forked from mastodon/mastodon
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Split off Dockerfile components for faster build times (mastodon#20933)
- Loading branch information
1 parent
585cc1a
commit 1b5ed32
Showing
1 changed file
with
76 additions
and
102 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,122 +1,96 @@ | ||
|
|
||
| # syntax=docker/dockerfile:1.4 | ||
| FROM ubuntu:20.04 as build-dep | ||
|
|
||
| # Use bash for the shell | ||
| SHELL ["/bin/bash", "-c"] | ||
| RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections | ||
|
|
||
| # Install Node v16 (LTS) | ||
| ENV NODE_VER="16.17.1" | ||
| RUN ARCH= && \ | ||
| dpkgArch="$(dpkg --print-architecture)" && \ | ||
| case "${dpkgArch##*-}" in \ | ||
| amd64) ARCH='x64';; \ | ||
| ppc64el) ARCH='ppc64le';; \ | ||
| s390x) ARCH='s390x';; \ | ||
| arm64) ARCH='arm64';; \ | ||
| armhf) ARCH='armv7l';; \ | ||
| i386) ARCH='x86';; \ | ||
| *) echo "unsupported architecture"; exit 1 ;; \ | ||
| esac && \ | ||
| echo "Etc/UTC" > /etc/localtime && \ | ||
| apt-get update && \ | ||
| apt-get install -y --no-install-recommends ca-certificates wget python3 apt-utils && \ | ||
| cd ~ && \ | ||
| wget -q https://nodejs.org/download/release/v$NODE_VER/node-v$NODE_VER-linux-$ARCH.tar.gz && \ | ||
| tar xf node-v$NODE_VER-linux-$ARCH.tar.gz && \ | ||
| rm node-v$NODE_VER-linux-$ARCH.tar.gz && \ | ||
| mv node-v$NODE_VER-linux-$ARCH /opt/node | ||
|
|
||
| # Install Ruby 3.0 | ||
| ENV RUBY_VER="3.0.4" | ||
| RUN apt-get update && \ | ||
| apt-get install -y --no-install-recommends build-essential \ | ||
| bison libyaml-dev libgdbm-dev libreadline-dev libjemalloc-dev \ | ||
| libncurses5-dev libffi-dev zlib1g-dev libssl-dev && \ | ||
| cd ~ && \ | ||
| wget https://cache.ruby-lang.org/pub/ruby/${RUBY_VER%.*}/ruby-$RUBY_VER.tar.gz && \ | ||
| tar xf ruby-$RUBY_VER.tar.gz && \ | ||
| cd ruby-$RUBY_VER && \ | ||
| ./configure --prefix=/opt/ruby \ | ||
| --with-jemalloc \ | ||
| --with-shared \ | ||
| --disable-install-doc && \ | ||
| make -j"$(nproc)" > /dev/null && \ | ||
| make install && \ | ||
| rm -rf ../ruby-$RUBY_VER.tar.gz ../ruby-$RUBY_VER | ||
|
|
||
| ENV PATH="${PATH}:/opt/ruby/bin:/opt/node/bin" | ||
|
|
||
| RUN npm install -g npm@latest && \ | ||
| npm install -g yarn && \ | ||
| gem install bundler && \ | ||
| apt-get update && \ | ||
| apt-get install -y --no-install-recommends git libicu-dev libidn11-dev \ | ||
| libpq-dev shared-mime-info | ||
| # This needs to be bullseye-slim because the Ruby image is built on bullseye-slim | ||
| ARG NODE_VERSION="16.17.1-bullseye-slim" | ||
|
|
||
| COPY Gemfile* package.json yarn.lock /opt/mastodon/ | ||
| FROM ghcr.io/moritzheiber/ruby-jemalloc:3.0.4-slim as ruby | ||
| FROM node:${NODE_VERSION} as build | ||
|
|
||
| RUN cd /opt/mastodon && \ | ||
| bundle config set --local deployment 'true' && \ | ||
| bundle config set --local without 'development test' && \ | ||
| bundle config set silence_root_warning true && \ | ||
| bundle install -j"$(nproc)" && \ | ||
| yarn install --pure-lockfile | ||
| COPY --link --from=ruby /opt/ruby /opt/ruby | ||
|
|
||
| FROM ubuntu:20.04 | ||
| ENV DEBIAN_FRONTEND="noninteractive" \ | ||
| PATH="${PATH}:/opt/ruby/bin" | ||
|
|
||
| # Copy over all the langs needed for runtime | ||
| COPY --from=build-dep --link /opt/node /opt/node | ||
| COPY --from=build-dep --link /opt/ruby /opt/ruby | ||
| SHELL ["/bin/bash", "-o", "pipefail", "-c"] | ||
|
|
||
| WORKDIR /opt/mastodon | ||
| COPY Gemfile* package.json yarn.lock /opt/mastodon/ | ||
|
|
||
| # Add more PATHs to the PATH | ||
| ENV PATH="${PATH}:/opt/ruby/bin:/opt/node/bin:/opt/mastodon/bin" | ||
| RUN apt update && \ | ||
| apt-get install -y --no-install-recommends build-essential \ | ||
| ca-certificates \ | ||
| git \ | ||
