Connect to Melpa on Port 80 in Setup Script

Question

I'm trying to setup emacs in a docker image that I am creating. I would like to create the image with a particular melpa package installed.

This is my Dockerfile:

FROM ubuntu

RUN apt-get update
RUN apt-get install -y emacs
COPY setup.el /root/.emacs.d/
WORKDIR /root/.emacs.d/
RUN emacs --script setup.el

This is my setup.el file:

(require 'package)

(package-initialize)

(setq package-archives '(("melpa" . "http://melpa.org/packages/")))

(package-refresh-contents)

(package-install 'racket-mode))

When I go to build the docker image, I get the following error:

Loading /etc/emacs/site-start.d/00debian.el (source)...
Contacting host: melpa.org:80
error in process filter: Could not create connection to melpa.org:443

I looked at the 00debian.el file to see if it had any effect on the docker build.

$ cat /etc/emacs/site-start.d/00debian.el

;; Set the default mail server and news server as specified by Debian
;; policy.

(setq gnus-nntpserver-file "/etc/news/server")

(setq mail-host-address (let ((name (expand-file-name "/etc/mailname")))
                          (if (not (file-readable-p name))
                              nil
                            (with-temp-buffer
                              (insert-file-contents-literally name)
                              (while (search-forward "\n" nil t)
                                (replace-match "" nil t))
                              (buffer-string)))))

It doesn't seem to have any effect on the package system nor does it seem to be reaching out to Melpa or Elpa.

I made the package-archives point to http Melpa as opposed to https Melpa so that I wouldn't connect on port 443. However, my system still seems to be connecting to Melpa on port 443. I did this because when emacs tries to connect over port 443 it throws an unknown certificate authority error (the certificate authority is R3).

Does anyone have an idea how I might be able to fix the certificate authority error in my docker image or otherwise get Melpa to connect over port 80?

Answer 1

Create your own local ELPA mirror repo from installed packages and use that repo in docker.

See https://github.com/redguardtoo/elpa-mirror

Remote elpa repo might be blocked by corp firewall.

Answer 2

I don't have complete answer, but few points which you have to take into consideration:

1. It won't be possible to connect to Melpa.org over port 80, so it is better to switch to https (port 443)
2. I don't have any debian to verify/falsify this guess, but most likely you are missing TLS library and certificates.

Ad1. As you can see below, any query to http melpa.org is moved permanently to https:

~  curl -v http://melpa.org/packages/
*   Trying 178.128.185.1:80...
* Failed to set TCP_KEEPALIVE on fd 6
* Connected to melpa.org (178.128.185.1) port 80 (#0)
> GET /packages/ HTTP/1.1
> Host: melpa.org
> User-Agent: curl/7.74.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Server: nginx
< Date: Thu, 18 Mar 2021 21:25:41 GMT
< Content-Type: text/html
< Content-Length: 162
< Connection: keep-alive
< Location: https://melpa.org/packages/
<
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>
* Connection #0 to host melpa.org left intact

Ad.2 Consider adding to your docker image package gnutls, openssl or libressl.

Good luck!

Answer 3

This is something of a workaround but if you create a docker image and install emacs on it and then connect it to melpa/elpa and then approve the connections to the package repositories, it will create a file network.data in root/.emacs.d/.

If you copy the text of that file and create a file named network.data and incorporate that into your docker build process in root/.emacs.d/, it will allow the connection to melpa in a non-interactive mode during the docker build process.

This isn't perfect but it worked for me!