revert ba7703207c

revert new dockerfile
2023-11-09 23:17:05 +01:00 · 2023-11-09 23:17:05 +01:00 · 05855361cb
commit 05855361cb
parent 0b20085f0e
4 changed files with 86 additions and 327 deletions
--- a/.drone.yml
+++ b/.drone.yml
@ -3,7 +3,7 @@ name: mastodon
 type: kubernetes
 steps:
- name: build-mastodon  
+- name: build-image
  image: plugins/docker
  environment:		
    DOCKER_BUILDKIT: 1
@ -15,19 +15,5 @@ steps:
      from_secret: registry_pass
    repo: git.greyfox.tech/bark/mastodon
    dockerfile: Dockerfile
    tags:
      - latest
 - name: build-streaming  
  image: plugins/docker
  environment:		
    DOCKER_BUILDKIT: 1
  settings:
    registry: git.greyfox.tech
    username:
      from_secret: registry_user
    password:
      from_secret: registry_pass
    repo: git.greyfox.tech/bark/streaming
    dockerfile: streaming/Dockerfile
    tags:
      - latest
--- a/314
+++ b/314
@ -1,255 +1,111 @@
 # syntax=docker/dockerfile:1.4
 # This needs to be bookworm-slim because the Ruby image is built on bookworm-slim
 ARG NODE_VERSION="20.9-bookworm-slim"
-# Please see https://docs.docker.com/engine/reference/builder for information about
+FROM ghcr.io/moritzheiber/ruby-jemalloc:3.2.2-slim as ruby
-# the extended buildx capabilities used in this file.
+FROM node:${NODE_VERSION} as build
 # Make sure multiarch TARGETPLATFORM is available for interpolation
 # See: https://docs.docker.com/build/building/multi-platform/
 ARG TARGETPLATFORM=${TARGETPLATFORM}
 ARG BUILDPLATFORM=${BUILDPLATFORM}
-# Ruby image to use for base image, change with [--build-arg RUBY_VERSION="3.2.2"]
+COPY --link --from=ruby /opt/ruby /opt/ruby
 ARG RUBY_VERSION="3.2.2"
 # # Node version to use in base image, change with [--build-arg NODE_MAJOR_VERSION="20"]
 ARG NODE_MAJOR_VERSION="20"
 # Debian image to use for base image, change with [--build-arg DEBIAN_VERSION="bookworm"]
 ARG DEBIAN_VERSION="bookworm"
 # Node image to use for base image based on combined variables (ex: 20-bookworm-slim)
 FROM docker.io/node:${NODE_MAJOR_VERSION}-${DEBIAN_VERSION}-slim as node
 # Ruby image to use for base image based on combined variables (ex: 3.2.2-slim-bookworm)
 FROM docker.io/ruby:${RUBY_VERSION}-slim-${DEBIAN_VERSION} as ruby
-# Resulting version string is vX.X.X-MASTODON_VERSION_PRERELEASE+MASTODON_VERSION_METADATA
+ENV DEBIAN_FRONTEND="noninteractive" \
-# Example: v4.2.0-nightly.2023.11.09+something
+    PATH="${PATH}:/opt/ruby/bin"
 # Overwrite existance of 'alpha.0' in version.rb [--build-arg MASTODON_VERSION_PRERELEASE="nightly.2023.11.09"]
 ARG MASTODON_VERSION_PRERELEASE=""
 # Append build metadata or fork information to version.rb [--build-arg MASTODON_VERSION_METADATA="something"]
 ARG MASTODON_VERSION_METADATA="bark"
-# Allow Ruby on Rails to serve static files
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 # See: https://docs.joinmastodon.org/admin/config/#rails_serve_static_files
 ARG RAILS_SERVE_STATIC_FILES="true"
 # Allow to use YJIT compiler
 # See: https://github.com/ruby/ruby/blob/master/doc/yjit/yjit.md
 ARG RUBY_YJIT_ENABLE="1"
 # Timezone used by the Docker container and runtime, change with [--build-arg TZ=Europe/Berlin]
 ARG TZ="Etc/UTC"
