FROM ubuntu:18.04

# We manually create users for postgres, to make 100% sure that the
# postgres user gets UID 101. Without this, the UIDs are dependent on
# the order in which apt-get install them and redis could get UID 101.
# The GIDs are arbitrary, and chosen such that they match the situation
# from before we installed redis. Since Postgres files are stored in a
# volume, a change in UID/GID would prevent Postgres from starting.
RUN set -ex; \
    apt-get update; \
    groupadd -g 102 postgres; \
    useradd -u 101 -g postgres -d /var/lib/postgresql -c 'PostgreSQL administrator' -s /bin/bash postgres; \
    DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
        python3 python3-pip \
        uwsgi uwsgi-plugin-python3 \
        nginx software-properties-common \
        postgresql-10 postgresql-client-10 \
        redis-server redis-tools \
        openjdk-11-jre-headless \
        python3-dev build-essential vim-nox curl net-tools; \
    rm -rf /var/lib/apt/lists/*; \
    locale-gen en_US.UTF-8;
ENV LANG en_US.UTF-8
VOLUME /var/log

# Configure Postgresql
ENV PGDATA=/var/lib/postgresql/10/main
RUN set -ex; \
    pg_conftool set lc_messages 'en_US.UTF-8'; \
    pg_conftool set lc_monetary 'en_US.UTF-8'; \
    pg_conftool set lc_numeric 'en_US.UTF-8'; \
    pg_conftool set lc_time 'en_US.UTF-8'; \
    pg_conftool set listen_addresses '';
COPY pg_hba.conf /etc/postgresql/10/main
VOLUME /var/lib/postgresql

VOLUME /var/www/settings/
VOLUME /var/www/downloads/
EXPOSE 80
EXPOSE 443

# Configure nginx
COPY nginx/snippets/* /etc/nginx/snippets/
COPY nginx/sites-available/* /etc/nginx/sites-available/
COPY nginx/error/* /var/www/error/
RUN set -ex; \
    ln -s /etc/nginx/sites-available/mydata /etc/nginx/sites-enabled/; \
    ln -s /etc/nginx/sites-available/opendata /etc/nginx/sites-enabled/; \
    rm -f /etc/nginx/snippets/{snakeoil,fastcgi-php}.conf; \
    rm -f /etc/nginx/sites-enabled/default

# Configure uWSGI
COPY uwsgi/* /etc/uwsgi/apps-available/
RUN set -ex; \
    cd /etc/uwsgi/apps-enabled; \
    ln -s ../apps-available/*.ini .

# Configure ElasticSearch
RUN useradd -u 1002 -m -d /home/elastic elastic
COPY --chown=elastic:elastic staging/elasticsearch-* /opt/elasticsearch/
COPY --chown=elastic:elastic elasticsearch.yml /opt/elasticsearch/config/
ENV ELASTIC_PID /opt/elasticsearch/elasticsearch.pid
VOLUME /opt/elasticsearch/data
VOLUME /opt/elasticsearch/logs
EXPOSE 9200

# Create users and a group for the Django apps.
# Their home dir does not contain the web files; they are in /var/www/{appname}
RUN set -ex; \
    groupadd -g 1000 django; \
    useradd -u 1000 -g django --no-user-group -m -d /home/mydata mydata; \
    useradd -u 1001 -g django --no-user-group -m -d /home/opendata opendata

# Copy files and install Pipenv
RUN pip3 install pipenv
# This creates the Virtualenv inside {project}/.venv
ENV PIPENV_VENV_IN_PROJECT=1
COPY --chown=mydata:django staging/mydata /var/www/mydata/
COPY --chown=opendata:django staging/opendata /var/www/opendata/

# Set up My Data
WORKDIR /var/www/mydata
RUN pipenv install --deploy

# Set up Open Data
WORKDIR /var/www/opendata
RUN pipenv install --deploy
WORKDIR /

# Set up Redis
RUN chsh redis --shell /bin/bash  # so we can run 'su redis -c something'
COPY --chown=redis:redis redis/redis-mydata.conf /etc/redis/

COPY root_files/* /
COPY bash_history /root/.bash_history
CMD ["/bin/bash", "/entrypoint.sh"]