unifi-video/Makefile b/unifi-video/Makefile new file mode 100644 index 0000000..f277463 --- /dev/null +++ b/unifi-video/Makefile | |||
@@ -0,0 +1,41 @@ | |||
1 | REPO=575365190010.dkr.ecr.us-west-2.amazonaws.com | ||
2 | VERSION=3.8.5 | ||
3 | IMAGE_BASE=unifi-video | ||
4 | IMAGE=$(IMAGE_BASE):$(VERSION)-alpine | ||
5 | |||
6 | all: | ||
7 | docker build \ | ||
8 | --build-arg=version=$(VERSION) \ | ||
9 | -t $(IMAGE) . | ||
10 | |||
11 | all-no-cache: | ||
12 | docker build \ | ||
13 | --no-cache \ | ||
14 | --build-arg=version=$(VERSION) \ | ||
15 | -t $(IMAGE) . | ||
16 | |||
17 | run: | ||
18 | # 6666 - Inbound Camera Streams | ||
19 | # 7080 - HTTP Web UI | ||
20 | # 7442 - Camera Management | ||
21 | # 7443 - HTTPS Web UI | ||
22 | # 7445 - Video Over HTTP | ||
23 | # 7446 - Video Over HTTPS | ||
24 | # 7447 - RTSP via Controller | ||
25 | docker run \ | ||
26 | -p 6666:6666 \ | ||
27 | -p 7080:7080 \ | ||
28 | -p 7442:7442 \ | ||
29 | -p 7443:7443 \ | ||
30 | -p 7445:7445 \ | ||
31 | -p 7446:7446 \ | ||
32 | -p 7447:7447 \ | ||
33 | -v /home/mcrute/tmp/unifi-data:/var/lib/unifi-video \ | ||
34 | $(IMAGE) | ||
35 | |||
36 | publish: | ||
37 | eval $$(aws ecr get-login --region us-west-2) | ||
38 | docker tag $(IMAGE) $(REPO)/$(IMAGE) | ||
39 | docker tag $(IMAGE) $(REPO)/$(IMAGE_BASE):alpine-latest | ||
40 | docker push $(REPO)/$(IMAGE) | ||
41 | docker push $(REPO)/$(IMAGE_BASE):alpine-latest | ||
diff --git a/unifi-video/entrypoint.sh b/unifi-video/entrypoint.sh new file mode 100755 index 0000000..e0740d1 --- /dev/null +++ b/unifi-video/entrypoint.sh | |||
@@ -0,0 +1,90 @@ | |||
1 | #!/bin/sh | ||
2 | |||
3 | set -e | ||
4 | |||
5 | USERNAME="unifi-video" | ||
6 | BASEDIR="/usr/lib/unifi-video" | ||
7 | DATA_DIR="${BASEDIR}/data" | ||
8 | |||
9 | # Default UID/GID to owner of the data directory | ||
10 | UNIFI_UID=${UNIFI_UID:-$(stat -L -c "%u" $DATA_DIR)} | ||
11 | UNIFI_GID=${UNIFI_GID:-$(stat -L -c "%u" $DATA_DIR)} | ||
12 | |||
13 | if [ "$UNIFI_GID" = 0 -o "$UNIFI_GID" = 0 ]; then | ||
14 | echo "Set UNIFI_GID and UNIFI_GID in environment" | ||
15 | exit 1 | ||
16 | else | ||
17 | echo "Unifi UID/GID: $UNIFI_UID $UNIFI_GID" | ||
18 | fi | ||
19 | |||
20 | cd ${BASEDIR} | ||
21 | |||
22 | # Create the user and group | ||
23 | addgroup -g ${UNIFI_GID} -S ${USERNAME} | ||
24 | adduser -u ${UNIFI_UID} -S -h /var/lib/${USERNAME} -H -D -G ${USERNAME} ${USERNAME} | ||
25 | |||
26 | # Update permissions on the root directories | ||
27 | chown ${USERNAME}:${USERNAME} \ | ||
28 | /var/run/unifi-video \ | ||
29 | /var/log/unifi-video \ | ||
30 | /var/lib/unifi-video | ||
31 | |||
32 | chown -R ${USERNAME}:${USERNAME} \ | ||
33 | /usr/lib/unifi-video/conf/evostream \ | ||
34 | /usr/lib/unifi-video/webapps \ | ||
35 | /usr/lib/unifi-video/conf/Catalina \ | ||
36 | /usr/lib/unifi-video/work | ||
37 | |||
38 | # But do not let the unifi user write the ROOT WAR | ||
39 | chown root:root /usr/lib/unifi-video/webapps/ROOT.war | ||
40 | |||
41 | # Setup tmpfs if the user mounted it | ||
42 | TMPFS_ARG= | ||
43 | TMPFS_DIR="/var/cache/unifi-video" | ||
44 | if [ -d $TMPFS_DIR ]; then | ||
45 | TMPFS_ARG="-Dav.tempdir=${TMPFS_DIR}" | ||
46 | chown ${USERNAME} ${TMPFS_DIR} | ||