 # Linux UID (user id) for the mastodon user, change with [--build-arg UID=1234]
 ARG UID="991"
 # Linux GID (group id) for the mastodon user, change with [--build-arg GID=1234]
 ARG GID="991"
 # Apply Mastodon build options based on options above
 ENV \
 # Apply Mastodon version information
  MASTODON_VERSION_PRERELEASE="${MASTODON_VERSION_PRERELEASE}" \
  MASTODON_VERSION_METADATA="${MASTODON_VERSION_METADATA}" \
 # Apply Mastodon static files and YJIT options
  RAILS_SERVE_STATIC_FILES=${RAILS_SERVE_STATIC_FILES} \
  RUBY_YJIT_ENABLE=${RUBY_YJIT_ENABLE} \
 # Apply timezone
  TZ=${TZ}
 ENV \
 # Configure the IP to bind Mastodon to when serving traffic
  BIND="0.0.0.0" \
 # Use production settings for Yarn, Node and related nodejs based tools
  NODE_ENV="production" \
 # Use production settings for Ruby on Rails
  RAILS_ENV="production" \
 # Add Ruby and Mastodon installation to the PATH
  DEBIAN_FRONTEND="noninteractive" \
  PATH="${PATH}:/opt/ruby/bin:/opt/mastodon/bin" \
 # Optimize jemalloc 5.x performance
  MALLOC_CONF="narenas:2,background_thread:true,thp:never,dirty_decay_ms:1000,muzzy_decay_ms:0"
 # Set default shell used for running commands
 SHELL ["/bin/bash", "-o", "pipefail", "-o", "errexit", "-c"]
 ARG TARGETPLATFORM
 RUN echo "Target platform is $TARGETPLATFORM"
 RUN \
 # Sets timezone
  echo "${TZ}" > /etc/localtime; \
 # Creates mastodon user/group and sets home directory
  groupadd -g "${GID}" mastodon; \
  useradd -l -u "${UID}" -g "${GID}" -m -d /opt/mastodon mastodon; \
 # Creates /mastodon symlink to /opt/mastodon
  ln -s /opt/mastodon /mastodon;
 # Set /opt/mastodon as working directory
 WORKDIR /opt/mastodon
-# hadolint ignore=DL3008,DL3005
+# hadolint ignore=DL3008
-RUN \
+RUN apt-get update && \
-# Mount Apt cache and lib directories from Docker buildx caches
+    apt-get -yq dist-upgrade && \
--mount=type=cache,id=apt-cache-${TARGETPLATFORM},target=/var/cache/apt,sharing=locked \
+    apt-get install -y --no-install-recommends build-essential \
--mount=type=cache,id=apt-lib-${TARGETPLATFORM},target=/var/lib/apt,sharing=locked \
+        git \
-# Apt update & upgrade to check for security updates to Debian image
+        libicu-dev \
-  apt-get update; \
+        libidn-dev \
-  apt-get dist-upgrade -yq; \
+        libpq-dev \
-# Install jemalloc, curl and other necessary components
+        libjemalloc-dev \
-  apt-get install -y --no-install-recommends \
+        zlib1g-dev \
-    ca-certificates \
+        libgdbm-dev \
-    curl \
+        libgmp-dev \
-    ffmpeg \
+        libssl-dev \
-    file \
+        libyaml-dev \
-    imagemagick \
+        ca-certificates \
-    libjemalloc2 \
+        libreadline8 \
-    patchelf \
+        python3 \
-    procps \
+        shared-mime-info && \
-    tini \
+    bundle config set --local deployment 'true' && \
-    tzdata \
+    bundle config set --local without 'development test' && \
-  ; \
+    bundle config set silence_root_warning true && \
-# Patch Ruby to use jemalloc
+    corepack enable
  patchelf --add-needed libjemalloc.so.2 /usr/local/bin/ruby; \
 # Discard patchelf after use
  apt-get purge -y \
    patchelf \
  ;
-# Create temporary build layer from base image
+COPY Gemfile* package.json yarn.lock .yarnrc.yml /opt/mastodon/
