Merge pull request #1258 from hackmdio/feat/new-dockerfile

feat: add new dockerfile
This commit is contained in:
Max Wu 2019-10-07 16:14:52 +08:00 committed by GitHub
commit 545514f107
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 82 additions and 111 deletions

View File

@ -1,8 +1,14 @@
.git/ .idea
coverage
node_modules/ node_modules/
docs/
test/
.sequelizerc.example
config.json.example
public/build
# ignore config files
config.json
.sequelizerc
# ignore webpack build
public/build
public/views/build
.nyc_output
coverage/

View File

@ -1,8 +1,9 @@
var path = require('path'); const path = require('path')
const config = require('./lib/config')
module.exports = { module.exports = {
'config': path.resolve('config.json'), config: path.resolve('config.json'),
'migrations-path': path.resolve('lib', 'migrations'), 'migrations-path': path.resolve('lib', 'migrations'),
'models-path': path.resolve('lib', 'models'), 'models-path': path.resolve('lib', 'models'),
'url': 'change this' url: process.env['CMD_DB_URL'] || config.dbURL
} }

View File

@ -1,56 +1,23 @@
FROM node:8.15.1-jessie AS BUILD FROM hackmdio/buildpack:1.0.4 as BUILD
# use multi-stage build to build frontend javascript
WORKDIR /codimd
COPY . ./ COPY --chown=hackmd:hackmd . .
RUN yarn install --non-interactive --pure-lockfile && \ RUN set -xe && \
yarn build git reset --hard && \
git clean -fx && \
yarn install && \
yarn build && \
yarn install --production=true && \
cp ./deployments/docker-entrypoint.sh ./ && \
cp .sequelizerc.example .sequelizerc && \
rm -rf .git .gitignore .travis.yml .dockerignore .editorconfig .babelrc .mailmap .sequelizerc.example \
test docs contribute \
yarn.lock webpack.prod.js webpack.htmlexport.js webpack.dev.js webpack.common.js \
config.json.example README.md CONTRIBUTING.md AUTHORS
# ---------------------------------------------------- FROM hackmdio/runtime:1.0.4
# Runtime Stage USER hackmd
FROM node:8.15.1 AS RUNTIME WORKDIR /home/hackmd/app
COPY --from=BUILD /home/hackmd/app .
# build for production
ENV NODE_ENV production
ENV PATH="/home/codimd/.npm-global/bin:${PATH}"
# setup isolated user for more security
ARG USER_NAME=codimd
ARG UID=1500
ARG GID=1500
RUN set +x -ue && \
wget https://github.com/hackmdio/portchecker/releases/download/v1.0.1/portchecker-linux-amd64.tar.gz && \
tar xvf portchecker-linux-amd64.tar.gz -C /usr/local/bin && \
mv /usr/local/bin/portchecker-linux-amd64 /usr/local/bin/pcheck && \
# Add user and groupd
groupadd --gid $GID $USER_NAME && \
useradd --uid $UID --gid $USER_NAME --no-log-init --create-home $USER_NAME && \
# setup local npm global directory
mkdir /home/codimd/.npm-global && \
echo "prefix=/home/codimd/.npm-global/" > /home/codimd/.npmrc && \
# setup app dir
mkdir /codimd && \
# adjust permission
chown -R $USER_NAME:$USER_NAME /home/codimd
# Copy build stage file to runtime
COPY --from=BUILD /codimd /codimd
RUN chown -R $USER_NAME:$USER_NAME /codimd
# change running user name
USER $USER_NAME
# build project
WORKDIR /codimd
RUN set +x -ue && \
cliVer=$(cat package.json | grep sequelize-cli | awk '{print substr($1, 2, length($1) - 3)"@"substr($2, 2, length($2) - 3)}') && \
npm -g install "$cliVer" && \
yarn install --production --non-interactive --pure-lockfile && \
yarn cache clean
VOLUME /codimd/public/uploads
EXPOSE 3000 EXPOSE 3000
ENTRYPOINT ["/home/hackmd/app/docker-entrypoint.sh"]
ENTRYPOINT ["/codimd/docker-entrypoint.sh"]

5
deployments/build.sh Executable file
View File

@ -0,0 +1,5 @@
#!/usr/bin/env bash
CURRENT_DIR=$(dirname "$BASH_SOURCE")
docker build -t hackmdio/codimd -f "$CURRENT_DIR/Dockerfile" "$CURRENT_DIR/.."

