Re: [Koha-devel] Minimal docker images for Koha

Sun, 01 Mar 2020 03:12:41 -0800

I believe that the problems we have with Debian buster are mostly related to the versions of Perl modules shipped with debian packages. Since these Dockerfiles install all Perl modules from CPAN in their latest version, I think you will have the same problems with an older version of Debian.
URL rewrite in PSGI file is handy for development, but that shouldn't be used in production. Indeed, a reverse proxy is still required in production environments. 


Please note that images produced by these Dockerfiles are not intended 
to be used in production. As I said in my first message, you should 
expect things to break ;)


Le 01/03/2020 à 05:19, Agustin Moyano a écrit :

Sorry.. seems I send it only to Julian.. here goes again


El sáb., 29 de febrero de 2020 19:15, Agustin Moyano 
<agustinmoy...@theke.io <mailto:agustinmoy...@theke.io>> escribió:


    Hi Julian, great work!!

    I've also been working (interruptedly) for a couple of months on a
    docker version of Koha.

    I focused on having as soon as possible a fully functional docker
    version of Koha, and didn't worry too much about doing things the
    docker way.. It's comforting to know you weren't tempted by de dark
    side of the force!

    I thought of having first a production ready docker much like
    koha-testing-docker, and later split services into different
    containers. That's why I really, really loved your implementation of
    plack.psgi. URL rewrite in psgi brings independence day from Apache
    much closer! \o/.

    Just some thoughts:

      * Should you base your image on Debian buster? on
        https://wiki.koha-community.org/wiki/Koha_on_Debian says "Note:
        Debian 10 (Buster) is currently not recommended or supported,
        work is in progress to rectify this situation."
      * Even if there's no need for reverse proxy, I wouldn't discard
        having one on a separate container.. web servers like apache or
        nginx deal much better with attacks than exposing the service on
        it's own (First hand experience with a Java/Tomcat service I
        made once)
        
(https://security.stackexchange.com/questions/209111/security-benefits-of-reverse-proxying-java-tomcat-webapps-locally)

    But overall, great job!

    PS: If you'd like to take a peek of what I've done, here's the repo:
    https://gitlab.com/thekesolutions/koha-docker



--
Julian Maurice
BibLibre
_______________________________________________
Koha-devel mailing list
Koha-devel@lists.koha-community.org
https://lists.koha-community.org/cgi-bin/mailman/listinfo/koha-devel
website : http://www.koha-community.org/
git : http://git.koha-community.org/
bugs : http://bugs.koha-community.org/
























					Reply via email to