1 FROM haproxy:2.4.13-alpine
3 # For building the image in a proxy environment if necessary
7 ENV HTTP_PROXY ${HTTP_PROXY}
8 ENV HTTPS_PROXY ${HTTPS_PROXY}
9 ENV http_proxy ${HTTP_PROXY}
10 ENV https_proxy ${HTTPS_PROXY}
12 # Added to execute commands which required root permission
15 RUN apk add --no-cache \
23 chown -R haproxy:haproxy /usr/local/etc/haproxy
25 RUN mkdir -p /etc/ssl/certs/ && mkdir -p /etc/ssl/private
27 COPY --chown=haproxy aai.pem /etc/ssl/private/aai.pem
28 COPY --chown=haproxy docker-entrypoint.sh /docker-entrypoint.sh
29 COPY --chown=haproxy resolvers.conf /usr/local/etc/haproxy/resolvers.conf
30 COPY --chown=haproxy haproxy.cfg /usr/local/etc/haproxy/haproxy.cfg
32 # Changing group and group permission to allow haproxy user to execute sed comamnd ot change files
33 RUN chgrp haproxy /usr/local/etc/haproxy; \
34 chgrp haproxy /docker-entrypoint.sh /usr/local/etc/haproxy/haproxy.cfg /usr/local/etc/haproxy/resolvers.conf
36 RUN chmod +x /docker-entrypoint.sh; \
37 chmod g+wx /usr/local/etc/haproxy; \
38 chmod g+w /docker-entrypoint.sh /usr/local/etc/haproxy/haproxy.cfg /usr/local/etc/haproxy/resolvers.conf
40 # Reverting to haproxy use to not run the pod with root permissions
43 ENTRYPOINT [ "/docker-entrypoint.sh" ]
44 CMD [ "haproxy", "-f", "/usr/local/etc/haproxy/haproxy.cfg", "-f", "/usr/local/etc/haproxy/resolvers.conf" ]