Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Configuring CFML Docker containers through environment variables

Configuring CFML Docker containers through environment variables

Containers have become the cornerstone of modern development, but hardcoded configurations can complicate deployment and limit their usefulness.

Containers have become the cornerstone of modern development, but hardcoded configurations can complicate deployment and limit their usefulness. There’s no need to lock yourself in to local-only development, clutter your deployment pipeline with multiple configurations, or worst of all … expose secret keys and passwords in your git repos!

Let’s discover together how we can create flexible configurations, distribute our projects reliably and securely among a myriad of environments and throughout our application’s lifecycle. We’ll take a look at the different environment variables used in Docker images for Adobe Coldfusion, Lucee and Commandbox, as well as creating our own!

Guust Nieuwenhuis

June 24, 2023
Tweet

More Decks by Guust Nieuwenhuis

Other Decks in Technology

Transcript

  1. CONFIGURING CFML DOCKER
    CONTAINERS THROUGH
    ENVIRONMENT VARIABLES
    GUUST NIEUWENHUIS

    View full-size slide

  2. ABOUT ME
    Guust Nieuwenhuis
    Managing Partner @ We Are North


    Full Stack Web Wizard


    Masa CMS


    Born in The Netherlands


    Living in Belgium


    Football coach


    Mountainbiker

    View full-size slide

  3. CONFIGURING CFML DOCKER
    CONTAINERS THROUGH
    ENVIRONMENT VARIABLES
    GUUST NIEUWENHUIS

    View full-size slide

  4. 12FACTOR.NET
    The twelve-factor app is a methodology for building software-as-a-service apps

    View full-size slide

  5. https://12factor.net/

    View full-size slide

  6. I. Codebase


    II. Dependencies


    III. Config


    IV. Backing services


    V. Build, release, run


    VI. Processes


    VII. Port binding


    VIII. Concurrency


    IX. Disposability


    X. Dev/prod parity


    XI. Logs


    XII. Admin processes


    View full-size slide

  7. I. Codebase


    II. Dependencies


    III. Config


    IV. Backing services


    V. Build, release, run


    VI. Processes


    VII. Port binding


    VIII. Concurrency


    IX. Disposability


    X. Dev/prod parity


    XI. Logs


    XII. Admin processes


    View full-size slide

  8. STORE CONFIG IN
    THE ENVIRONMENT
    An app’s con
    fi
    g is everything that is likely to vary
    between deploys (staging, production, developer environments, etc)

    View full-size slide

  9. Environment variables

    View full-size slide

  10. A VARIABLE WHOSE VALUE IS
    SET OUTSIDE THE APPLICATION
    AND AFFECTS THE WAY
    APPLICATIONS BEHAVE
    Since 1979

    View full-size slide

  11. $ printenv
    __CFBundleIdentifier=com.apple.Terminal


    TMPDIR=/var/folders/39/dlwg4phj09508hq4d8zhrs600000gn/T/


    XPC_FLAGS=0x0


    LaunchInstanceID=7B6325E4-B6DB-4A0B-8CC9-1FC70EECBAD7


    TERM=xterm-256color


    SSH_AUTH_SOCK=/private/tmp/com.apple.launchd.055kmmIwsv/Listeners


    SECURITYSESSIONID=186a6


    XPC_SERVICE_NAME=0


    TERM_PROGRAM=Apple_Terminal


    TERM_PROGRAM_VERSION=447


    PWD=/Users/guustnieuwenhuis


    SHLVL=2


    SHELL=/bin/zsh


    HOME=/Users/guustnieuwenhuis


    LOGNAME=guustnieuwenhuis


    USER=guustnieuwenhuis


    PATH=/Users/guustnieuwenhuis/.gem/ruby/3.0.0/bin:


    OLDPWD=/Users/guustnieuwenhuis


    LC_CTYPE=UTF-8


    _=/usr/bin/printenv

    View full-size slide

  12. $ printenv HOME
    HOME=/Users/guustnieuwenhuis


    View full-size slide

  13. $ echo $HOME
    HOME=/Users/guustnieuwenhuis


    View full-size slide

  14. $ cat .env
    REACT_APP_API_KEY=your-development-api-key


    REACT_APP_DATABASE_URL=https://your-development-database.com


    REACT_APP_PROJECT_ID=your-development-project-id

    View full-size slide

  15. Docker environment variables

    View full-size slide

  16. Docker build


    Docker run


    Docker compose


    View full-size slide

  17. $ docker build -t app --build-arg VERSION=1.0 .


