scinote-web/Dockerfile.production

109 lines
3.4 KiB
Text

# Building stage
FROM ruby:3.2.5-bookworm AS builder
RUN rm -f /etc/apt/apt.conf.d/docker-clean; echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache
RUN \
--mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
apt-get update -qq && \
apt-get install -y --no-install-recommends \
libssl-dev \
nodejs \
yarnpkg \
postgresql-client
ENV APP_HOME /usr/src/app
ENV RAILS_ENV=production
ENV GEM_HOME=$APP_HOME/vendor/bundle/ruby/3.2.0
ENV PATH=$GEM_HOME/bin:/usr/share/nodejs/yarn/bin:$PATH
ENV BUNDLE_APP_CONFIG=.bundle
ENV BUNDLE_BUILD__SASSC=--disable-march-tune-native
COPY . $APP_HOME
RUN rm -f $APP_HOME/config/application.yml $APP_HOME/production.env
WORKDIR $APP_HOME
RUN \
--mount=target=/usr/src/app/tmp/bundle,type=cache \
bundle config set without 'development test' && \
bundle config set path '/usr/src/app/tmp/bundle' && \
bundle install --jobs `nproc` && \
cp -r tmp/bundle/ vendor && \
rm -rf vendor/bundle/ruby/3.2.0/cache && \
find vendor/bundle/ruby -type d -name '.git' -exec rm -rf {} + && \
bundle config --local path vendor/bundle
RUN \
--mount=type=cache,target=/usr/local/share/.cache/yarn/v6,sharing=locked \
--mount=type=cache,target=/usr/src/app/node_modules,sharing=locked \
DATABASE_URL=postgresql://postgres@db/scinote_production \
SECRET_KEY_BASE=dummy \
DEFACE_ENABLED=true \
bash -c "rake assets:precompile && rake deface:precompile && rm -rf ./tmp/cache"
# Final stage
FROM ruby:3.2.5-bookworm AS runner
MAINTAINER SciNote <info@scinote.net>
RUN rm -f /etc/apt/apt.conf.d/docker-clean; echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache
RUN \
--mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
DEBIAN_FRONTEND=noninteractive \
apt-get update -qq && \
apt-get install -y --no-install-recommends \
fonts-droid-fallback \
fonts-noto-mono \
fonts-wqy-microhei \
fonts-wqy-zenhei
RUN \
--mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
DEBIAN_FRONTEND=noninteractive \
apt-get update -qq && \
apt-get install -y --no-install-recommends \
default-jre-headless \
ca-certificates-java && \
apt-get install -y --no-install-recommends \
libjemalloc2 \
groff-base \
postgresql-client \
nodejs \
awscli \
netcat-openbsd \
poppler-utils \
librsvg2-2 \
libvips42 \
graphviz \
chromium \
chromium-sandbox \
libfile-mimeinfo-perl \
yarnpkg && \
/usr/share/nodejs/yarn/bin/yarn add puppeteer@npm:puppeteer-core@^22.15.0 && \
apt-get install -y libreoffice && \
ln -s /usr/lib/x86_64-linux-gnu/libvips.so.42 /usr/lib/x86_64-linux-gnu/libvips.so
ARG BUILD_TIMESTAMP=1
RUN \
--mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
touch /etc/build-${BUILD_TIMESTAMP} && \
DEBIAN_FRONTEND=noninteractive \
apt-get update -qq && \
apt-get upgrade -y && \
rm -rf /var/lib/apt/lists/*
ENV APP_HOME /usr/src/app
ENV RAILS_ENV=production
ENV GEM_HOME=$APP_HOME/vendor/bundle/ruby/3.2.0
ENV PATH=$GEM_HOME/bin:$PATH
ENV BUNDLE_APP_CONFIG=.bundle
RUN adduser --uid 1000 scinote
USER scinote
COPY --from=builder --chown=scinote:scinote $APP_HOME $APP_HOME
WORKDIR $APP_HOME
CMD rails s -b 0.0.0.0