From f2653a0e2ee46bae96795a476e62783dac384dd5 Mon Sep 17 00:00:00 2001
From: Wonderfall <wonderfall@targaryen.house>
Date: Sun, 18 Apr 2021 02:15:18 +0200
Subject: [PATCH] make Dockerfile modular

---
 Dockerfile | 69 ++++++++++++++++++++++++++++--------------------------
 1 file changed, 36 insertions(+), 33 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 39af5aa..903444c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,20 +1,41 @@
+# Build Mastodon stack base (Ruby + Node)
+FROM ruby:2.7.3-alpine3.13 as node-ruby
+
+ARG NODE_VERSION=14.16.1
+
+RUN wget -q https://unofficial-builds.nodejs.org/download/release/v$NODE_VERSION/node-v$NODE_VERSION-linux-x64-musl.tar.xz \
+ && mkdir /opt/node && tar -Jxf node-v$NODE_VERSION-linux-x64-musl.tar.xz -C /opt/node --strip-components 1 \
+ && rm node-v$NODE_VERSION-linux-x64-musl.tar.xz
+
+
+# Build Hardened Malloc
 FROM alpine:3.13 as build-malloc
 
 ARG HARDENED_MALLOC_VERSION=7
 
-RUN apk -U upgrade && apk add build-base && cd /tmp \
+RUN apk --no-cache add build-base && cd /tmp \
  && wget -q https://github.com/GrapheneOS/hardened_malloc/archive/refs/tags/${HARDENED_MALLOC_VERSION}.tar.gz \
  && mkdir hardened_malloc && tar xf ${HARDENED_MALLOC_VERSION}.tar.gz -C hardened_malloc --strip-components 1 \
  && cd hardened_malloc && make
 
-FROM ruby:2.7.3-alpine3.13
 
-COPY --from=build-malloc /tmp/hardened_malloc/libhardened_malloc.so /usr/local/lib/
+# Build GNU Libiconv (needed for nokogiri)
+FROM alpine:3.13 as build-gnulibiconv
 
-ARG MASTODON_VERSION=baed52c2a7d8f91bae3c69150005fc528387785c
-ARG MASTODON_REPOSITORY=tootsuite/mastodon
 ARG LIBICONV_VERSION=1.16
-ARG NODE_VERSION=14.16.1
+
+RUN apk --no-cache add build-base \
+ && wget -q https://ftp.gnu.org/pub/gnu/libiconv/libiconv-${LIBICONV_VERSION}.tar.gz \
+ && mkdir /tmp/libiconv && tar xf libiconv-${LIBICONV_VERSION}.tar.gz -C /tmp/libiconv --strip-components 1 \
+ && cd /tmp/libiconv && mkdir output && ./configure --prefix=$PWD/output \
+ && make -j$(getconf _NPROCESSORS_ONLN) && make install
+
+
+# Build Mastodon
+FROM node-ruby as mastodon
+
+COPY --from=build-gnulibiconv /tmp/libiconv/output /usr/local
+COPY --from=build-malloc /tmp/hardened_malloc/libhardened_malloc.so /usr/local/lib/
 
 ENV UID=991 GID=991 \
     RUN_DB_MIGRATIONS=true \
@@ -26,14 +47,13 @@ ENV UID=991 GID=991 \
     PATH="${PATH}:/opt/node/bin:/mastodon/bin" \
     LD_PRELOAD="/usr/local/lib/libhardened_malloc.so"
 
+ARG MASTODON_VERSION=baed52c2a7d8f91bae3c69150005fc528387785c
+ARG MASTODON_REPOSITORY=tootsuite/mastodon
+
 WORKDIR /mastodon
 
-# Install dependencies
-RUN wget -q https://unofficial-builds.nodejs.org/download/release/v$NODE_VERSION/node-v$NODE_VERSION-linux-x64-musl.tar.xz \
- && mkdir /opt/node && tar -Jxf node-v$NODE_VERSION-linux-x64-musl.tar.xz -C /opt/node --strip-components 1 \
- && rm node-v$NODE_VERSION-linux-x64-musl.tar.xz \
- && apk -U upgrade \
- && apk add \
+# Install runtime dependencies
+RUN apk --no-cache add \
     ca-certificates \
     ffmpeg \
     file \
@@ -51,9 +71,8 @@ RUN wget -q https://unofficial-builds.nodejs.org/download/release/v$NODE_VERSION
     yaml \
     readline \
     gcompat \
-
 # Install build dependencies
- && apk add -t build-dependencies \
+ && apk --no-cache add -t build-dependencies \
     build-base \
     icu-dev \
     libidn-dev \
@@ -63,19 +82,8 @@ RUN wget -q https://unofficial-builds.nodejs.org/download/release/v$NODE_VERSION
     postgresql-dev \
     protobuf-dev \
     python3 \
-
-# Update CA certificates
- && update-ca-certificates \
-
-# Install GNU Libiconv
- && wget http://ftp.gnu.org/pub/gnu/libiconv/libiconv-${LIBICONV_VERSION}.tar.gz -O /tmp/libiconv-${LIBICONV_VERSION}.tar.gz \
- && mkdir /tmp/src && tar xzf /tmp/libiconv-${LIBICONV_VERSION}.tar.gz -C /tmp/src && rm /tmp/libiconv-${LIBICONV_VERSION}.tar.gz \
- && cd /tmp/src/libiconv-${LIBICONV_VERSION} \
- && ./configure --prefix=/usr/local \
- && make -j$(getconf _NPROCESSORS_ONLN) && make install && libtool --finish /usr/local/lib \
-
+    imagemagick \
 # Install Mastodon
- && cd /mastodon \
  && wget -qO- https://github.com/${MASTODON_REPOSITORY}/archive/${MASTODON_VERSION}.tar.gz | tar xz --strip 1 \
  && bundle config build.nokogiri --use-system-libraries --with-iconv-lib=/usr/local/lib --with-iconv-include=/usr/local/include \
  && bundle config set --local clean 'true' && bundle config set --local deployment 'true' \
@@ -83,16 +91,11 @@ RUN wget -q https://unofficial-builds.nodejs.org/download/release/v$NODE_VERSION
  && bundle install -j$(getconf _NPROCESSORS_ONLN) \
  && npm install -g yarn \
  && yarn install --pure-lockfile --ignore-engines \
-
-# Precompile Mastodon assets
  && OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder bundle exec rails assets:precompile \
-
 # Clean
  && npm -g --force cache clean && yarn cache clean \
  && apk del build-dependencies \
- && rm -rf /var/cache/apk/* /tmp/src \
-
-# Create mastodon user \
+# Prepare mastodon user
  && adduser -g ${GID} -u ${UID} --disabled-password --gecos "" mastodon \
  && chown -R mastodon:mastodon /mastodon
 
@@ -106,7 +109,7 @@ VOLUME /mastodon/public/system /mastodon/log
 
 EXPOSE 3000 4000
 
-LABEL maintainer="Wonderfall <wonderfall@targaryen.house>" \
+LABEL maintainer="Wonderfall <wonderfall@protonmail.com>" \
       description="Your self-hosted, globally interconnected microblogging community"
 
 ENTRYPOINT ["/usr/local/bin/run"]