edshot99/eBooru
1
0
Fork 0
forked from e621ng/e621ng
Code Issues 11 Releases 1 Activity

[Docker] Implement recommendations from review

Browse Source 
* Use alpine as the base image
* Parallelize bundle install

Using alpine as base make is feasable to use the provides vips library.
The version is actually newer than what was installed previously.

Other stuff I did:
* Set SECRET_TOKEN/SESSION_SECRET_KEY from docker-compose
* Mute elasticsearch startup logspam
* Execute image as root. This means mounted volume do'nt need to  be chowned
This commit is contained in:
Earlopain 2021-11-16 21:32:40 +01:00
parent 36812a234e
commit 59e80b7a4d
No known key found for this signature in database
GPG Key ID: 6CFB948E15246897
4 changed files with 16 additions and 67 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
Dockerfile
View File

@ -1,68 +1,16 @@
FROM ruby:2.7.3
ARG DEBIAN_FRONTEND=noninteractive
FROM ruby:2.7.3-alpine
RUN apt-get update \
&& apt-get install -y gnupg2 wget \
&& rm -rf /var/lib/apt/lists/*
# Dependencies for setup and runtime
RUN apk --no-cache add nodejs yarn postgresql-client ffmpeg vips tzdata \
git build-base postgresql-dev glib-dev
# Add custom sources
RUN wget -qO - https://deb.nodesource.com/setup_14.x | bash - >/dev/null 2>&1 \
&& wget -qO - https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - \
&& echo "deb https://dl.yarnpkg.com/debian/ stable main" > /etc/apt/sources.list.d/yarn.list \
&& wget -qO - https://www.postgresql.org/media/keys/ACCC4CF8.asc | apt-key add - \
&& echo "deb https://apt.postgresql.org/pub/repos/apt/ buster-pgdg main" > /etc/apt/sources.list.d/pgdg.list
RUN apt-get update \
&& apt-get install -y ffmpeg postgresql-client-12 nodejs yarn nginx build-essential pkg-config sudo nano \
&& rm -rf /var/lib/apt/lists/*
# User setup
RUN useradd -m -s /bin/bash -U danbooru \
&& usermod -aG www-data danbooru \
&& echo "%danbooru ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/danbooru
# libvips
ARG VIPS_DEPS="libglib2.0-dev libexpat1-dev liblcms2-dev optipng libjpeg62-turbo-dev libjpeg-progs libgif-dev libpng-dev libexif-dev"
ARG VIPS_VERSION=8.10.5
RUN apt-get update \
&& apt-get install -y $VIPS_DEPS \
&& rm -rf /var/lib/apt/lists/* \
&& cd /tmp \
&& wget -q https://github.com/libvips/libvips/releases/download/v$VIPS_VERSION/vips-$VIPS_VERSION.tar.gz \
&& tar xf vips-$VIPS_VERSION.tar.gz \
&& cd vips-$VIPS_VERSION \
&& ./configure --prefix=/usr \
&& make install \
&& rm /tmp/vips-$VIPS_VERSION.tar.gz \
&& rm -rf /tmp/vips-$VIPS_VERSION
# Nice to have packages
RUN apk --no-cache add nano sudo bash
# shoreman
RUN wget -O /usr/bin/shoreman https://github.com/chrismytton/shoreman/raw/master/shoreman.sh \
&& chmod +x /usr/bin/shoreman
# prevent permission issues with volume mounts
RUN mkdir /app \
&& chown danbooru:danbooru /app \
&& mkdir /app/public \
&& chown danbooru:danbooru /app/public \
&& mkdir /app/node_modules \
&& mkdir /app/public/packs \
&& mkdir /app/public/packs-test \
&& mkdir /app/public/data \
&& chown danbooru:danbooru /app/node_modules \
&& chown danbooru:danbooru /app/public/packs \
&& chown danbooru:danbooru /app/public/packs-test \
&& chown danbooru:danbooru /app/public/data \
&& mkdir /home/danbooru/gems \
&& chown danbooru:danbooru /home/danbooru/gems
USER danbooru
# Setup secrets
RUN mkdir -p ~/.danbooru/ \
&& openssl rand -hex 32 > ~/.danbooru/secret_token \
&& openssl rand -hex 32 > ~/.danbooru/session_secret_key \
&& chmod 600 ~/.danbooru/*
WORKDIR /app
CMD [ "shoreman" ]

2
bin/setup
View File

@ -16,7 +16,7 @@ FileUtils.chdir APP_ROOT do
puts '== Installing dependencies =='
system! 'gem install bundler:2.0.1'
system! 'bundler config github.https true'
system('bundle check') || system!('bundle install')
system('bundle check') || system!('bundle install -j$(nproc)')
# Install JavaScript dependencies
system('bin/yarn')

8
docker-compose.yml
View File

@ -9,15 +9,16 @@ services:
- public_packs:/app/public/packs
- public_packs_test:/app/public/packs-test
- post_data:/app/public/data
- gems:/home/danbooru/gems
- gems:/usr/local/bundle
environment:
DATABASE_URL: postgresql://postgres
DATABASE_URL: postgresql://danbooru:@postgres
RAILS_ENV: development
GEM_HOME: /home/danbooru/gems
DANBOORU_HOSTNAME: http://localhost:3000
DANBOORU_REDIS_URL: redis://redis
DANBOORU_ELASTICSEARCH_HOST: elastic
DANBOORU_MEMCACHED_SERVERS: memcached
SECRET_TOKEN: 1c58518a891eff4520cadc59afa9e378a9325f1247544ff258096e497f095f45
SESSION_SECRET_KEY: 44b4f44e9f253c406cbe727d403d500c1cecff943e4d2aea8f5447f28846fffe
depends_on:
- postgres
- redis
@ -64,6 +65,7 @@ services:
environment:
- discovery.type=single-node
- xpack.security.enabled=false
- logger.level=WARN
- ES_JAVA_OPTS=-Xms1g -Xmx1g
volumes:
- elastic_data:/usr/share/elasticsearch/data

9
docker/postgres/Dockerfile
View File

@ -1,10 +1,9 @@
FROM postgres:12
ARG BUILD_DEPS="git build-essential make postgresql-server-dev-12 ca-certificates"
FROM postgres:12-alpine
ARG BUILD_DEPS="git make gcc libc-dev clang llvm"
RUN apt-get update && apt-get install -y $BUILD_DEPS --no-install-recommends \
&& rm -rf /var/lib/apt/lists/* \
RUN apk --no-cache add $BUILD_DEPS \
&& git clone https://github.com/r888888888/test_parser.git /tmp/test_parser \
&& cd /tmp/test_parser \
&& make install \
&& rm -rf /tmp/test_parser \
&& apt-get purge -y --auto-remove $BUILD_DEPS
&& apk del $BUILD_DEPS