Some Dockerfile improvements (#3182)

- improve docker_entrypoint.sh - serve static files with puma by default - sort packages list - use virtual package for build deps - show how to assign UID/GID
2017-05-20 20:01:05 +02:00
parent ef900789bc
commit ae78d012ac
3 changed files with 30 additions and 14 deletions
--- a/.env.production.sample
+++ b/.env.production.sample
@@ -95,3 +95,8 @@ SMTP_FROM_ADDRESS=notifications@example.com
 # Cluster number setting for streaming API server.
 # If you comment out following line, cluster number will be `numOfCpuCores - 1`.
 STREAMING_CLUSTER_NUM=1
+
+# Docker mastodon user
+# If you use Docker, you may want to assign UID/GID manually.
+# UID=1000
+# GID=1000
--- a/27
+++ b/27
@@ -4,6 +4,7 @@ LABEL maintainer="https://github.com/tootsuite/mastodon" \
      description="A GNU Social-compatible microblogging server"

 ENV UID=991 GID=991 \
+    RAILS_SERVE_STATIC_FILES=true \
    RAILS_ENV=production NODE_ENV=production

 EXPOSE 3000 4000
@@ -11,28 +12,28 @@ EXPOSE 3000 4000
 WORKDIR /mastodon

 RUN echo "@edge https://nl.alpinelinux.org/alpine/edge/main" >> /etc/apk/repositories \
- && BUILD_DEPS=" \
-    postgresql-dev \
+ && apk -U upgrade \
+ && apk add -t build-dependencies \
+    build-base \
    libxml2-dev \
    libxslt-dev \
+    postgresql-dev \
+    protobuf-dev \
    python \
-    build-base \
-    protobuf-dev" \
- && apk -U upgrade && apk add \
-    $BUILD_DEPS \
-    nodejs@edge \
-    nodejs-npm@edge \
+ && apk add \
+    ca-certificates \
+    ffmpeg \
+    file \
    git \
+    imagemagick@edge \
    libpq \
    libxml2 \
    libxslt \
-    ffmpeg \
-    file \
-    imagemagick@edge \
-    ca-certificates \
+    nodejs-npm@edge \
+    nodejs@edge \
    protobuf \
-    tini \
    su-exec \
+    tini \
 && npm install -g npm@3 && npm install -g yarn \
 && update-ca-certificates \
 && rm -rf /tmp/* /var/cache/apk/*
--- a/docker_entrypoint.sh
+++ b/docker_entrypoint.sh
@@ -1,4 +1,14 @@
 #!/bin/sh
+
+### 1. Adds local user (UID and GID are provided from environment variables).
+### 2. Updates permissions, except for ./public/system (should be chown on previous installations).
+### 3. Executes the command as that user.
+
+echo "Creating mastodon user (UID : ${UID} and GID : ${GID})..."
 addgroup -g ${GID} mastodon && adduser -h /mastodon -s /bin/sh -D -G mastodon -u ${UID} mastodon
+
+echo "Updating permissions..."
 find /mastodon -path /mastodon/public/system -prune -o -not -user mastodon -not -group mastodon -print0 | xargs -0 chown -f mastodon:mastodon
-su-exec mastodon:mastodon /sbin/tini -- "$@"
+
+echo "Executing process..."
+exec su-exec mastodon:mastodon /sbin/tini -- "$@"