    [+] Building 0.9s (6/6) FINISHED


    => [internal] load build definition from Dockerfile
    => => transferring dockerfile: 36B
    => [internal] load .dockerignore
    => => transferring context: 2B
    => [internal] load metadata for docker.io/lucee/lucee:latest
    => [1/1] FROM docker.io/lucee/lucee
    => CACHED [2/1] RUN rm -rf /var/www/*
    => exporting to image
    => => exporting layers
    => => writing image sha256:18c080b6cbfed0ac44c4848ffb2f14e6f12d86a83c8c32d3176e341f4e6
    => => naming to docker.io/library/app

    View full-size slide

  18. $ docker build -t app --build-arg VERSION=${BITBUCKET_TAG} .


    [+] Building 0.9s (6/6) FINISHED


    => [internal] load build definition from Dockerfile
    => => transferring dockerfile: 36B
    => [internal] load .dockerignore
    => => transferring context: 2B
    => [internal] load metadata for docker.io/lucee/lucee:latest
    => [1/1] FROM docker.io/lucee/lucee
    => CACHED [2/1] RUN rm -rf /var/www/*
    => exporting to image
    => => exporting layers
    => => writing image sha256:18c080b6cbfed0ac44c4848ffb2f14e6f12d86a83c8c32d3176e341f4e6
    => => naming to docker.io/library/app

    View full-size slide

  19. FROM lucee/lucee


    ENV VERSION=${VERSION}
    Docker
    fi
    le

    View full-size slide

  20. $ docker run -p 80:8888 -e DEBUG=1 lucee/lucee
    NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java
    java.util=ALL-UNNAMED --add-opens=java.base/java.util.concurrent=ALL-UNNAMED --add-opens=java.r
    22-Jun-2023 09:25:23.588 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Serv
    22-Jun-2023 09:25:23.600 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Serv
    22-Jun-2023 09:25:23.600 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Serv
    22-Jun-2023 09:25:23.600 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS N
    22-Jun-2023 09:25:23.600 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS V
    22-Jun-2023 09:25:23.600 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Arch
    22-Jun-2023 09:25:23.600 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Java
    22-Jun-2023 09:25:23.601 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM
    22-Jun-2023 09:25:23.601 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM
    22-Jun-2023 09:25:23.601 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATA
    22-Jun-2023 09:25:23.601 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATA
    22-Jun-2023 09:25:23.612 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Comm
    java.lang=ALL-UNNAMED


    22-Jun-2023 09:25:23.612 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Comm
    UNNAMED



    View full-size slide

  21. $ docker run -p 80:8888 --env DEBUG=1 lucee/lucee
    NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java
    java.util=ALL-UNNAMED --add-opens=java.base/java.util.concurrent=ALL-UNNAMED --add-opens=java.r
    22-Jun-2023 09:25:23.588 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Serv
    22-Jun-2023 09:25:23.600 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Serv
    22-Jun-2023 09:25:23.600 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Serv
    22-Jun-2023 09:25:23.600 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS N
    22-Jun-2023 09:25:23.600 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS V
    22-Jun-2023 09:25:23.600 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Arch
    22-Jun-2023 09:25:23.600 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Java
    22-Jun-2023 09:25:23.601 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM
    22-Jun-2023 09:25:23.601 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM
    22-Jun-2023 09:25:23.601 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATA
    22-Jun-2023 09:25:23.601 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATA
    22-Jun-2023 09:25:23.612 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Comm
    java.lang=ALL-UNNAMED


