-
Notifications
You must be signed in to change notification settings - Fork 13
/
Copy pathDockerfile
109 lines (84 loc) · 3.2 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
FROM alpine:latest AS base
RUN apk add --no-cache --update python3 py3-pip bash curl git \
build-base \
openssl-dev \
zlib-dev \
bzip2-dev \
readline-dev \
sqlite-dev \
wget \
curl \
llvm \
ncurses-dev \
xz \
tk-dev \
libffi-dev \
xz-dev \
python3-dev \
py3-openssl \
vim \
gettext \
nginx
RUN curl https://pyenv.run | bash && \
chmod -R 777 "/root/.pyenv/bin"
ENV PATH="/root/.pyenv/bin/:/root/.local/bin/:/root/.pyenv/shims/:${PATH}"
ADD .python-version /tmp/.python-version
RUN pyenv install -v $(cat /tmp/.python-version) && pyenv global $(cat /tmp/.python-version)
RUN curl -sSL https://install.python-poetry.org | python - && \
chmod -R 777 "/root/.local/bin"
ADD front_end/.nvmrc /tmp/.nvmrc
# Install Nodejs
# Inspired from: https://github.com/nodejs/docker-node/blob/main/Dockerfile-alpine.template
ENV ARCH=x64
RUN export NODE_VERSION=$(cat /tmp/.nvmrc) && cd /tmp/ && curl -fsSLO --compressed "https://unofficial-builds.nodejs.org/download/release/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz" \
&& tar -xJf "node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz" -C /usr/local --strip-components=1 --no-same-owner \
&& ln -s /usr/local/bin/node /usr/local/bin/nodejs
FROM base AS backend_deps
WORKDIR /app
ADD poetry.lock poetry.lock
ADD pyproject.toml pyproject.toml
# Needed so the env created by poetry is saved after the build phase. Don't know of another way
RUN poetry config virtualenvs.create false \
&& python -m venv venv \
&& . venv/bin/activate \
&& poetry install --without dev
FROM base AS frontend_deps
WORKDIR /app/front_end/
ADD front_end/package*.json .
ENV NODE_ENV=production
RUN npm ci
FROM base AS final_env
WORKDIR /app
# Install nginx
COPY ./scripts/nginx/ /
RUN echo "daemon off;" >> /etc/nginx/nginx.conf
# Changing ownership and user rights to run as non-root user
RUN mkdir -p /var/cache/nginx && chown -R 1001:0 /var/cache/nginx && \
mkdir -p /var/log/nginx && chown -R 1001:0 /var/log/nginx && \
mkdir -p /var/lib/nginx && chown -R 1001:0 /var/lib/nginx && \
touch /run/nginx.pid && chown -R 1001:0 /run/nginx.pid && \
chown -R 1001:0 /etc/nginx && \
chmod -R 755 /var/lib/nginx /var/log/nginx && \
rm /etc/nginx/http.d/default.conf
# This is done to copy only the source code from HEAD into the image to avoid a COPY . and managing a long .dockerignore
RUN --mount=type=bind,source=.git/,target=/tmp/app/.git/ \
git clone /tmp/app/.git/ /app/
# Copy the backkend and frontend deps
COPY --from=backend_deps /app/venv /app/venv
COPY --from=frontend_deps /app/front_end/node_modules /app/front_end/node_modules
ENV NODE_ENV=production
RUN cd front_end && npm run build && npm install pm2 -g
RUN source venv/bin/activate && ./manage.py collectstatic --noinput
ENV PORT=8080
ENV GUNICORN_WORKERS=4
EXPOSE 8080
FROM final_env AS release
CMD ["sh", "-c", "scripts/prod/release.sh"]
FROM final_env AS web
CMD ["sh", "-c", "scripts/prod/startapp.sh"]
FROM final_env AS django_cron
CMD ["sh", "-c", "scripts/prod/django_cron.sh"]
FROM final_env AS dramatiq_worker
CMD ["sh", "-c", "scripts/prod/run_dramatiq.sh"]
FROM final_env AS all_runners
CMD ["sh", "-c", "scripts/prod/run_all.sh"]