Dockerfile 2.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100
  1. # syntax=docker/dockerfile:1.4
  2. # This needs to be bullseye-slim because the Ruby image is built on bullseye-slim
  3. ARG NODE_VERSION="16.18.1-bullseye-slim"
  4. FROM ghcr.io/moritzheiber/ruby-jemalloc:3.0.4-slim as ruby
  5. FROM node:${NODE_VERSION} as build
  6. COPY --from=ruby /opt/ruby /opt/ruby # HJH: space savings from --link dwarfed by media storage, not worth the hassle
  7. ENV DEBIAN_FRONTEND="noninteractive" \
  8. PATH="${PATH}:/opt/ruby/bin"
  9. SHELL ["/bin/bash", "-o", "pipefail", "-c"]
  10. WORKDIR /opt/mastodon
  11. COPY Gemfile* package.json yarn.lock /opt/mastodon/
  12. # hadolint ignore=DL3008
  13. RUN apt-get update && \
  14. apt-get install -y --no-install-recommends build-essential \
  15. ca-certificates \
  16. git \
  17. libicu-dev \
  18. libidn11-dev \
  19. libpq-dev \
  20. libjemalloc-dev \
  21. zlib1g-dev \
  22. libgdbm-dev \
  23. libgmp-dev \
  24. libssl-dev \
  25. libyaml-0-2 \
  26. ca-certificates \
  27. libreadline8 \
  28. python3 \
  29. shared-mime-info && \
  30. bundle config set --local deployment 'true' && \
  31. bundle config set --local without 'development test' && \
  32. bundle config set silence_root_warning true && \
  33. bundle install -j"$(nproc)" && \
  34. yarn install --pure-lockfile --network-timeout 600000
  35. FROM node:${NODE_VERSION}
  36. ARG UID="991"
  37. ARG GID="991"
  38. COPY --from=ruby /opt/ruby /opt/ruby
  39. SHELL ["/bin/bash", "-o", "pipefail", "-c"]
  40. ENV DEBIAN_FRONTEND="noninteractive" \
  41. PATH="${PATH}:/opt/ruby/bin:/opt/mastodon/bin"
  42. # Ignoreing these here since we don't want to pin any versions and the Debian image removes apt-get content after use
  43. # hadolint ignore=DL3008,DL3009
  44. RUN apt-get update && \
  45. echo "Etc/UTC" > /etc/localtime && \
  46. groupadd -g "${GID}" mastodon && \
  47. useradd -l -u "$UID" -g "${GID}" -m -d /opt/mastodon mastodon && \
  48. apt-get -y --no-install-recommends install whois \
  49. wget \
  50. procps \
  51. libssl1.1 \
  52. libpq5 \
  53. imagemagick \
  54. ffmpeg \
  55. libjemalloc2 \
  56. libicu67 \
  57. libidn11 \
  58. libyaml-0-2 \
  59. file \
  60. ca-certificates \
  61. tzdata \
  62. libreadline8 \
  63. tini && \
  64. ln -s /opt/mastodon /mastodon
  65. # Note: no, cleaning here since Debian does this automatically
  66. # See the file /etc/apt/apt.conf.d/docker-clean within the Docker image's filesystem
  67. COPY --chown=mastodon:mastodon . /opt/mastodon
  68. COPY --chown=mastodon:mastodon --from=build /opt/mastodon /opt/mastodon
  69. ENV RAILS_ENV="production" \
  70. NODE_ENV="production" \
  71. RAILS_SERVE_STATIC_FILES="true" \
  72. BIND="0.0.0.0"
  73. # Set the run user
  74. USER mastodon
  75. WORKDIR /opt/mastodon
  76. # Precompile assets
  77. RUN OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder rails assets:precompile && \
  78. yarn cache clean
  79. # Set the work dir and the container entry point
  80. ENTRYPOINT ["/usr/bin/tini", "--"]
  81. EXPOSE 3000 4000