add nginx service, remove sshd

bubble-server/src/main/java/bubble/cloud/compute/docker/DockerComputeDriver.java

@@ -139,16 +139,17 @@ public class DockerComputeDriver extends ComputeServiceDriverBase {
         return DockerClientImpl.getInstance(dockerConfig, client);
     }
 
-    private static final String[] PACKER_FILES = {
-            "run_redis.sh", "run_postgresql.sh", "run_supervisor.sh", "run_cron.sh", "run_nginx.sh"
+    private static final String[] PACKER_SERVICES = {
+            "redis", "postgresql", "supervisor", "cron", "nginx"
     };
 
     @Override public void prepPackerDir(TempDir tempDir) {
         try {
-            for (String p : PACKER_FILES) {
-                final File destFile = new File(abs(tempDir) + "/roles/common/files/" + p);
+            for (String p : PACKER_SERVICES) {
+                final String runScript = "run_" + p + ".sh";
+                final File destFile = new File(abs(tempDir) + "/roles/common/files/" + runScript);
                 if (!destFile.getParentFile().exists()) die("prepPackerDir: parent dir does not exist: "+abs(destFile.getParentFile()));
-                stream2file(loadResourceAsStream("docker/" + p), destFile);
+                stream2file(loadResourceAsStream("docker/" + runScript), destFile);
             }
         } catch (Exception e) {
             die("prepPackerDir: "+shortError(e), e);

bubble-server/src/main/resources/packer/roles/common/tasks/docker.yml

@@ -1,6 +1,6 @@
 - name: Install packages missing on docker ubuntu
   apt:
-    name: [ 'curl', 'nginx', 'cron', 'iptables', 'openssh-server', 'redis', 'postgresql', 'supervisor' ]
+    name: [ 'curl', 'nginx', 'cron', 'iptables', 'redis', 'postgresql', 'supervisor' ]
     state: present
     update_cache: yes
 
@@ -11,7 +11,7 @@
     group: root
     mode: 0755
     state: directory
-  with_items: [ 'redis', 'postgresql', 'supervisor', 'cron' ]
+  with_items: [ 'redis', 'postgresql', 'supervisor', 'cron', 'nginx' ]
 
 - name: Create /service/redis/run
   copy:

bubble-server/src/main/resources/packer/roles/firewall/tasks/main.yml

@@ -109,7 +109,7 @@
     owner: root
     group: root
     mode: 0400
-  when: fw_enable_ssh
+  when: packer_builder_type != 'docker' and fw_enable_ssh
 
 - name: Install SSH fail2ban settings
   copy:
@@ -118,6 +118,6 @@
     owner: root
     group: root
     mode: 0400
-  when: fw_enable_ssh
+  when: packer_builder_type != 'docker' and fw_enable_ssh
 
 - include: rules.yml

bubble-server/src/main/resources/packer/roles/firewall/tasks/rules.yml

@@ -30,7 +30,7 @@
     - 22
     - 1202
   become: yes
-  when: fw_enable_ssh
+  when: packer_builder_type != 'docker' and fw_enable_ssh
 
 - name: "Allow HTTP on port {{ item }}"
   iptables:

bubble-server/src/main/resources/packer/roles/tarpit/tasks/main.yml

@@ -9,6 +9,7 @@
     system: yes
     home: /home/tarpit
     groups: bubble-log
+  when: packer_builder_type != 'docker'
 
 - name: Copy bubble_ssh_tarpit script
   copy:
@@ -17,6 +18,7 @@
     owner: tarpit
     group: tarpit
     mode: 0500
+  when: packer_builder_type != 'docker'
 
 - name: Copy bubble_http_tarpit script
   copy:
@@ -25,6 +27,7 @@
     owner: tarpit
     group: tarpit
     mode: 0500
+  when: packer_builder_type != 'docker'
 
 - name: Install ssh tarpit supervisor conf file
   copy:
@@ -33,6 +36,7 @@
     owner: root
     group: root
     mode: 0400
+  when: packer_builder_type != 'docker'
 
 - name: Install http tarpit supervisor conf file
   copy:
@@ -41,6 +45,7 @@
     owner: root
     group: root
     mode: 0400
+  when: packer_builder_type != 'docker'
 
 - name: Allow HTTP tarpit port
   iptables:
@@ -52,3 +57,4 @@
     jump: ACCEPT
     comment: Accept new connections on HTTP tarpit port
   become: yes
+  when: packer_builder_type != 'docker'