-
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Dockerfile
93 lines (65 loc) · 2.8 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
FROM node:20-slim as frontend
RUN apt-get update --yes --quiet && apt-get install --yes --quiet curl
COPY package.json package-lock.json ./
RUN npm ci --no-audit - -progress=false --omit=dev
# Compile static files
COPY ./scripts ./scripts
COPY ./static/src ./static/src
RUN npm run build
# The actual container
FROM python:3.12-slim as production
ENV VIRTUAL_ENV=/venv
# renovate: datasource=github-tags depName=just-containers/s6-overlay
ENV S6_OVERLAY_VERSION=3.1.6.2
RUN useradd website --create-home -u 1000 && mkdir /app $VIRTUAL_ENV && chown -R website /app $VIRTUAL_ENV
WORKDIR /app
RUN apt-get update --yes --quiet && apt-get install --yes --quiet --no-install-recommends \
build-essential \
libpq-dev \
curl \
git \
nginx \
libnginx-mod-http-headers-more-filter \
# wand dependencies
libmagickwand-6.q16-6 libmagickwand-6.q16hdri-6 \
&& apt-get autoremove && rm -rf /var/lib/apt/lists/*
RUN curl -fsSL https://github.com/aptible/supercronic/releases/download/v0.2.1/supercronic-linux-amd64 -o /usr/local/bin/supercronic && chmod +x /usr/local/bin/supercronic
ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-noarch.tar.xz /tmp
ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-x86_64.tar.xz /tmp
RUN tar -C / -Jxpf /tmp/s6-overlay-noarch.tar.xz && tar -C / -Jxpf /tmp/s6-overlay-x86_64.tar.xz
ENV PATH=$VIRTUAL_ENV/bin:$PATH \
PYTHONUNBUFFERED=1 \
GRANIAN_INTERFACE=wsgi \
GRANIAN_HOST=0.0.0.0 \
GRANIAN_PORT=8080 \
GRANIAN_WORKERS_LIFETIME=1800 \
GRANIAN_RESPAWN_INTERVAL=10 \
GRANIAN_PROCESS_NAME=website \
GRANIAN_RESPAWN_FAILED_WORKERS=1
EXPOSE 8000
RUN ln -fs /app/etc/nginx.conf /etc/nginx/sites-available/default && chown -R website /var/log/nginx
USER website
RUN python -m venv $VIRTUAL_ENV
COPY --chown=website requirements.txt ./
RUN pip install --no-cache -r requirements.txt
COPY --chown=website --from=frontend ./static/build ./static/build
COPY --chown=website ./etc ./etc
COPY --chown=website ./manage.py ./manage.py
COPY --chown=website ./website ./website
RUN cat ./etc/bashrc.sh >> ~/.bashrc
RUN SECRET_KEY=none python manage.py collectstatic --noinput --clear
COPY ./etc/s6-rc.d /etc/s6-overlay/s6-rc.d
ENTRYPOINT [ "/init" ]
# Just dev stuff
FROM production as dev
# Swap user, so the following tasks can be run as root
USER root
RUN curl -fsSL https://deb.nodesource.com/setup_20.x | bash - && apt-get install -y nodejs
RUN apt-get update --yes --quiet && apt-get install -y postgresql-client inotify-tools
RUN curl -sSf https://just.systems/install.sh | bash -s -- --to /usr/bin
# Restore user
USER website
COPY --chown=website dev-requirements.txt ./
RUN pip install --no-cache -r dev-requirements.txt
ENTRYPOINT []
CMD sleep infinity