Migrate talk container to alpine (#1583)

Signed-off-by: Zoey <zoey@z0ey.de>

Containers/talk/Dockerfile

@@ -1,70 +1,65 @@
-FROM ubuntu:focal-20230301
+FROM nats:2.9.15-scratch as nats
+FROM strukturag/nextcloud-spreed-signaling:1.1.2 as signaling
+FROM alpine:3.17.2
+USER root
+
+COPY --from=nats /nats-server /usr/local/bin/nats-server
+COPY --from=signaling /usr/bin/nextcloud-spreed-signaling /usr/local/bin/nextcloud-spreed-signaling
 
 RUN set -ex; \
-    \
+    apk add --no-cache \
-    apt-get update; \
-    apt-get install -y --no-install-recommends \
-        openssl \
-        coturn \
-        supervisor \
-        curl \
         ca-certificates \
-        netcat \
+        tzdata \
-        dnsutils \
+        bash \
-    ; \
+        coturn \
-    rm -rf /var/lib/apt/lists/*
+        openssl \
-
+        supervisor \
-RUN set -ex; \
+        bind-tools \
-    curl -sL -o "/etc/apt/trusted.gpg.d/morph027-nats-server.asc" "https://packaging.gitlab.io/nats-server/gpg.key"; \
+        netcat-openbsd \
-    echo "deb https://packaging.gitlab.io/nats-server nats main" > /etc/apt/sources.list.d/morph027-nats-server.list; \
+        shadow \
-    . /etc/lsb-release; \
+        util-linux \
-    curl -sL -o "/etc/apt/trusted.gpg.d/morph027-janus.asc" "https://packaging.gitlab.io/janus/gpg.key"; \
+        build-base \
-    echo "deb https://packaging.gitlab.io/janus/$DISTRIB_CODENAME $DISTRIB_CODENAME main" > /etc/apt/sources.list.d/morph027-janus.list; \
+        lua5.3-dev \
-    curl -sL -o "/etc/apt/trusted.gpg.d/morph027-nextcloud-spreed-signaling.asc" "https://packaging.gitlab.io/nextcloud-spreed-signaling/gpg.key"; \
+        luarocks5.3; \
-    echo "deb https://packaging.gitlab.io/nextcloud-spreed-signaling signaling main" > /etc/apt/sources.list.d/morph027-nextcloud-spreed-signaling.list
+    apk add --no-cache janus-gateway --repository http://dl-cdn.alpinelinux.org/alpine/edge/community; \
-
+    useradd --system talk; \
-RUN set -ex; \
+    luarocks-5.3 install luajson; \
-    \
+    luarocks-5.3 install ansicolors; \
-    apt-get update; \
+    rename -v ".jcfg.sample" ".jcfg" /etc/janus/*.sample; \
-    apt-get install -y --no-install-recommends \
+    apk del --no-cache \
-        nats-server \
+        shadow \
-        janus \
+        util-linux \
-        nextcloud-spreed-signaling \
+        build-base \
-    ; \
+        lua5.3-dev \
-    rm -rf /var/lib/apt/lists/*
+        luarocks5.3;
-
-RUN adduser --system --group talk
-
-RUN mkdir /var/log/supervisord; \
-    mkdir /var/run/supervisord; \
-    chown talk:talk /var/run/supervisord; \
-    chown talk:talk /var/log/supervisord;
-
-COPY start.sh /usr/bin/
-COPY supervisord.conf /
-RUN chmod +x /usr/bin/start.sh; \
-    chmod +r /supervisord.conf; \
-    touch /etc/turnserver.conf; \
-    chown talk:talk /etc/turnserver.conf; \
-    sed -i '/TURNSERVER_ENABLED/c\TURNSERVER_ENABLED=1' /etc/default/coturn; \
-    mkdir -p /var/tmp;
-
-RUN curl -sL -o "/usr/share/janus/lua/json.lua" "https://raw.githubusercontent.com/rxi/json.lua/master/json.lua"; \
-    curl -sL -o "/usr/share/janus/lua/ansicolors.lua" "https://raw.githubusercontent.com/kikito/ansicolors.lua/master/ansicolors.lua"
-
-RUN mkdir -p /etc/nats; \
-    echo "listen: 127.0.0.1:4222" > /etc/nats/nats.conf; \
-    mkdir /var/lib/turn; \
-    chown talk:talk /etc; \
-    chown talk:talk -R /etc/nats; \
-    chown talk:talk -R /etc/janus; \
-    chown talk:talk -R /etc/signaling; \
-    chown talk:talk -R /usr; \
-    chown talk:talk -R /var/lib/turn;
 