    22-Jun-2023 09:25:23.612 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Comm
    UNNAMED



    View full-size slide

  22. $ docker run -p 80:8888 --env-file ./.env lucee/lucee
    NOTE: Picked up JDK_JAVA_OPTIONS: --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java
    java.util=ALL-UNNAMED --add-opens=java.base/java.util.concurrent=ALL-UNNAMED --add-opens=java.r
    22-Jun-2023 09:25:23.588 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Serv
    22-Jun-2023 09:25:23.600 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Serv
    22-Jun-2023 09:25:23.600 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Serv
    22-Jun-2023 09:25:23.600 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS N
    22-Jun-2023 09:25:23.600 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log OS V
    22-Jun-2023 09:25:23.600 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Arch
    22-Jun-2023 09:25:23.600 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Java
    22-Jun-2023 09:25:23.601 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM
    22-Jun-2023 09:25:23.601 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log JVM
    22-Jun-2023 09:25:23.601 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATA
    22-Jun-2023 09:25:23.601 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log CATA
    22-Jun-2023 09:25:23.612 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Comm
    java.lang=ALL-UNNAMED


    22-Jun-2023 09:25:23.612 INFO [main] org.apache.catalina.startup.VersionLoggerListener.log Comm
    UNNAMED



    View full-size slide

  23. version: "3.7"


    services:


    app:


    image: lucee/lucee


    environment:


    - DEBUG=1
    docker-compose.yml

    View full-size slide

  24. version: "3.7"


    services:


    app:


    image: lucee/lucee


    env_file: ./.env
    docker-compose.yml

    View full-size slide

  25. Environment variables precedence


    1. Set using docker compose run -e in the CLI


    2. Substituted from your shell


    3. Set using the environment attribute in the Compose file


    4. Use of the --env-file argument in the CLI


    5. Use of the env_file attribute in the Compose file


    6. Set using an .env file placed at base of your project directory


    7. Set in a container image in the ENV directive. Having
    any ARG or ENV setting in a Dockerfile evaluates only if there is no
    Docker Compose entry for environment, env_file or run --env.

    View full-size slide

  26. Configuring Adobe CF

    View full-size slide

  27. https://helpx.adobe.com/in/coldfusion/using/docker-images-coldfusion.html

    View full-size slide

  28. version: "3.7"


    services:


    app:


    image: adobecoldfusion/coldfusion2021


    environment:


    docker-compose.yml
    - acceptEULA=YES


    - serial=xxx


    - password=adminpassword


    - enableSecureProfile=true

    View full-size slide

  29. Configuring Lucee

    View full-size slide

  30. https://docs.lucee.org/guides/Various/system-properties.html

    View full-size slide

  31. version: "3.7"


    services:


    app:


    image: lucee/lucee


    environment:


    docker-compose.yml
    - LUCEE_ADMIN_ENABLED=false


    # JFreeChart Extension Version 1.0.19.19


    - LUCEE_EXTENSIONS=D46B46A9-A0E3-44E1-D972A04AC3A8DC10;version=1.0.19.


    - LUCEE_PRESERVE_CASE=true

    View full-size slide

  32. timeout="30">




    idle="10000"


    life="60000"


    port="587"


    smtp=“mail.mymailservice.com”


    ssl="false"


    tls="false"


    username=“mail_user"


    password=“mail_password"/>



    lucee-server.xml

    View full-size slide

  33. timeout="30">




    idle="10000"


    life="60000"


    port="{env:MAIL_PORT}"


    smtp="{env:MAIL_SMTP}"


    ssl="false"


    tls="false"


    username="{env:MAIL_USER}"


    password="{env:MAIL_PASSWORD}"/>



    lucee-server.xml

    View full-size slide

  34. version: "3.7"


    services:


    app:


    build:


    context: .


    dockerfile: Dockerfile


    environment:


