#FROM tomcat:10-jdk17-openjdk-bullseye
FROM tomcat:11.0-jdk21-temurin-jammy

# Packages
RUN apt-get update

## quality of life
RUN apt-get install -y libreadline8 less procps

## deps
RUN apt-get install -y libtcnative-1

## needed for setup, uninstalled later
RUN apt-get install -y xmlstarlet


# Scripts
ENV BASE /usr/local/tomcat

# Tomcat config file
ADD setenv.sh "$BASE"/bin/setenv.sh
RUN chmod +x "$BASE"/bin/setenv.sh

## Activate manager
RUN cd /usr/local/tomcat; cp -a webapps.dist/manager webapps/

## Replace users file
ADD tomcat-users.xml "$BASE"/conf/

## Add manager roles
RUN for tag in manager-script manager-gui; do \
    	xmlstarlet ed -L \
    		      -s "/tomcat-users" -t elem -n "new-role" -v "" \
		      -i "//new-role" -t attr -n "rolename" -v "$tag" \
		      -r "//new-role" -v "role" \
	           "$BASE"/conf/tomcat-users.xml; \
    done

## Activate AJP
RUN xmlstarlet ed -L \
    	       	  -s "/Server/Service" -t elem -n "new-Connector" -v "" \
		  -i "//new-Connector" -t attr -n "protocol" -v "AJP/1.3" \
		  -i "//new-Connector" -t attr -n "address" -v "0.0.0.0" \
		  -i "//new-Connector" -t attr -n "port" -v "8009" \
		  -i "//new-Connector" -t attr -n "tomcatAuthentication" -v "false" \
		  -i "//new-Connector" -t attr -n "secretRequired" -v "false" \
		  -i "//new-Connector" -t attr -n "useIPVHosts" -v "true" \
		  -r "//new-Connector" -v "Connector" \
               "$BASE"/conf/server.xml

## Allow manager access from outside
RUN xmlstarlet ed -L \
    	       	  -d "/Context/Valve" \
    	       "$BASE"/webapps/manager/META-INF/context.xml

# Cleanup
RUN apt-get autoremove -y --purge xmlstarlet
RUN apt-get clean