docker-mastodon/Dockerfile

135 lines
3.9 KiB
Text
Raw Normal View History

# -------------- Build-time variables --------------
2021-11-26 20:04:08 +00:00
ARG MASTODON_VERSION=3.4.4
ARG MASTODON_REPOSITORY=tootsuite/mastodon
2021-11-06 13:18:48 +00:00
ARG RUBY_VERSION=2.7
ARG NODE_VERSION=14
2021-07-18 14:42:46 +00:00
ARG ALPINE_VERSION=3.14
2021-05-28 23:55:51 +00:00
ARG HARDENED_MALLOC_VERSION=8
ARG LIBICONV_VERSION=1.16
2021-04-18 00:15:18 +00:00
ARG UID=991
ARG GID=991
# ---------------------------------------------------
2021-04-18 00:15:18 +00:00
### Build Mastodon stack base (Ruby + Node)
FROM node:${NODE_VERSION}-alpine${ALPINE_VERSION} as node
FROM ruby:${RUBY_VERSION}-alpine${ALPINE_VERSION} as node-ruby
COPY --from=node /usr/local /usr/local
COPY --from=node /opt /opt
2021-04-18 00:15:18 +00:00
### Build Hardened Malloc
2021-04-20 18:09:54 +00:00
ARG ALPINE_VERSION
2021-04-20 16:47:18 +00:00
FROM alpine:${ALPINE_VERSION} as build-malloc
ARG HARDENED_MALLOC_VERSION
2021-06-02 01:29:23 +00:00
ARG CONFIG_NATIVE=false
2021-05-14 17:53:14 +00:00
RUN apk --no-cache add build-base git gnupg && cd /tmp \
&& wget -q https://github.com/thestinger.gpg && gpg --import thestinger.gpg \
&& git clone --depth 1 --branch ${HARDENED_MALLOC_VERSION} https://github.com/GrapheneOS/hardened_malloc \
&& cd hardened_malloc && git verify-tag $(git describe --tags) \
2021-06-02 01:29:23 +00:00
&& make CONFIG_NATIVE=${CONFIG_NATIVE}
2018-06-12 14:54:14 +00:00
### Build GNU Libiconv (needed for nokogiri)
2021-04-20 18:09:54 +00:00
ARG ALPINE_VERSION
2021-04-20 16:47:18 +00:00
FROM alpine:${ALPINE_VERSION} as build-gnulibiconv
ARG LIBICONV_VERSION
2021-04-18 00:15:18 +00:00
RUN apk --no-cache add build-base \
&& wget -q https://ftp.gnu.org/pub/gnu/libiconv/libiconv-${LIBICONV_VERSION}.tar.gz \
&& mkdir /tmp/libiconv && tar xf libiconv-${LIBICONV_VERSION}.tar.gz -C /tmp/libiconv --strip-components 1 \
&& cd /tmp/libiconv && mkdir output && ./configure --prefix=$PWD/output \
&& make -j$(getconf _NPROCESSORS_ONLN) && make install
### Build Mastodon (production environment)
2021-04-18 00:15:18 +00:00
FROM node-ruby as mastodon
COPY --from=build-gnulibiconv /tmp/libiconv/output /usr/local
COPY --from=build-malloc /tmp/hardened_malloc/libhardened_malloc.so /usr/local/lib/
2018-06-12 14:54:14 +00:00
ARG MASTODON_VERSION
ARG MASTODON_REPOSITORY
ARG UID
ARG GID
ENV RUN_DB_MIGRATIONS=true \
2018-06-12 14:54:14 +00:00
SIDEKIQ_WORKERS=5 \
BIND=0.0.0.0 \
2018-06-12 14:54:14 +00:00
RAILS_SERVE_STATIC_FILES=true \
RAILS_ENV=production \
NODE_ENV=production \
PATH="${PATH}:/mastodon/bin" \
LD_PRELOAD="/usr/local/lib/libhardened_malloc.so"
2018-06-12 14:54:14 +00:00
WORKDIR /mastodon
2021-04-18 00:15:18 +00:00
# Install runtime dependencies
RUN apk --no-cache add \
2018-06-12 14:54:14 +00:00
ca-certificates \
ffmpeg \
file \
git \
icu-libs \
imagemagick \
libidn \
2019-03-11 21:06:00 +00:00
libxml2 \
libxslt \
2018-06-12 14:54:14 +00:00
libpq \
2019-03-11 21:06:00 +00:00
openssl \
2018-06-12 14:54:14 +00:00
protobuf \
s6 \
tzdata \
yaml \
readline \
gcompat \
2018-06-12 14:54:14 +00:00
# Install build dependencies
2021-04-18 00:15:18 +00:00
&& apk --no-cache add -t build-dependencies \
2018-06-12 14:54:14 +00:00
build-base \
icu-dev \
libidn-dev \
libtool \
2019-03-11 21:06:00 +00:00
libxml2-dev \
libxslt-dev \
2018-06-12 14:54:14 +00:00
postgresql-dev \
protobuf-dev \
2020-07-08 16:29:42 +00:00
python3 \
2021-04-18 00:15:18 +00:00
imagemagick \
2018-06-12 14:54:14 +00:00
# Install Mastodon
2021-05-08 16:34:14 +00:00
&& wget -qO- https://github.com/${MASTODON_REPOSITORY}/archive/v${MASTODON_VERSION}.tar.gz | tar xz --strip 1 \
2019-03-11 21:06:00 +00:00
&& bundle config build.nokogiri --use-system-libraries --with-iconv-lib=/usr/local/lib --with-iconv-include=/usr/local/include \
&& bundle config set --local clean 'true' && bundle config set --local deployment 'true' \
&& bundle config set --local without 'test development' && bundle config set no-cache 'true' \
&& bundle install -j$(getconf _NPROCESSORS_ONLN) \
2019-03-11 21:06:00 +00:00
&& yarn install --pure-lockfile --ignore-engines \
&& OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder bundle exec rails assets:precompile \
2018-06-12 14:54:14 +00:00
# Clean
&& npm -g --force cache clean && yarn cache clean \
&& apk del build-dependencies \
2021-04-18 00:15:18 +00:00
# Prepare mastodon user
2021-04-17 14:46:24 +00:00
&& adduser -g ${GID} -u ${UID} --disabled-password --gecos "" mastodon \
&& chown -R mastodon:mastodon /mastodon
COPY --chown=mastodon:mastodon rootfs /
2018-06-12 14:54:14 +00:00
RUN chmod +x /usr/local/bin/* /etc/s6.d/*/* /etc/s6.d/.s6-svscan/*
2021-04-17 14:46:24 +00:00
USER mastodon
2018-06-12 14:54:14 +00:00
VOLUME /mastodon/public/system /mastodon/log
EXPOSE 3000 4000
2021-04-18 00:15:18 +00:00
LABEL maintainer="Wonderfall <wonderfall@protonmail.com>" \
2018-06-12 14:54:14 +00:00
description="Your self-hosted, globally interconnected microblogging community"
ENTRYPOINT ["/usr/local/bin/run"]
2018-06-12 14:54:14 +00:00
CMD ["/bin/s6-svscan", "/etc/s6.d"]