FROM tomcat:10.1.54-jre21-temurin-noble

LABEL org.opencontainers.image.title=iPLAss
LABEL org.opencontainers.image.licenses=AGPL-3.0-only
LABEL org.opencontainers.image.url=https://iplass.org
LABEL org.opencontainers.image.vendor='DENTSU SOKEN INC.'
LABEL org.opencontainers.image.description='Java-based open source low-code development platform for enterprise'

# Install gosu gnupg command
RUN set -ex \
	&& apt-get update \
	&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends gosu gnupg \
	&& rm -rf /var/lib/apt/lists/* \
	&& gosu nobody true

RUN groupadd -r mysql && useradd -r -g mysql mysql

# Install MySQL Repository
ARG mysql_series_number="8.4"
ARG mysql_release_version="${mysql_series_number}.9" \
    mysql_connector_j_release_version="9.7.0"

# Configure MySQL repository
# cf.
#  https://docs.docker.com/engine/install/ubuntu/
#  https://dev.mysql.com/doc/mysql-apt-repo-quick-guide/en/#repo-qg-apt-repo-manual-setup
RUN set -ex \
	&& apt-get update \
	&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
		ca-certificates \
		curl \
		gnupg \
	&& . /etc/lsb-release \
	&& rm -rf /var/lib/apt/lists/* \
	&& mkdir -p /etc/apt/keyrings \
	&& curl -fsSL "https://repo.mysql.com/RPM-GPG-KEY-mysql-2025" | gpg --dearmor -o /etc/apt/keyrings/mysql.gpg \
	&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/mysql.gpg] http://repo.mysql.com/apt/ubuntu/ ${DISTRIB_CODENAME} mysql-${mysql_series_number}-lts" \
		| tee /etc/apt/sources.list.d/mysql.list > /dev/null

# Install MySQL Server
ARG mysql_version="${mysql_release_version}-1ubuntu24.04"
RUN set -ex \
	&& apt-get update \
	&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends mysql-server="${mysql_version}" \
	&& rm -rf /var/lib/apt/lists/* \
	&& rm -rf /var/lib/mysql \
	&& mkdir -p /var/lib/mysql /var/run/mysqld \
	&& chown -R mysql:mysql /var/lib/mysql /var/run/mysqld \
	&& chmod 777 /var/run/mysqld
VOLUME ["/var/lib/mysql"]

# Install MySQL JDBC Driver Connector/J
ARG mysql_jdbc_version="${mysql_connector_j_release_version}"
RUN set -ex \
	&& wget -q https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-j-${mysql_jdbc_version}.tar.gz \
	&& tar zxf mysql-connector-j-${mysql_jdbc_version}.tar.gz mysql-connector-j-${mysql_jdbc_version}/mysql-connector-j-${mysql_jdbc_version}.jar \
	&& mv mysql-connector-j-${mysql_jdbc_version}/mysql-connector-j-${mysql_jdbc_version}.jar $CATALINA_HOME/lib \
	&& rm mysql-connector-j-${mysql_jdbc_version}.tar.gz \
	&& rmdir mysql-connector-j-${mysql_jdbc_version}

# Deploy iPLAss installer
ARG iplass_version="4.0.19"
RUN set -ex \
	&& wget -q https://iplass.org/downloads/installer/${iplass_version}/iplass.war -O "${CATALINA_HOME}/webapps/iplass.war"

# Copy iPLAss install settings and MySQL config template files
COPY config/install.properties /usr/local/share/iplass/
COPY config/mysql.cnf /usr/local/share/iplass/

ENV IPLASS_HOME=/var/lib/iplass
VOLUME ["${IPLASS_HOME}"]
WORKDIR "${IPLASS_HOME}"

ENV IPLASS_MYSQL_ROOT_PASSWORD=root \
	IPLASS_DB_USER=mtpusr \
	IPLASS_DB_PASSWORD=mtpusr \
	IPLASS_TENANT_NAME=myTenant \
	IPLASS_TENANT_ADMIN_ID=admin \
	IPLASS_TENANT_ADMIN_PASSWORD=password \
	IPLASS_BINARY_STORE_DIR=file_lob_store

# Set default timezone
ENV TZ=Asia/Tokyo

# Expose environment variables for $CATALINA_HOME/conf/server.xml.
ENV TOMCAT_CONNECTOR_HTTP_PORT=8080 \
	TOMCAT_CONNECTOR_HTTP_CONNECTION_TIMEOUT=20000 \
	TOMCAT_CONNECTOR_HTTP_REDIRECT_PORT=8443 \
	TOMCAT_CONNECTOR_HTTP_MAX_PARAMETER_COUNT=1000 \
	TOMCAT_CONNECTOR_HTTP_PROXY_NAME= \
	TOMCAT_CONNECTOR_HTTP_PROXY_PORT= \
	TOMCAT_CONNECTOR_HTTP_SCHEME=http \
	TOMCAT_CONNECTOR_HTTP_SECURE=false

# Replace $CATALINA_HOME/conf/server.xml http connector setting.
RUN REPLACE_TO='<Connector\n' \
	REPLACE_TO="${REPLACE_TO}        port=\"\${connector.http.port}\"\n" \
	REPLACE_TO="${REPLACE_TO}        protocol=\"HTTP\/1.1\"\n" \
	REPLACE_TO="${REPLACE_TO}        connectionTimeout=\"\${connector.http.connectionTimeout}\"\n" \
	REPLACE_TO="${REPLACE_TO}        redirectPort=\"\${connector.http.redirectPort}\"\n" \
	REPLACE_TO="${REPLACE_TO}        maxParameterCount=\"\${connector.http.maxParameterCount}\"\n" \
	REPLACE_TO="${REPLACE_TO}        proxyName=\"\${connector.http.proxyName}\"\n" \
	REPLACE_TO="${REPLACE_TO}        proxyPort=\"\${connector.http.proxyPort}\"\n" \
	REPLACE_TO="${REPLACE_TO}        scheme=\"\${connector.http.scheme}\"\n" \
	REPLACE_TO="${REPLACE_TO}        secure=\"\${connector.http.secure}\"\n" \
	REPLACE_TO="${REPLACE_TO}    \/>\n" \
	REPLACE_TO="${REPLACE_TO}<\!--\n    \1\n-->" && \
	sed -i -z "s/\(<Connector port=\"8080\" protocol=\"HTTP\/1\.1\"[a-zA-Z =0-9\"\n]*\/>\)/${REPLACE_TO}/g" $CATALINA_HOME/conf/server.xml

# Copy entrypoint shell script file
COPY iplass-entrypoint.sh /usr/local/bin/
RUN chmod +x /usr/local/bin/iplass-entrypoint.sh
ENTRYPOINT ["iplass-entrypoint.sh"]

CMD ["start", "mysql"]
