Add basic systemd unit files to run a docker deployment.

These are still incomplete and are missing documentation on how they interact and how the system is supposed to interact with them.

docker-compose.yml

@@ -3,6 +3,7 @@ services:
         build:
             context: .
             dockerfile: ./docker/base/Dockerfile
+        image: localhost/zms:latest
         depends_on:
             - zeo
         stop_grace_period: 1s # SIGKILL after 1s, as zope is always taking the full 10 seconds
@@ -48,6 +49,7 @@ services:
         build:
             context: .
             dockerfile: ./docker/base/Dockerfile
+        image: localhost/zms:latest
         command: runzeo --configure etc/zeo.conf
         volumes:
             - ./docker/zeo/etc/:/home/zope/etc/

docker/TODO.md

@@ -7,8 +7,8 @@
 - [x] simple to use and develop in vscode -> .devcontainer! FH has different solution
 - [x] all mutable data in mounted volumes
 - [x] Allow working on zms inside the container
-- [ ] example systemd files to run everything
-  - [ ] this should show how automated container updates are done!
+- [x] example systemd files to run everything
+  - [x] this should show how automated container updates are done!
 - [ ] example nginx config so you get the same experience as on the server
 - [ ] Full development experience with all dependennt services locally (mariadb, memcached, …)
 
@@ -20,5 +20,5 @@
 - [x] add devcontainer.json to develop and run everything from vscode
 - [x] mount the zms source live into the container so working within it becomes possible
 - [x] remove debug mode from zope Dockerfile
-- [ ] add script to run tests in docker
+- [x] add script to run tests in docker
 - [ ] add nginx, mariadb, memcached to docker-compose for a fully featured development environment, that can run production like configs

docker/systemd/zms-restart.timer

@@ -0,0 +1,15 @@
+[Unit]
+Description=Timer for ZMS/Zope to restart and pull os updates
+# Propagate start and stop from target
+PartOf=zms.target
+# Start after target
+After=zms.target
+
+[Timer]
+OnBootSec=10m
+RandomizedDelaySec=1h
+OnCalendar=daily
+
+[Install]
+WantedBy=timers.target
+WantedBy=zms.target

docker/systemd/zms-zeopack.service

@@ -0,0 +1,10 @@
+[Unit]
+Description=ZMS/Zope ZEO zeopack
+After=network-online.target
+
+[Service]
+Type=simple
+User=zope
+# I do not know yet how to execute this correctly
+# may require a script that execs into the zeo container to trigger this?
+ExecStart=/home/zope/instance/bin/zeopack

docker/systemd/zms-zeopack.timer

@@ -0,0 +1,15 @@
+[Unit]
+Description=Timer for ZMS/Zope to restart and pull os updates
+# Propagate start and stop from target
+PartOf=zms.target
+# Start after target
+After=zms.target
+
+[Timer]
+OnBootSec=10m
+RandomizedDelaySec=1h
+OnCalendar=daily
+
+[Install]
+WantedBy=timers.target
+WantedBy=zms.target

docker/systemd/zms.target

@@ -0,0 +1,6 @@
+[Unit]
+Description=ZMS/Zope and all of its dependencies
+After=network-online.target
+
+[Install]
+WantedBy=multi-user.target

docker/systemd/zms@.service

@@ -0,0 +1,36 @@
+[Unit]
+Description=ZMS/Zope
+
+After=docker.service
+Requires=docker.service
+
+Requires=memcached.service
+After=memcached.service
+
+Requires=mariadb.service
+After=mariadb.service
+
+
+[Service]
+#User=zope
+#Group=zope
+Restart=always
+
+Environment="ZOPE_PUBLIC_PORT=%i"
+Environment="DOCKER_IMAGE=localhost/zms DOCKER_TAG=latest"
+
+TimeoutStartSec=0
+PrivateTmp=true
+
+## These ExecStartPre commands are meant to be used together with a
+## systemd-timer or cron job that regularly restarts the service.
+## Then these commands rebuild the docker container to update operating
+## system packages and thus fix security bugs in the base os inside the docker container.
+## FIXME /path/to/oidc_client/ needs to point to the root folder of the source code of the oidc_client
+# ExecStartPre=/usr/bin/docker build --no-cache --pull --tag $DOCKER_IMAGE:$DOCKER_TAG /path/to/oidc_client/
+# ExecStartPre=-/usr/bin/docker stop $DOCKER_IMAGE
+ExecStart=/usr/bin/docker run --rm --publish 127.0.0.1:$ZOPE_PUBLIC_PORT:80 --name $DOCKER_IMAGE $DOCKER_IMAGE:$DOCKER_TAG
+
+[Install]
+WantedBy=multi-user.target
+WantedBy=zms.target