    - LUCEEPASSWORD=password
    docker-compose.yml

    View full-size slide

  35. FROM lucee/lucee


    ENV VERSION=${VERSION:-dev}


    COPY entrypoint.sh /entrypoint.sh


    # Engage


    CMD ["/entrypoint.sh"]
    Docker
    fi
    le

    View full-size slide

  36. #!/usr/bin/env sh


    # Take the Lucee password from the environment, if it exists


    if [ -z "$LUCEEPASSWORD" ]


    then


    echo "\$LUCEEPASSWORD is empty, no password configured"


    else


    echo $LUCEEPASSWORD > /opt/lucee/server/lucee-server/context/
    password.txt


    fi


    # Start services


    exec /usr/bin/supervisord -n -c /etc/supervisord.conf
    entrypoint.sh

    View full-size slide

  37. Configuring Commandbox

    View full-size slide

  38. https://hub.docker.com/r/ortussolutions/commandbox/

    View full-size slide

  39. version: "3.7"


    services:


    app:


    image: ortussolutions/commandbox


    environment:


    docker-compose.yml
    - BOX_SERVER_APP_CFENGINE=lucee@5


    - BOX_SERVER_PROFILE=development


    - BOX_SERVER_CFCONFIGFILE=/config/cfconfig.json


    View full-size slide

  40. Configuring Masa CMS

    View full-size slide

  41. All settings.ini.cfm settings


    Format: MURA_{setting}

    View full-size slide




  42. [settings]


    appreloadkey=appreload


    mode=production


    [production]


    admindir=/admin


    admindomain=


    adminemail=


    adminssl=false


    allowautoupdates=true


    allowedIndexFiles=index.cfm,index.json,index.html


    allowlocalfiles=false


    alwaysUseLocalRenderer=false


    assetdir=/s3assets


    assetpath=


    autodiscoverplugins=true


    autoresetpasswords=false


    autoupdateurl=https://github.com/MasaCMS/MasaCMS/archive/main.zip


    bcryptpasswords=true


    clientmanagement=false
    settings.ini.cfm

    View full-size slide

  43. version: "3.7"


    services:


    app:


    image: lucee/lucee


    environment:


    docker-compose.yml
    - MURA_ADMIN_USERNAME: admin


    - MURA_ADMIN_PASSWORD: admin


    - MURA_ADMINEMAIL: [email protected]


    - MURA_APPRELOADKEY: appreload


    - MURA_SITEIDINURLS: "true"


    - MURA_INDEXFILEINURLS: "true"


    - MURA_DBTYPE: mysql


    - MURA_DBCONNECTIONSTRING: “jdbc:mysql://masa_mysql:3306/masadb"


    - MURA_DBCLASS: com.mysql.jdbc.Driver


    - MURA_DBUSERNAME: root


    - MURA_DBPASSWORD: rootpassword


    - MURA_DBHOST: masa_mysql


    - MURA_DBPORT: 3306

    View full-size slide

  44. Configuring own apps

    View full-size slide

  45. server.system.environment

    View full-size slide

  46. version: "3.7"


    services:


    docker-compose.yml
    mysql:


    image: mysql:latest


    environment:


    MYSQL_ROOT_PASSWORD: rootpassword


    MYSQL_DATABASE: testdb


    app:


    image: lucee/lucee


    environment:


    - DBTYPE: mysql


    - DBCLASS: com.mysql.jdbc.Driver


    - DBCONNECTIONSTRING: "jdbc:mysql://mysql:3306/testdb"


    - DBUSERNAME: root


    - DBPASSWORD: rootpassword

    View full-size slide

  47. component {


    this.datasources = {


    testdb = {


    class = server.system.environment.DBCLASS,


    connectionString =


    server.system.environment.DBCONNECTIONSTRING,


    username = server.system.environment.DBUSERNAME,


    password = server.system.environment.DBPASSWORD


    }


    };


    }
    Application.cfc

    View full-size slide

  48. Configuring on AWS

    View full-size slide

  49. CONFIGURING CFML DOCKER
    CONTAINERS THROUGH
    ENVIRONMENT VARIABLES
    [email protected]


    https://www.linkedin.com/in/guustnieuwenhuis

    www.wearenorth.eu

    View full-size slide