 # Give root a random password
 RUN echo "root:$(openssl rand -base64 12)" | chpasswd
 
+COPY --chmod=775 start.sh /usr/bin/start.sh
+COPY --chmod=664 supervisord.conf /supervisord.conf
+
+RUN set -ex; \
+    touch \
+        /etc/nats.conf \
+        /etc/signaling.conf \
+        /etc/turnserver.conf; \
+    echo "listen: 127.0.0.1:4222" | tee /etc/nats.conf; \
+    mkdir -p \
+        /var/tmp \
+        /var/lib/turn \
+        /var/log/supervisord \
+        /var/run/supervisord; \
+    chown talk:talk -R \
+        /usr \
+        /etc/janus \
+        /etc/nats.conf \
+        /etc/signaling.conf \
+        /etc/turnserver.conf \
+        /var/lib/turn \
+        /var/log/supervisord \
+        /var/run/supervisord;
+
 # Set default talk port https://github.com/nextcloud/all-in-one/issues/1011
 ENV TALK_PORT=3478
 

Containers/talk/start.sh

@@ -51,16 +51,8 @@ denied-peer-ip=203.0.113.0-203.0.113.255
 denied-peer-ip=240.0.0.0-255.255.255.255
 TURN_CONF
 
-# Janus
-set -x
-sed -i 's|#interface.*|interface = "lo"|g' /etc/janus/janus.transport.websockets.jcfg
-sed -i 's|#ws_interface.*|ws_interface = "lo"|g' /etc/janus/janus.transport.websockets.jcfg
-sed -i 's|certfile =|#certfile =|g' /etc/janus/janus.transport.mqtt.jcfg
-sed -i 's|keyfile =|#keyfile =|g' /etc/janus/janus.transport.mqtt.jcfg
-set +x
-
 # Signling
-cat << SIGNALING_CONF > "/etc/signaling/server.conf"
+cat << SIGNALING_CONF > "/etc/signaling.conf"
 [http]
 listen = 0.0.0.0:8081
 

Containers/talk/supervisord.conf

@@ -13,25 +13,25 @@ stdout_logfile=/dev/stdout
 stdout_logfile_maxbytes=0
 stderr_logfile=/dev/stderr
 stderr_logfile_maxbytes=0
-command=turnserver
+command=turnserver -c /etc/turnserver.conf
 
 [program:nats-server]
 stdout_logfile=/dev/stdout
 stdout_logfile_maxbytes=0
 stderr_logfile=/dev/stderr
 stderr_logfile_maxbytes=0
-command=nats-server -c /etc/nats/nats.conf
+command=nats-server -c /etc/nats.conf
 
 [program:janus]
 stdout_logfile=/dev/stdout
 stdout_logfile_maxbytes=0
 stderr_logfile=/dev/stderr
 stderr_logfile_maxbytes=0
-command=/usr/bin/janus --config=/etc/janus/janus.jcfg --disable-colors --log-stdout
+command=janus --config=/etc/janus/janus.jcfg --disable-colors --log-stdout
 
 [program:signaling]
 stdout_logfile=/dev/stdout
 stdout_logfile_maxbytes=0
 stderr_logfile=/dev/stderr
 stderr_logfile_maxbytes=0
-command=signaling --config /etc/signaling/server.conf
+command=nextcloud-spreed-signaling -config /etc/signaling.conf