47 | chmod -R 0700 ${TMPFS_DIR} | ||
48 | fi | ||
49 | |||
50 | # Do the base setup and migrate files | ||
51 | if [ ! -f "${DATA_DIR}/system.properties" ]; then | ||
52 | cp -f "${BASEDIR}/etc/system.properties" "${DATA_DIR}/system.properties" | ||
53 | fi | ||
54 | |||
55 | if [ -f "${DATA_DIR}/truststore" ]; then | ||
56 | rm -f "${DATA_DIR}/truststore" | ||
57 | fi | ||
58 | |||
59 | if [ ! -f "${DATA_DIR}/ufv-truststore" ]; then | ||
60 | cp -f "${BASEDIR}/etc/ufv-truststore" "${DATA_DIR}/ufv-truststore" | ||
61 | fi | ||
62 | |||
63 | chown -h ${USERNAME}:${USERNAME} \ | ||
64 | "${DATA_DIR}" \ | ||
65 | "${DATA_DIR}/system.properties" \ | ||
66 | "${DATA_DIR}/ufv-truststore" | ||
67 | |||
68 | # Cleanup mongodb lock file if it exists otherwise the controller will freeze | ||
69 | # forever trying to start Mongo | ||
70 | [ -f data/db/mongod.lock ] && rm data/db/mongod.lock | ||
71 | |||
72 | # Allow running a shell in the container | ||
73 | if [ ! -z "$@" ]; then | ||
74 | /sbin/su-exec ${USERNAME} "$@" | ||
75 | else | ||
76 | # Replace the current process with a scoped-down controller. The java app | ||
77 | # is designed to do its own job control but it has to run with an init | ||
78 | # system or it doesn't get the signals from docker. | ||
79 | exec /usr/bin/dumb-init -c /sbin/su-exec ${USERNAME} /usr/lib/jvm/default-jvm/bin/java \ | ||
80 | -cp ${BASEDIR}/lib/airvision.jar \ | ||
81 | -Dlog4j.configurationFile=${BASEDIR}/log4j2.json \ | ||
82 | ${TMPFS_ARG} \ | ||
83 | -Djava.library.path=${BASEDIR}/lib \ | ||
84 | -Djavax.net.ssl.trustStore=${DATA_DIR}/ufv-truststore \ | ||
85 | -Djava.security.egd=file:/dev/urandom \ | ||
86 | -Xmx$(free -m | awk 'NR==2{printf "%dM\n", $2*0.26 }') \ | ||
87 | -Djava.awt.headless=true \ | ||
88 | -Dfile.encoding=UTF-8 \ | ||
89 | com.ubnt.airvision.Main start | ||
90 | fi | ||
diff --git a/unifi-video/log4j2.json b/unifi-video/log4j2.json new file mode 100644 index 0000000..6e0270c --- /dev/null +++ b/unifi-video/log4j2.json | |||
@@ -0,0 +1,135 @@ | |||
1 | { | ||
2 | "configuration": { | ||
3 | "name": "Release", | ||
4 | |||
5 | "properties": { | ||
6 | "property": { | ||
7 | "name": "fileAppenderLayout", | ||
8 | "value": "%d{UNIX}.%d{SSS} %d{yyyy-MM-dd HH:mm:ss.SSS/zzz}: %-6p %m in %t%n" | ||
9 | } | ||
10 | }, | ||
11 | |||
12 | "appenders": { | ||
13 | "appender": [ | ||
14 | { | ||
15 | "type": "Console", | ||
16 | "name": "STDOUT", | ||
17 | "patternLayout": { "pattern": "${fileAppenderLayout}" }, | ||
18 | "thresholdFilter": { "level": "trace" } | ||
19 | } | ||
20 | ] | ||
21 | }, | ||
22 | |||
23 | "loggers": { | ||
24 | "root": { | ||
25 | "level": "warn", | ||
26 | "AppenderRef": [ | ||
27 | { "ref": "STDOUT" } | ||
28 | ] | ||
29 | }, | ||
30 | "logger": [ | ||
31 | { "name": "uv", "level": "INFO" }, | ||
32 | { "name": "com.ubnt", "level": "off" }, | ||
33 | { "name": "org.apache.commons.httpclient", "level": "error" }, | ||
34 | { "name": "com.mongodb", "level": "error" }, | ||
35 | { "name": "javax.jmdns", "level": "fatal" }, | ||
36 | { "name": "net.schmizz", "level": "fatal" }, | ||
37 | { "name": "org.apache.catalina.startup.Catalina", "level": "error" }, | ||
38 | { "name": "org.apache.catalina.startup.DigesterFactory", "level": "error" }, | ||
