Docker Compose で Rocketchat + mongodb + hubot + nginx の環境を構築してみました。
環境
- CentOS Linux release 7.2.1511 (Core)
- docker version 1.12.3, build 6b644ec
- docker-compose version 1.9.0, build 2585387
- プロキシ配下の前提の設定です。
Docker Composeの環境構築は以下を参照。
http://qiita.com/tasmas256/items/c659e0958ce7d766baf4
設定ファイルの作成
作成するファイルは以下のとおりです。
opt
└─rocketchat
│ docker-compose.yml
│
└─dockerfiles
├─hubot-rocketchat
│ Dockerfile
│
└─nginx
Dockerfile
nginx.conf
nginxとhubot-rocketchatはカスタマイズしたいのでDockerfileでビルドしたものを使用します。
docker-compose.yml
docker-compose.yml
nginx:
build: ./dockerfiles/nginx
links:
- rocketchat
ports:
- 80:80
- 443:443
restart: always
rocketchat:
image: rocketchat/rocket.chat:latest
volumes:
- ./uploads:/app/uploads
environment:
- PORT=3000
- ROOT_URL=http://192.168.X.X
- MONGO_URL=mongodb://mongo:27017/rocketchat
- MONGO_OPLOG_URL=mongodb://mongo:27017/local
- MAIL_URL=smtp://192.168.X.X
- HTTP_PROXY=http://192.168.X.X:8080
- HTTPS_PROXY=http://192.168.X.X:8080
links:
- mongo:mongo
restart: always
mongo:
image: mongo:3.2
volumes:
- ./data/db:/data/db
command: mongod --smallfiles --oplogSize 128 --replSet rs0
restart: always
mongoinitreplica:
image: mongo:3.2
command: 'mongo mongo/rocketchat --eval "rs.initiate({ _id: ''rs0'', members: [ { _id: 0, host: ''localhost:27017'' } ]})"'
links:
- mongo:mongo
hubot:
build: ./dockerfiles/hubot-rocketchat
environment:
- ROCKETCHAT_URL=rocketchat:3000
- ROCKETCHAT_ROOM=
- LISTEN_ON_ALL_PUBLIC=true
- ROCKETCHAT_USER=bot
- ROCKETCHAT_PASSWORD=manager
- BOT_NAME=bot
- EXTERNAL_SCRIPTS=hubot-help,hubot-seen,hubot-links,hubot-diagnostics,hubot-rss-reader
- HTTP_PROXY=http://192.168.X.X:8080
- HTTPS_PROXY=http://192.168.X.X:8080
links:
- rocketchat:rocketchat
volumes:
- ./scripts:/home/hubot/scripts
restart: always
nginx
Dockerfile
opensslで証明書を作成しています。
/dockerfiles/nginx/Dockerfile
FROM nginx:latest
COPY ./nginx.conf /etc/nginx/nginx.conf
RUN openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -subj "/CN=xxxx/O=xxxxx/C=JP" -keyout /etc/nginx/certificate.key -out /etc/nginx/certificate.crt
CMD ["nginx", "-g", "daemon off;"]
nginx.conf
rocketchatへ遷移させます。
dockerfiles/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
index index.html index.htm;
server {
listen 80;
server_name 192.168.X.X;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name 192.168.X.X;
error_log /var/log/nginx/rocketchat_error.log;
ssl_certificate /etc/nginx/certificate.crt;
ssl_certificate_key /etc/nginx/certificate.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 180m;
location / {
proxy_pass http://rocketchat:3000/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forward-Proto http;
proxy_set_header X-Nginx-Proxy true;
proxy_redirect off;
}
}
}
hubot-rocketchat
hubot-rss-reader を入れたかったので coffee-scriptのバージョンをあげています。
/dockerfiles/hubot-rocketchat/Dockerfile
FROM rocketchat/hubot-rocketchat
ENV http_proxy http://192.168.X.X:8080 \
https_proxy http://192.168.X.X:8080
USER root
RUN npm install -g coffee-script@">=1.10.0"
Docker Compose の実行
docker-compose up -d --build
しばらく待つと起動します。
hubotは取得までさらに数分時間かかりました。