FROM ubuntu:bionic

RUN echo 'Acquire::http { Proxy "http://10.2.40.126:3142"; };' > /etc/apt/apt.conf.d/01proxy
RUN echo "deb http://archive.ubuntu.com/ubuntu xenial main restricted" >> /etc/apt/sources.list
RUN echo "deb http://archive.ubuntu.com/ubuntu xenial-updates main restricted" >> /etc/apt/sources.list 
RUN apt-get update && apt-get install -y curl wget gnupg openssh-server openssh-client && \
    curl http://10.2.40.126/lemansrepo/Lemans.gpg -o /etc/apt/trusted.gpg.d/Lemans.gpg && \
    chmod 0444 /etc/apt/trusted.gpg.d/Lemans.gpg && \
    DEBIAN_FRONTEND=noninteractive && \
    echo 'deb http://10.2.40.126/ lemansrepo/' > /etc/apt/sources.list.d/lemans.list 
RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install tzdata
ENV TZ=America/Chicago
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
RUN dpkg-reconfigure --frontend noninteractive tzdata
RUN apt-get update && apt-get -y upgrade && \
    mkdir -p /root/.ssh && \
    chmod 711 /root/.ssh && \
    echo "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAHG07lLfJ7FDbcPehUQpo9BU+ehjR7L7P1hMxi7MN6Gc47DD72jwDgZHTIHxdS/Io1apVksyUXHDNAE36A4nspZCQF9eY37iFBZlWKNI5b2NOiQduEglIIrVNE+gBglhb8bsh2cY2nu8OWuRcss/20Ek5Ml2MywAAdSEoJF92/HW0/K3A== arons@dev-test01vb" > /root/.ssh/authorized_keys && \
    chmod 644 /root/.ssh/authorized_keys
COPY /configs/dashboard/krb5.conf /etc/krb5.conf 
## Removed php-mcrypt install
RUN apt-get install -y krb5-config krb5-locales krb5-user ca-certificates-local consul-template && \
    apt-get install -y apache2-bin apache2-utils libcurl3 php7.0-curl php7.0-common libapache2-mod-php7.0 php7.0-cli php-common php7.0-mysql php7.0-opcache libapache2-mod-auth-kerb less vim openssh-server && \
    echo "RequestHeader set X-UUID %{UNIQUE_ID}e" > /etc/apache2/mods-available/unique_id.conf && \
    a2enmod alias auth_basic auth_kerb ldap authn_file authnz_ldap authz_groupfile authz_host authz_user autoindex cgi deflate env expires filter headers ldap mime negotiation php7.0 proxy proxy_ajp proxy_http reqtimeout rewrite setenvif status substitute unique_id ssl && \
    mkdir /etc/apache2/ssl && mkdir /etc/apache2/ssl/keys && mkdir /etc/apache2/ssl/certs
COPY /configs/dashboard/apache2.conf /etc/apache2/apache2.conf
COPY /configs/dashboard/default /etc/apache2/sites-available/000-default.conf 
COPY /dashboard-app.tgz /tmp
RUN mkdir -p /var/www/dashboard-app && cd /var/www/dashboard-app; tar -zxf /tmp/dashboard-app.tgz
COPY /dashboard-app-config.tgz /tmp
RUN mkdir /var/www/configs && mkdir -p /var/www/configs/dashboard-app && cd /var/www/configs/dashboard-app; tar -zxf /tmp/dashboard-app-config.tgz
COPY /configs/dashboard/DigiCertCA.crt.tpl /tmp
COPY /configs/dashboard/dashboardcrt.tpl /tmp 
COPY /configs/dashboard/dashboard.key.tpl /tmp
COPY /configs/dashboard/http2.ktb.tpl /tmp
RUN export VAULT_ADDR="https://vault.lemanscorp.com:8200"
RUN export VAULT_TOKEN=hvs.CAESIMxJiCQw-w2Fni2ldl_GFyowltSwctNqu7xUsI0JYSPXGh4KHGh2cy5rckY0cHVVTmdkWUFRZDdKcmtOalNwM0s && \
    cd /tmp; consul-template -vault-addr="https://vault.lemanscorp.com:8200" -template="http2.ktb.tpl:http2.ktb" -once -log-level=debug && \
    cd /tmp; consul-template -vault-addr="https://vault.lemanscorp.com:8200" -template="DigiCertCA.crt.tpl:DigiCertCA.crt" -once -log-level=debug; mv DigiCertCA.crt /etc/apache2/ssl/certs/DigiCertCA.crt && \
    cd /tmp; consul-template -vault-addr="https://vault.lemanscorp.com:8200" -template="dashboardcrt.tpl:dashboard_ps.lemanscorp.com.key" -once -log-level=debug; mv dashboard_ps.lemanscorp.com.key /etc/apache2/ssl/certs/dashboard_ps.lemanscorp.com.crt && \
    cd /tmp; consul-template -vault-addr="https://vault.lemanscorp.com:8200" -template="dashboard.key.tpl:dashboard_ps.lemanscorp.com.key" -once -log-level=debug; mv dashboard_ps.lemanscorp.com.key /etc/apache2/ssl/keys/dashboard_ps.lemanscorp.com.key 
#RUN echo "Include /var/www/configs/dashboard-app/apache-dev.conf" > /etc/apache2/sites-enabled/000-default.conf && \
RUN mkdir /var/log/php && \
    chown www-data. /var/log/php && \
    touch /var/log/php_errors.log && \
    chown www-data. /var/log/php_errors.log && \
    echo "error_log = /var/log/php_errors.log" >> /etc/php/7.0/apache2/php.ini && \
    echo "#!/bin/bash" > /root/startup && \
    echo "./script.sh" >> /root/startup && \
    echo "mkdir -p /var/www/cache/dashboard-app/cache/dwoo/compiled" >> /root/startup && \
    echo "chown www-data. /var/www/cache/dashboard-app -R" >> /root/startup && \
    echo "chmod 777 /var/www/cache/dashboard-app -R" >> /root/startup && \
    echo "/etc/init.d/ssh start" >> /root/startup && \
    echo "killall -9 apache2" >> /root/startup && \
    echo 'if [ -f "/var/run/apache2/apache2.pid" ]; then rm /var/run/apache2/apache2.pid; fi' >> /root/startup && \
    echo "/usr/sbin/apache2ctl -D FOREGROUND" >> /root/startup
COPY /configs/dashboard/lumberjack.crt /etc/lumberjack.crt
RUN chown www-data. /etc/apache2/http2.ktb && \
    chmod 440 /etc/apache2/http2.ktb
CMD /bin/bash /root/startup