 FROM ruby as build
 # Copy Node package configuration files into working directory
 COPY package.json yarn.lock .yarnrc.yml /opt/mastodon/
 COPY .yarn /opt/mastodon/.yarn
-COPY --from=node /usr/local/bin /usr/local/bin
+RUN bundle install -j"$(nproc)"
 COPY --from=node /usr/local/lib /usr/local/lib
-ARG TARGETPLATFORM
+RUN yarn workspaces focus --all --production && \
    yarn cache clean
-# hadolint ignore=DL3008
+FROM node:${NODE_VERSION}
 RUN \
 # Mount Apt cache and lib directories from Docker buildx caches
 --mount=type=cache,id=apt-cache-${TARGETPLATFORM},target=/var/cache/apt,sharing=locked \
 --mount=type=cache,id=apt-lib-${TARGETPLATFORM},target=/var/lib/apt,sharing=locked \
 # Install build tools and bundler dependencies from APT
  apt-get install -y --no-install-recommends \
    g++ \
    gcc \
    git \
    libgdbm-dev \
    libgmp-dev \
    libicu-dev \
    libidn-dev \
    libpq-dev \
    libssl-dev \
    make \
    shared-mime-info \
    zlib1g-dev \
  ;
-RUN \
+# Use those args to specify your own version flags & suffixes
-# Configure Corepack
+ARG MASTODON_VERSION_PRERELEASE=""
-  rm /usr/local/bin/yarn*; \
+ARG MASTODON_VERSION_METADATA="bark"
  corepack enable; \
  corepack prepare --activate;
-# Create temporary bundler specific build layer from build layer
+ARG UID="991"
-FROM build as bundler
+ARG GID="991"
-ARG TARGETPLATFORM
+COPY --link --from=ruby /opt/ruby /opt/ruby
-# Copy Gemfile config into working directory
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
 COPY Gemfile* /opt/mastodon/
-RUN \
+ENV DEBIAN_FRONTEND="noninteractive" \
-# Mount Ruby Gem caches
+    PATH="${PATH}:/opt/ruby/bin:/opt/mastodon/bin"
 --mount=type=cache,id=gem-cache-${TARGETPLATFORM},target=/usr/local/bundle/cache/,sharing=locked \
 # Configure bundle to prevent changes to Gemfile and Gemfile.lock
  bundle config set --global frozen "true"; \
 # Configure bundle to not cache downloaded Gems
  bundle config set --global cache_all "false"; \
 # Configure bundle to only process production Gems
  bundle config set --local without "development test"; \
 # Configure bundle to not warn about root user
  bundle config set silence_root_warning "true"; \
 # Download and install required Gems
  bundle install -j"$(nproc)";
-# Create temporary node specific build layer from build layer
+# Ignoring these here since we don't want to pin any versions and the Debian image removes apt-get content after use
-FROM build as yarn
+# hadolint ignore=DL3008,DL3009
 RUN apt-get update && \
    echo "Etc/UTC" > /etc/localtime && \
    groupadd -g "${GID}" mastodon && \
    useradd -l -u "$UID" -g "${GID}" -m -d /opt/mastodon mastodon && \
    apt-get -y --no-install-recommends install whois \
        wget \
        procps \
        libssl3 \
        libpq5 \
        imagemagick \
        ffmpeg \
        libjemalloc2 \
        libicu72 \
        libidn12 \
        libyaml-0-2 \
        file \
        ca-certificates \
        tzdata \
        libreadline8 \
        tini && \
    ln -s /opt/mastodon /mastodon && \
    corepack enable
-ARG TARGETPLATFORM
+# Note: no, cleaning here since Debian does this automatically
 # See the file /etc/apt/apt.conf.d/docker-clean within the Docker image's filesystem
-# Copy Node package configuration files into working directory