39 | { "name": "org.apache.tomcat.util.digester.Digester", "level": "error" }, | ||
40 | { "name": "org.atmosphere.cpr.SessionSupport", "level": "error" }, | ||
41 | { | ||
42 | "name": "uv.service.recording", | ||
43 | "level": "info", "additivity": "false", | ||
44 | "AppenderRef": [ | ||
45 | { "ref": "STDOUT" } | ||
46 | ] | ||
47 | }, | ||
48 | { | ||
49 | "name": "uv.service.recording.sync", | ||
50 | "level": "debug", "additivity": "false", | ||
51 | "AppenderRef": [ | ||
52 | { "ref": "STDOUT" } | ||
53 | ] | ||
54 | }, | ||
55 | { | ||
56 | "name": "uv.service.recording.segments", | ||
57 | "level": "debug", "additivity": "false", | ||
58 | "AppenderRef": [ | ||
59 | { "ref": "STDOUT" } | ||
60 | ] | ||
61 | }, | ||
62 | { | ||
63 | "name": "uv.service.connection", | ||
64 | "level": "info", "additivity": "false", | ||
65 | "AppenderRef": [ | ||
66 | { "ref": "STDOUT" } | ||
67 | ] | ||
68 | }, | ||
69 | { | ||
70 | "name": "uv.purge", | ||
71 | "level": "info", "additivity": "false", | ||
72 | "AppenderRef": [ | ||
73 | { "ref": "STDOUT" } | ||
74 | ] | ||
75 | }, | ||
76 | { | ||
77 | "name": "uv.service.motion", | ||
78 | "level": "info", "additivity": "false", | ||
79 | "AppenderRef": [ | ||
80 | { "ref": "STDOUT" } | ||
81 | ] | ||
82 | }, | ||
83 | { | ||
84 | "name": "uv.stream", | ||
85 | "level": "info", "additivity": "false", | ||
86 | "AppenderRef": [ | ||
87 | { "ref": "STDOUT" } | ||
88 | ] | ||
89 | }, | ||
90 | { | ||
91 | "name": "uv.comm.ems", | ||
92 | "level": "info", "additivity": "false", | ||
93 | "AppenderRef": [ | ||
94 | { "ref": "STDOUT" } | ||
95 | ] | ||
96 | }, | ||
97 | { | ||
98 | "name": "uv.comm.camera", | ||
99 | "level": "info", "additivity": "false", | ||
100 | "AppenderRef": [ | ||
101 | { "ref": "STDOUT" } | ||
102 | ] | ||
103 | }, | ||
104 | { | ||
105 | "name": "uv.comm.sso", | ||
106 | "level": "info", "additivity": "false", | ||
107 | "AppenderRef": [ | ||
108 | { "ref": "STDOUT" } | ||
109 | ] | ||
110 | }, | ||
111 | { | ||
112 | "name": "uv.service.dbMigration", | ||
113 | "level": "info", "additivity": "false", | ||
114 | "AppenderRef": [ | ||
115 | { "ref": "STDOUT" } | ||
116 | ] | ||
117 | }, | ||
118 | { | ||
119 | "name": "uv.service.hls", | ||
120 | "level": "info", "additivity": "false", | ||
121 | "AppenderRef": [ | ||
122 | { "ref": "STDOUT" } | ||
123 | ] | ||
124 | }, | ||
125 | { | ||
126 | "name": "uv.login", | ||
127 | "level": "info", "additivity": "false", | ||
128 | "AppenderRef": [ | ||
129 | { "ref": "STDOUT" } | ||
130 | ] | ||
131 | } | ||
132 | ] | ||
133 | } | ||
134 | } | ||
135 | } | ||
diff --git a/unifi-video/lsb_release b/unifi-video/lsb_release new file mode 100755 index 0000000..2edb739 --- /dev/null +++ b/unifi-video/lsb_release | |||
@@ -0,0 +1,13 @@ | |||
1 | #!/bin/sh | ||
2 | # | ||
3 | # Stub called by the controller to do software update checks. Absence causes | ||
4 | # failure. Since we're running alpine but UBNT doesn't know what that is just | ||
5 | # lie and say we're Ubuntu | ||
6 | # | ||
7 | |||
8 | cat <<EOF | ||
9 | Distributor ID: Ubuntu | ||
10 | Description: Ubuntu 16.04.3 LTS | ||
11 | Release: 16.04 | ||
12 | Codename: xenial | ||
13 | EOF | ||