| libicu-dev \ | ||
| libidn11-dev \ | ||
| libpq-dev \ | ||
| libjemalloc-dev \ | ||
| zlib1g-dev \ | ||
| libgdbm-dev \ | ||
| libgmp-dev \ | ||
| libssl-dev \ | ||
| libyaml-0-2 \ | ||
| ca-certificates \ | ||
| libreadline8 \ | ||
| python3 \ | ||
| shared-mime-info && \ | ||
| bundle config set --local deployment 'true' && \ | ||
| bundle config set --local without 'development test' && \ | ||
| bundle config set silence_root_warning true && \ | ||
| bundle install -j"$(nproc)" && \ | ||
| yarn install --pure-lockfile | ||
|
|
||
| FROM node:${NODE_VERSION} | ||
|
|
||
| ARG UID="991" | ||
| ARG GID="991" | ||
|
|
||
| COPY --link --from=ruby /opt/ruby /opt/ruby | ||
|
|
||
| # Create the mastodon user | ||
| ARG UID=991 | ||
| ARG GID=991 | ||
| SHELL ["/bin/bash", "-o", "pipefail", "-c"] | ||
|
|
||
| ENV DEBIAN_FRONTEND="noninteractive" \ | ||
| PATH="${PATH}:/opt/ruby/bin:/opt/mastodon/bin" | ||
|
|
||
| RUN apt-get update && \ | ||
| echo "Etc/UTC" > /etc/localtime && \ | ||
| apt-get install -y --no-install-recommends whois wget && \ | ||
| addgroup --gid $GID mastodon && \ | ||
| useradd -m -u $UID -g $GID -d /opt/mastodon mastodon && \ | ||
| echo "mastodon:$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 24 | mkpasswd -s -m sha-256)" | chpasswd && \ | ||
| rm -rf /var/lib/apt/lists/* | ||
|
|
||
| # Install mastodon runtime deps | ||
| RUN echo 'debconf debconf/frontend select Noninteractive' | debconf-set-selections | ||
| RUN apt-get update && \ | ||
| apt-get -y --no-install-recommends install \ | ||
| libssl1.1 libpq5 imagemagick ffmpeg libjemalloc2 \ | ||
| libicu66 libidn11 libyaml-0-2 \ | ||
| file ca-certificates tzdata libreadline8 gcc tini apt-utils && \ | ||
| ln -s /opt/mastodon /mastodon && \ | ||
| gem install bundler && \ | ||
| rm -rf /var/cache && \ | ||
| rm -rf /var/lib/apt/lists/* | ||
|
|
||
| # Copy over mastodon source, and dependencies from building, and set permissions | ||
| COPY --chown=mastodon:mastodon . /opt/mastodon | ||
| COPY --from=build-dep --chown=mastodon:mastodon /opt/mastodon /opt/mastodon | ||
| echo "Etc/UTC" > /etc/localtime && \ | ||
| groupadd -g "${GID}" mastodon && \ | ||
| useradd -u "$UID" -g "${GID}" -m -d /opt/mastodon mastodon && \ | ||
| apt-get -y --no-install-recommends install whois \ | ||
| wget \ | ||
| libssl1.1 \ | ||
| libpq5 \ | ||
| imagemagick \ | ||
| ffmpeg \ | ||
| libjemalloc2 \ | ||
| libicu67 \ | ||
| libidn11 \ | ||
| libyaml-0-2 \ | ||
| file \ | ||
| ca-certificates \ | ||
| tzdata \ | ||
| libreadline8 \ | ||
| tini && \ | ||
| ln -s /opt/mastodon /mastodon | ||
|
|
||
| # Note: no, cleaning here since Debian does this automatically | ||
| # See the file /etc/apt/apt.conf.d/docker-clean within the Docker image's filesystem | ||
|
|
||
| # Run mastodon services in prod mode | ||
| ENV RAILS_ENV="production" | ||
| ENV NODE_ENV="production" | ||
| COPY --chown=mastodon:mastodon . /opt/mastodon | ||
| COPY --chown=mastodon:mastodon --from=build /opt/mastodon /opt/mastodon | ||
|
|
||
| # Tell rails to serve static files | ||
| ENV RAILS_SERVE_STATIC_FILES="true" | ||
| ENV BIND="0.0.0.0" | ||
| ENV RAILS_ENV="production" \ | ||
| NODE_ENV="production" \ | ||
| RAILS_SERVE_STATIC_FILES="true" \ | ||
| BIND="0.0.0.0" | ||
|
|
||
| # Set the run user | ||
| USER mastodon | ||
| WORKDIR /opt/mastodon | ||
|
|
||
| # Precompile assets | ||
| RUN cd ~ && \ | ||
| OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder rails assets:precompile && \ | ||
| yarn cache clean | ||
| RUN OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder rails assets:precompile && \ | ||
| yarn cache clean | ||
|
|
||
| # Set the work dir and the container entry point | ||
| WORKDIR /opt/mastodon | ||
| ENTRYPOINT ["/usr/bin/tini", "--"] | ||
| EXPOSE 3000 4000 |