Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updated version of PR #350 #359

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
50 changes: 50 additions & 0 deletions .dockerignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,50 @@
# See https://help.github.com/articles/ignoring-files/ for more about ignoring files.

# dependencies
/node_modules
/.pnp
.pnp.js
.yarn/install-state.gz

# testing
/coverage

# next.js
/.next/
/out/

# production
/build

# misc
.DS_Store
*.pem

# debug
npm-debug.log*
yarn-debug.log*
yarn-error.log*

# local env files
.env*.local

# vercel
.vercel

# typescript
*.tsbuildinfo
next-env.d.ts

# unnecessary files
/.vscode
/.github

.git
.gitignore
.env.local.example

Dockerfile
compose.yml
searxng-*
start.sh
README.md
124 changes: 124 additions & 0 deletions .github/workflows/docker-image.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,124 @@
name: Docker Image

on:
push:
tags: ["v*"]

env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}

jobs:
build:
name: Build multi-platform Docker image
runs-on: ubuntu-latest

permissions:
contents: read
packages: write
id-token: write
attestations: write

strategy:
fail-fast: false
matrix:
platform:
- linux/amd64
- linux/arm64
steps:
- name: Prepare
run: |
platform=${{ matrix.platform }}
echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV

- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}

- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Login to registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Build and push by digest
id: build
uses: docker/build-push-action@v6
with:
platforms: ${{ matrix.platform }}
labels: ${{ steps.meta.outputs.labels }}
outputs: type=image,name=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }},push-by-digest=true,name-canonical=true,push=true
cache-from: type=gha
cache-to: type=gha,mode=max

- name: Generate artifact attestation
uses: actions/attest-build-provenance@v1
with:
subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME}}
subject-digest: ${{ steps.build.outputs.digest }}
push-to-registry: true

- name: Export digest
run: |
mkdir -p /tmp/digests
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/digests/${digest#sha256:}"

- name: Upload digest
uses: actions/upload-artifact@v4
with:
name: digests-${{ env.PLATFORM_PAIR }}
path: /tmp/digests/*
if-no-files-found: error
retention-days: 1
merge:
runs-on: ubuntu-latest
needs:
- build
permissions:
contents: read
packages: write
id-token: write
steps:
- name: Download digests
uses: actions/download-artifact@v4
with:
path: /tmp/digests
pattern: digests-*
merge-multiple: true

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}

- name: Login to registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Create manifest list and push
id: push
working-directory: /tmp/digests
run: |
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
$(printf '${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@sha256:%s ' *)

- name: Inspect image
run: |
docker buildx imagetools inspect ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }}
40 changes: 33 additions & 7 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,15 +1,41 @@
FROM oven/bun:1 AS base
WORKDIR /app

FROM oven/bun:1.1.3-alpine

RUN apk add --no-cache nodejs npm git

# build
FROM base AS builder
WORKDIR /app

COPY package.json bun.lockb ./
RUN bun install
RUN bun install --frozen-lockfile

COPY . .
# in production build, skip validation of typescript
RUN sed -i 's/nextConfig = {/nextConfig = { typescript: { ignoreBuildErrors: true }, eslint: { ignoreDuringBuilds: true },/' next.config.mjs
ENV NEXT_TELEMETRY_DISABLED=1
ENV NODE_ENV=production
RUN bun run build

# Production image, copy all the files and run next
FROM base AS runner
WORKDIR /app

ENV NODE_ENV=production
ENV NEXT_TELEMETRY_DISABLED=1

COPY --from=builder /app/public ./public

# Set the correct permission for prerender cache
RUN mkdir .next && chown bun:bun .next

# Automatically leverage output traces to reduce image size
# https://nextjs.org/docs/advanced-features/output-file-tracing
COPY --from=builder --chown=bun:bun /app/.next/standalone ./
COPY --from=builder --chown=bun:bun /app/.next/static ./.next/static

USER bun

EXPOSE 3000

RUN bun next telemetry disable
ENV PORT=3000

CMD ["bun", "dev", "-H", "0.0.0.0"]
CMD ["bun", "run", "server.js"]
Binary file modified bun.lockb
Binary file not shown.
20 changes: 10 additions & 10 deletions docker-compose.yaml → compose.yml
Original file line number Diff line number Diff line change
Expand Up @@ -3,23 +3,25 @@
name: morphic-stack
services:
morphic:
build:
context: . # The build context is the current directory
dockerfile: Dockerfile
command: bun dev # Use `bun dev -H 0.0.0.0` to listen on all interfaces
container_name: morphic
image: ghcr.io/miurla/morphic:latest
env_file: .env.local # Load environment variables
ports:
- '3000:3000' # Maps port 3000 on the host to port 3000 in the container.
# Supports for api urls with self-signed certificates
#
# volumes:
# - ./ca.pem:/certs/ca.crt
# environment:
# - NODE_EXTRA_CA_CERTS=/certs/ca.crt
depends_on:
- redis
- searxng

redis:
image: redis:alpine
ports:
- '6379:6379'
volumes:
- redis_data:/data
- redis:/data
command: redis-server --appendonly yes

searxng:
Expand All @@ -30,8 +32,6 @@ services:
volumes:
- ./searxng-limiter.toml:/etc/searxng/limiter.toml
- ./searxng-settings.yml:/etc/searxng/settings.yml
- searxng_data:/data

volumes:
redis_data:
searxng_data:
redis:
6 changes: 4 additions & 2 deletions next.config.mjs
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
/** @type {import('next').NextConfig} */
const nextConfig = {};
const nextConfig = {
output: 'standalone'
}

export default nextConfig;
export default nextConfig
2 changes: 1 addition & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -67,4 +67,4 @@
"tailwindcss": "^3.4.1",
"typescript": "^5"
}
}
}