docker-mastodon/Dockerfile

109 lines
3.4 KiB
Text
Raw Normal View History

FROM alpine:3.13 as build-malloc
ARG HARDENED_MALLOC_VERSION=7
RUN apk -U upgrade && apk add build-base && cd /tmp \
&& wget -q https://github.com/GrapheneOS/hardened_malloc/archive/refs/tags/${HARDENED_MALLOC_VERSION}.tar.gz \
&& mkdir hardened_malloc && tar xf ${HARDENED_MALLOC_VERSION}.tar.gz -C hardened_malloc --strip-components 1 \
&& cd hardened_malloc && make
2021-04-15 18:00:40 +00:00
FROM ruby:2.7.3-alpine3.13
2018-06-12 14:54:14 +00:00
COPY --from=build-malloc /tmp/hardened_malloc/libhardened_malloc.so /usr/local/lib/
ARG MASTODON_VERSION=baed52c2a7d8f91bae3c69150005fc528387785c
ARG MASTODON_REPOSITORY=tootsuite/mastodon
ARG LIBICONV_VERSION=1.16
2021-04-15 22:12:39 +00:00
ARG NODE_VERSION=14.16.1
2018-06-12 14:54:14 +00:00
ENV UID=991 GID=991 \
RUN_DB_MIGRATIONS=true \
SIDEKIQ_WORKERS=5 \
BIND=0.0.0.0 \
2018-06-12 14:54:14 +00:00
RAILS_SERVE_STATIC_FILES=true \
RAILS_ENV=production \
NODE_ENV=production \
PATH="${PATH}:/opt/node/bin:/mastodon/bin" \
LD_PRELOAD="/usr/local/lib/libhardened_malloc.so"
2018-06-12 14:54:14 +00:00
WORKDIR /mastodon
# Install dependencies
2021-04-15 22:12:39 +00:00
RUN wget -q https://unofficial-builds.nodejs.org/download/release/v$NODE_VERSION/node-v$NODE_VERSION-linux-x64-musl.tar.xz \
&& mkdir /opt/node && tar -Jxf node-v$NODE_VERSION-linux-x64-musl.tar.xz -C /opt/node --strip-components 1 \
&& rm node-v$NODE_VERSION-linux-x64-musl.tar.xz \
2021-04-15 22:12:39 +00:00
&& apk -U upgrade \
2018-06-12 14:54:14 +00:00
&& apk add \
ca-certificates \
ffmpeg \
file \
git \
icu-libs \
imagemagick \
libidn \
2019-03-11 21:06:00 +00:00
libxml2 \
libxslt \
2018-06-12 14:54:14 +00:00
libpq \
2019-03-11 21:06:00 +00:00
openssl \
2018-06-12 14:54:14 +00:00
protobuf \
s6 \
su-exec \
tzdata \
yaml \
readline \
gcompat \
2018-06-12 14:54:14 +00:00
# Install build dependencies
&& apk add -t build-dependencies \
build-base \
icu-dev \
libidn-dev \
libtool \
2019-03-11 21:06:00 +00:00
libxml2-dev \
libxslt-dev \
2018-06-12 14:54:14 +00:00
postgresql-dev \
protobuf-dev \
2020-07-08 16:29:42 +00:00
python3 \
2018-06-12 14:54:14 +00:00
# Update CA certificates
&& update-ca-certificates \
# Install GNU Libiconv
&& wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-${LIBICONV_VERSION}.tar.gz -O /tmp/libiconv-${LIBICONV_VERSION}.tar.gz \
&& mkdir /tmp/src && tar xzf /tmp/libiconv-${LIBICONV_VERSION}.tar.gz -C /tmp/src && rm /tmp/libiconv-${LIBICONV_VERSION}.tar.gz \
2018-06-12 14:54:14 +00:00
&& cd /tmp/src/libiconv-${LIBICONV_VERSION} \
&& ./configure --prefix=/usr/local \
&& make -j$(getconf _NPROCESSORS_ONLN) && make install && libtool --finish /usr/local/lib \
# Install Mastodon
&& cd /mastodon \
&& wget -qO- https://github.com/${MASTODON_REPOSITORY}/archive/${MASTODON_VERSION}.tar.gz | tar xz --strip 1 \
2019-03-11 21:06:00 +00:00
&& bundle config build.nokogiri --use-system-libraries --with-iconv-lib=/usr/local/lib --with-iconv-include=/usr/local/include \
&& bundle config set --local clean 'true' && bundle config set --local deployment 'true' \
&& bundle config set --local without 'test development' && bundle config set no-cache 'true' \
&& bundle install -j$(getconf _NPROCESSORS_ONLN) \
2021-04-15 22:12:39 +00:00
&& npm install -g yarn \
2019-03-11 21:06:00 +00:00
&& yarn install --pure-lockfile --ignore-engines \
2018-06-12 14:54:14 +00:00
# Precompile Mastodon assets
2019-03-11 21:06:00 +00:00
&& OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder bundle exec rails assets:precompile \
2018-06-12 14:54:14 +00:00
# Clean
&& npm -g --force cache clean && yarn cache clean \
&& apk del build-dependencies \
&& rm -rf /var/cache/apk/* /tmp/src
COPY rootfs /
RUN chmod +x /usr/local/bin/* /etc/s6.d/*/* /etc/s6.d/.s6-svscan/*
VOLUME /mastodon/public/system /mastodon/log
EXPOSE 3000 4000
LABEL maintainer="Wonderfall <wonderfall@targaryen.house>" \
description="Your self-hosted, globally interconnected microblogging community"
ENTRYPOINT ["/usr/local/bin/run"]
CMD ["/bin/s6-svscan", "/etc/s6.d"]