FROM registry.yandex.net/ubuntu:focal

MAINTAINER Eldar Zaitov <ezaitov@yandex-team.ru>

ENV DEBIAN_FRONTEND noninteractive
ENV DIST xenial

RUN apt-get update && apt-get -y install build-essential libssl-dev supervisor python3-lxml python3-pip python-dev \
    python-setuptools nginx memcached cron perl mc netcat wget && \
    rm -rf /etc/nginx/sites-available/default && rm -rf /etc/nginx/sites-enabled/default && \
    mkdir -p /var/log/supervisor && mkdir -p /usr/lib/yandex/molly && mkdir -p /var/local/molly && mkdir -p /var/log/yandex && \
    mkdir -m 777 -p /var/lib/nginx/body

RUN wget https://crls.yandex.net/YandexInternalRootCA.crt -O /usr/local/share/ca-certificates/YandexInternalRootCA.crt && update-ca-certificates
RUN sed -ri 's/^session\s+required\s+pam_loginuid.so$/#session required pam_loginuid.so/' /etc/pam.d/cron && \
    sed -ri 's/^session\s+required\s+pam_loginuid.so$/#session required pam_loginuid.so/' /etc/pam.d/login

RUN pip install --upgrade pip

COPY ./src/requirements.txt /usr/lib/yandex/molly/requirements.txt
RUN pip install --no-cache-dir -i https://pypi.yandex-team.ru/simple/ -r /usr/lib/yandex/molly/requirements.txt

COPY ./etc/nginx/nginx.conf /etc/nginx/nginx.conf
COPY ./etc/nginx/conf.d/ /etc/nginx/conf.d/
COPY ./etc/nginx/sites-enabled/ /etc/nginx/sites-enabled/
COPY ./etc/supervisor/supervisord.conf /etc/supervisor/conf.d/supervisord.conf

COPY ./src/ /usr/lib/yandex/molly/

COPY ./crontab /usr/lib/yandex/molly/
RUN crontab /usr/lib/yandex/molly/crontab

RUN chown -R root:root /usr/lib/yandex/
RUN chmod -R 755 /usr/lib/yandex/molly/

CMD ["/usr/bin/supervisord", "--nodaemon", "-c", "/etc/supervisor/conf.d/supervisord.conf"]
