-FROM ruby:2.4.2-alpine3.6
+FROM node:8.14.0-alpine as node
+FROM ruby:2.4.5-alpine3.8
LABEL maintainer="https://github.com/tootsuite/mastodon" \
- description="A GNU Social-compatible microblogging server"
+ description="Your self-hosted, globally interconnected microblogging community"
-ENV UID=991 GID=991 \
+ARG UID=991
+ARG GID=991
+
+ENV PATH=/mastodon/bin:$PATH \
RAILS_SERVE_STATIC_FILES=true \
- RAILS_ENV=production NODE_ENV=production
+ RAILS_ENV=production \
+ NODE_ENV=production
-ARG YARN_VERSION=1.3.2
-ARG YARN_DOWNLOAD_SHA256=6cfe82e530ef0837212f13e45c1565ba53f5199eec2527b85ecbcd88bf26821d
ARG LIBICONV_VERSION=1.15
ARG LIBICONV_DOWNLOAD_SHA256=ccf536620a45458d26ba83887a983b96827001e92a13847b45e4925cc8913178
WORKDIR /mastodon
+COPY --from=node /usr/local/bin/node /usr/local/bin/node
+COPY --from=node /usr/local/lib/node_modules /usr/local/lib/node_modules
+COPY --from=node /usr/local/bin/npm /usr/local/bin/npm
+COPY --from=node /opt/yarn-* /opt/yarn
+
RUN apk -U upgrade \
&& apk add -t build-dependencies \
build-base \
libidn-dev \
libressl \
libtool \
+ libxml2-dev \
+ libxslt-dev \
postgresql-dev \
protobuf-dev \
python \
imagemagick \
libidn \
libpq \
- nodejs \
- nodejs-npm \
+ libxml2 \
+ libxslt \
protobuf \
- su-exec \
tini \
tzdata \
&& update-ca-certificates \
- && mkdir -p /tmp/src /opt \
- && wget -O yarn.tar.gz "https://github.com/yarnpkg/yarn/releases/download/v$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" \
- && echo "$YARN_DOWNLOAD_SHA256 *yarn.tar.gz" | sha256sum -c - \
- && tar -xzf yarn.tar.gz -C /tmp/src \
- && rm yarn.tar.gz \
- && mv /tmp/src/yarn-v$YARN_VERSION /opt/yarn \
&& ln -s /opt/yarn/bin/yarn /usr/local/bin/yarn \
+ && ln -s /opt/yarn/bin/yarnpkg /usr/local/bin/yarnpkg \
+ && mkdir -p /tmp/src /opt \
&& wget -O libiconv.tar.gz "https://ftp.gnu.org/pub/gnu/libiconv/libiconv-$LIBICONV_VERSION.tar.gz" \
&& echo "$LIBICONV_DOWNLOAD_SHA256 *libiconv.tar.gz" | sha256sum -c - \
&& tar -xzf libiconv.tar.gz -C /tmp/src \
COPY Gemfile Gemfile.lock package.json yarn.lock .yarnclean /mastodon/
-RUN bundle config build.nokogiri --with-iconv-lib=/usr/local/lib --with-iconv-include=/usr/local/include \
+RUN bundle config build.nokogiri --use-system-libraries --with-iconv-lib=/usr/local/lib --with-iconv-include=/usr/local/include \
&& bundle install -j$(getconf _NPROCESSORS_ONLN) --deployment --without test development \
- && yarn --pure-lockfile \
+ && yarn install --pure-lockfile --ignore-engines \
&& yarn cache clean
+RUN addgroup -g ${GID} mastodon && adduser -h /mastodon -s /bin/sh -D -G mastodon -u ${UID} mastodon \
+ && mkdir -p /mastodon/public/system /mastodon/public/assets /mastodon/public/packs \
+ && chown -R mastodon:mastodon /mastodon/public
+
COPY . /mastodon
-COPY docker_entrypoint.sh /usr/local/bin/run
+RUN chown -R mastodon:mastodon /mastodon
+
+VOLUME /mastodon/public/system
-RUN chmod +x /usr/local/bin/run
+USER mastodon
-VOLUME /mastodon/public/system /mastodon/public/assets /mastodon/public/packs
+RUN OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder bundle exec rails assets:precompile
-ENTRYPOINT ["/usr/local/bin/run"]
+ENTRYPOINT ["/sbin/tini", "--"]
git-æsc / mastodon.git / blobdiff