FROM alpine:3.7
MAINTAINER Disassembler <disassembler@dasm.cz>

RUN \
 # Install Java 1.8 JRE 
 apk --no-cache add openjdk8-jre-base paxctl \
 # Fix grsec attributes to loosen memory protection restrictions
 && paxctl -cm /usr/lib/jvm/java-1.8-openjdk/jre/bin/java \
 && paxctl -cm /usr/lib/jvm/java-1.8-openjdk/bin/java \
 # Cleanup
 && apk del paxctl

RUN \
 # Install Tomcat 8
 wget http://mirror.dkm.cz/apache/tomcat/tomcat-8/v8.0.48/bin/apache-tomcat-8.0.48.tar.gz -O /tmp/apache-tomcat-8.tgz \
 && tar xf /tmp/apache-tomcat-8.tgz -C /srv \
 && mv /srv/apache-tomcat-8.0.48 /srv/tomcat \
 # Make catalina.sh available globally
 && ln -s /srv/tomcat/bin/catalina.sh /usr/bin/catalina.sh \
 # Cleanup
 && rm -rf /srv/tomcat/webapps/ROOT /srv/tomcat/webapps/docs /srv/tomcat/webapps/examples /srv/tomcat/webapps/host-manager /srv/tomcat/webapps/manager \
 && rm -f /tmp/apache-tomcat-8.tgz

RUN \
 # Install full-featured wget to work around sourceforge bugs
 apk --no-cache add wget \
 # Download Mifos X
 && wget https://sourceforge.net/projects/mifos/files/latest/download -O /tmp/mifosx.zip \
 && mkdir /srv/tomcat/webapps/fineract-provider \
 && unzip /tmp/mifosx.zip -d /tmp \
 && unzip /tmp/fineractplatform-17.07.01.RELEASE/fineract-provider.war -d /srv/tomcat/webapps/fineract-provider \
 && mv /tmp/fineractplatform-17.07.01.RELEASE/apps/community-app /srv/tomcat/webapps/community-app \
 && mv /tmp/fineractplatform-17.07.01.RELEASE/database/mifospltaform-tenants-first-time-install.sql /tmp/mifospltaform-tenants-first-time-install.sql \
 # Download Java library dependencies
 && wget http://central.maven.org/maven2/org/drizzle/jdbc/drizzle-jdbc/1.3/drizzle-jdbc-1.3.jar -O /srv/tomcat/lib/drizzle-jdbc-1.3.jar \
 # Configure Tomcat port + Spring
 && sed -i 's/port="8080"/port="8012"/g' /srv/tomcat/conf/server.xml \
 && echo -e '\r\nserver.port=8012' >> /srv/tomcat/webapps/fineract-provider/WEB-INF/classes/application.properties \
 && sed -i 's/requires-channel="https" //g' /srv/tomcat/webapps/fineract-provider/WEB-INF/classes/META-INF/spring/securityContext.xml \
 # Create OS user
 && addgroup -S -g 8012 mifosx \
 && adduser -S -u 8012 -h /srv/tomcat -s /bin/false -g mifosx -G mifosx mifosx \
 && chown -R mifosx:mifosx /srv/tomcat/conf /srv/tomcat/logs /srv/tomcat/temp /srv/tomcat/work \
 # Cleanup
 && apk del wget \
 && rm -rf /tmp/fineractplatform-17.07.01.RELEASE /tmp/mifosx.zip

EXPOSE 8012

USER mifosx
CMD ["catalina.sh", "run"]