From ae78d012acfd245228815f4e404f0cfa15c97f55 Mon Sep 17 00:00:00 2001 From: Wonderfall Date: Sat, 20 May 2017 20:01:05 +0200 Subject: [PATCH] Some Dockerfile improvements (#3182) - improve docker_entrypoint.sh - serve static files with puma by default - sort packages list - use virtual package for build deps - show how to assign UID/GID --- .env.production.sample | 5 +++++ Dockerfile | 27 ++++++++++++++------------- docker_entrypoint.sh | 12 +++++++++++- 3 files changed, 30 insertions(+), 14 deletions(-) diff --git a/.env.production.sample b/.env.production.sample index 257d35f051d..e37a38c3816 100644 --- a/.env.production.sample +++ b/.env.production.sample @@ -95,3 +95,8 @@ SMTP_FROM_ADDRESS=notifications@example.com # Cluster number setting for streaming API server. # If you comment out following line, cluster number will be `numOfCpuCores - 1`. STREAMING_CLUSTER_NUM=1 + +# Docker mastodon user +# If you use Docker, you may want to assign UID/GID manually. +# UID=1000 +# GID=1000 diff --git a/Dockerfile b/Dockerfile index 3248dd9d103..7033cddd406 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,6 +4,7 @@ LABEL maintainer="https://github.com/tootsuite/mastodon" \ description="A GNU Social-compatible microblogging server" ENV UID=991 GID=991 \ + RAILS_SERVE_STATIC_FILES=true \ RAILS_ENV=production NODE_ENV=production EXPOSE 3000 4000 @@ -11,28 +12,28 @@ EXPOSE 3000 4000 WORKDIR /mastodon RUN echo "@edge https://nl.alpinelinux.org/alpine/edge/main" >> /etc/apk/repositories \ - && BUILD_DEPS=" \ - postgresql-dev \ + && apk -U upgrade \ + && apk add -t build-dependencies \ + build-base \ libxml2-dev \ libxslt-dev \ + postgresql-dev \ + protobuf-dev \ python \ - build-base \ - protobuf-dev" \ - && apk -U upgrade && apk add \ - $BUILD_DEPS \ - nodejs@edge \ - nodejs-npm@edge \ + && apk add \ + ca-certificates \ + ffmpeg \ + file \ git \ + imagemagick@edge \ libpq \ libxml2 \ libxslt \ - ffmpeg \ - file \ - imagemagick@edge \ - ca-certificates \ + nodejs-npm@edge \ + nodejs@edge \ protobuf \ - tini \ su-exec \ + tini \ && npm install -g npm@3 && npm install -g yarn \ && update-ca-certificates \ && rm -rf /tmp/* /var/cache/apk/* diff --git a/docker_entrypoint.sh b/docker_entrypoint.sh index e5326134026..e92959c8e4d 100644 --- a/docker_entrypoint.sh +++ b/docker_entrypoint.sh @@ -1,4 +1,14 @@ #!/bin/sh + +### 1. Adds local user (UID and GID are provided from environment variables). +### 2. Updates permissions, except for ./public/system (should be chown on previous installations). +### 3. Executes the command as that user. + +echo "Creating mastodon user (UID : ${UID} and GID : ${GID})..." addgroup -g ${GID} mastodon && adduser -h /mastodon -s /bin/sh -D -G mastodon -u ${UID} mastodon + +echo "Updating permissions..." find /mastodon -path /mastodon/public/system -prune -o -not -user mastodon -not -group mastodon -print0 | xargs -0 chown -f mastodon:mastodon -su-exec mastodon:mastodon /sbin/tini -- "$@" + +echo "Executing process..." +exec su-exec mastodon:mastodon /sbin/tini -- "$@"