+COPY --chown=mastodon:mastodon . /opt/mastodon
-COPY package.json yarn.lock .yarnrc.yml /opt/mastodon/
+COPY --chown=mastodon:mastodon --from=build /opt/mastodon /opt/mastodon
 COPY .yarn /opt/mastodon/.yarn
-# hadolint ignore=DL3008
+ENV RAILS_ENV="production" \
-RUN \
+    NODE_ENV="production" \
--mount=type=cache,id=corepack-cache-${TARGETPLATFORM},target=/usr/local/share/.cache/corepack,sharing=locked \
+    RAILS_SERVE_STATIC_FILES="true" \
--mount=type=cache,id=yarn-cache-${TARGETPLATFORM},target=/usr/local/share/.cache/yarn,sharing=locked \
+    BIND="0.0.0.0" \
-# Install Node packages
+    MASTODON_VERSION_PRERELEASE="${MASTODON_VERSION_PRERELEASE}" \
-  yarn workspaces focus --all --production;
+    MASTODON_VERSION_METADATA="${MASTODON_VERSION_METADATA}"
-# Create temporary assets build layer from build layer
+# Set the run user
 FROM build as precompiler
 # Copy Mastodon sources into precompiler layer
 COPY . /opt/mastodon/
 # Copy bundler and node packages from build layer to container
 COPY --from=yarn /opt/mastodon /opt/mastodon/
 COPY --from=bundler /opt/mastodon /opt/mastodon/
 COPY --from=bundler /usr/local/bundle/ /usr/local/bundle/
 ARG TARGETPLATFORM
 RUN \
 # Use Ruby on Rails to create Mastodon assets
  OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder bundle exec rails assets:precompile; \
 # Cleanup temporary files
  rm -fr /opt/mastodon/tmp;
 # Prep final Mastodon Ruby layer
 FROM ruby as mastodon
 ARG TARGETPLATFORM
 # hadolint ignore=DL3008
 RUN \
 # Mount Apt cache and lib directories from Docker buildx caches
 --mount=type=cache,id=apt-cache-${TARGETPLATFORM},target=/var/cache/apt,sharing=locked \
 --mount=type=cache,id=apt-lib-${TARGETPLATFORM},target=/var/lib/apt,sharing=locked \
 # Mount Corepack and Yarn caches from Docker buildx caches
 --mount=type=cache,id=corepack-cache-${TARGETPLATFORM},target=/usr/local/share/.cache/corepack,sharing=locked \
 --mount=type=cache,id=yarn-cache-${TARGETPLATFORM},target=/usr/local/share/.cache/yarn,sharing=locked \
 # Apt update install non-dev versions of necessary components
  apt-get install -y --no-install-recommends \
    libssl3 \
    libpq5 \
    libicu72 \
    libidn12 \
    libreadline8 \
    libyaml-0-2 \
  ;
 # Copy Mastodon sources into final layer
 COPY . /opt/mastodon/
 # Copy compiled assets to layer
 COPY --from=precompiler /opt/mastodon/public/packs /opt/mastodon/public/packs
 COPY --from=precompiler /opt/mastodon/public/assets /opt/mastodon/public/assets
 # Copy bundler components to layer
 COPY --from=bundler /usr/local/bundle/ /usr/local/bundle/
 RUN \
 # Precompile bootsnap code for faster Rails startup
  bundle exec bootsnap precompile --gemfile app/ lib/;
 RUN \
 # Pre-create and chown system volume to Mastodon user
  mkdir -p /opt/mastodon/public/system; \
  chown mastodon:mastodon /opt/mastodon/public/system;
 # Set the running user for resulting container
 USER mastodon
 WORKDIR /opt/mastodon
-# Set container entry point
+# Precompile assets
 RUN OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder rails assets:precompile
 # Set the work dir and the container entry point
 ENTRYPOINT ["/usr/bin/tini", "--"]
-# Expose default Puma ports
+EXPOSE 3000 4000
 EXPOSE 3000
--- a/streaming/.dockerignore
+++ b/streaming/.dockerignore
@ -1,7 +0,0 @@
 .env
 .env.*
 .gitignore
 node_modules
 .DS_Store
 *.swp
 *~
--- a/streaming/Dockerfile
+++ b/streaming/Dockerfile
@ -1,76 +0,0 @@
 # syntax=docker/dockerfile:1.4
 # Please see https://docs.docker.com/engine/reference/builder for information about
 # the extended buildx capabilities used in this file.
 # Make sure multiarch TARGETPLATFORM is available for interpolation
 # See: https://docs.docker.com/build/building/multi-platform/
 ARG TARGETPLATFORM=${TARGETPLATFORM}
 ARG BUILDPLATFORM=${BUILDPLATFORM}
 # Node version to use in base image, change with [--build-arg NODE_MAJOR_VERSION="20"]
 ARG NODE_MAJOR_VERSION="20"
 # Debian image to use for base image, change with [--build-arg DEBIAN_VERSION="bookworm"]
 ARG DEBIAN_VERSION="bookworm"
 # Node image to use for base image based on combined variables (ex: 20-bookworm-slim)
 FROM docker.io/node:${NODE_MAJOR_VERSION}-${DEBIAN_VERSION}-slim as streaming
 # Timezone used by the Docker container and runtime, change with [--build-arg TZ=Europe/Berlin]
 ARG TZ="Etc/UTC"
 # Linux UID (user id) for the mastodon user, change with [--build-arg UID=1234]
 ARG UID="991"
 # Linux GID (group id) for the mastodon user, change with [--build-arg GID=1234]
 ARG GID="991"
 # Configure the IP to bind Mastodon to when serving traffic
 ENV BIND="0.0.0.0"
 ARG TARGETPLATFORM
 RUN echo "Target platform is ${TARGETPLATFORM}"
 RUN \
 # Sets timezone
  echo "${TZ}" > /etc/localtime; \
 # Creates mastodon user/group and sets home directory
  groupadd -g "${GID}" mastodon; \
  useradd -l -u "${UID}" -g "${GID}" -m -d /opt/mastodon mastodon; \
 # Creates symlink for /mastodon folder
  ln -s /opt/mastodon /mastodon;
 # hadolint ignore=DL3008,DL3005
 RUN \
 # Mount Apt cache and lib directories from Docker buildx caches
 --mount=type=cache,id=apt-cache-${TARGETPLATFORM},target=/var/cache/apt,sharing=locked \
 --mount=type=cache,id=apt-lib-${TARGETPLATFORM},target=/var/lib/apt,sharing=locked \
 # upgrade to check for security updates to Debian image
  apt-get dist-upgrade -yq;
 # Set /opt/mastodon as working directory
 WORKDIR /opt/mastodon
 # Copy Node package configuration files from build system to container
 COPY package.json yarn.lock .yarnrc.yml /opt/mastodon/
 COPY .yarn /opt/mastodon/.yarn
 # Copy Streaming source code from build system to container
 COPY ./streaming /opt/mastodon/streaming
 RUN \
 # Mount local Corepack and Yarn caches from Docker buildx caches
 --mount=type=cache,id=corepack-cache-${TARGETPLATFORM},target=/usr/local/share/.cache/corepack,sharing=locked \
 --mount=type=cache,id=yarn-cache-${TARGETPLATFORM},target=/usr/local/share/.cache/yarn,sharing=locked \
  # Configure Corepack
  rm /usr/local/bin/yarn*; \
  corepack enable; \
  corepack prepare --activate;
 RUN \
 # Mount Corepack and Yarn caches from Docker buildx caches
 --mount=type=cache,id=corepack-cache-${TARGETPLATFORM},target=/usr/local/share/.cache/corepack,sharing=locked \
 --mount=type=cache,id=yarn-cache-${TARGETPLATFORM},target=/usr/local/share/.cache/yarn,sharing=locked \
 # Install Node packages
  yarn workspaces focus --all --production;
 # Set the running user for resulting container
 USER mastodon
 # Expose default Streaming ports
 EXPOSE 4000