View File

@ -1,7 +0,0 @@
FROM node:8.15.1-jessie
WORKDIR /codimd
EXPOSE 3000
VOLUME ['/codimd/node_modules']

View File

@ -1,25 +0,0 @@
version: '3'
services:
dev-database:
image: postgres:11.2
environment:
POSTGRES_USER: codimd
POSTGRES_PASSWORD: password
POSTGRES_DB: codimd
dev-codimd:
build:
dockerfile: ./deployments/dev-Dockerfile
context: ../
environment:
CMD_DB_URL: postgres://codimd:password@dev-database/codimd
volumes:
- ../:/codimd
- node_modules:/codimd/node_modules
- public_build:/codimd/public/build
- public_view_build:/codimd/public/views/build
ports:
- 3000:3000
volumes:
node_modules:
public_build:
public_view_build:

View File

@ -1,16 +1,28 @@
version: '3' version: "3"
services: services:
database: database:
image: postgres:11.2 image: postgres:11.5
environment: environment:
POSTGRES_USER: codimd - POSTGRES_USER=codimd
POSTGRES_PASSWORD: password - POSTGRES_PASSWORD=change_password
POSTGRES_DB: codimd - POSTGRES_DB=codimd
volumes:
- "database-data:/var/lib/postgresql/data"
restart: always
codimd: codimd:
build: build:
context: ..
dockerfile: ./deployments/Dockerfile dockerfile: ./deployments/Dockerfile
context: ../
environment: environment:
CMD_DB_URL: postgres://codimd:password@database/codimd - CMD_DB_URL=postgres://codimd:change_password@database/codimd
- CMD_USECDN=false
depends_on:
- database
ports: ports:
- 3000:3000 - "3000:3000"
volumes:
- upload-data:/home/hackmd/app/public/uploads
restart: always
volumes:
database-data: {}
upload-data: {}

View File

@ -1,9 +1,21 @@
#!/bin/bash #!/usr/bin/env bash
set -euo pipefail set -euo pipefail
if [[ "$#" -gt 0 ]]; then
exec "$@"
exit $?
fi
# check database and redis is ready
pcheck -constr "$CMD_DB_URL" pcheck -constr "$CMD_DB_URL"
sequelize db:migrate # run DB migrate
NEED_MIGRATE=${CMD_AUTO_MIGRATE:=true}
if [[ "$NEED_MIGRATE" = "true" ]] && [[ -f .sequelizerc ]] ; then
npx sequelize db:migrate
fi
# start application
node app.js node app.js

View File

@ -15,7 +15,7 @@
"license": "AGPL-3.0", "license": "AGPL-3.0",
"main": "app.js", "main": "app.js",
"scripts": { "scripts": {
"build": "webpack --config webpack.prod.js --progress --colors --bail", "build": "webpack --config webpack.prod.js --display errors-only -p",
"dev": "webpack --config webpack.dev.js --progress --colors --watch", "dev": "webpack --config webpack.dev.js --progress --colors --watch",
"doctoc": "doctoc --title='# Table of Contents' README.md", "doctoc": "doctoc --title='# Table of Contents' README.md",
"lint": "standard", "lint": "standard",
@ -128,6 +128,7 @@
"scrypt": "~6.0.3", "scrypt": "~6.0.3",
"select2": "~3.5.2-browserify", "select2": "~3.5.2-browserify",
"sequelize": "5.3.5", "sequelize": "5.3.5",
"sequelize-cli": "~5.4.0",
"shortid": "~2.2.14", "shortid": "~2.2.14",
"socket.io": "~2.2.0", "socket.io": "~2.2.0",
"socket.io-client": "~2.2.0", "socket.io-client": "~2.2.0",
@ -179,7 +180,6 @@
"optimize-css-assets-webpack-plugin": "~5.0.0", "optimize-css-assets-webpack-plugin": "~5.0.0",
"power-assert": "~1.6.1", "power-assert": "~1.6.1",
"script-loader": "~0.7.2", "script-loader": "~0.7.2",
"sequelize-cli": "~5.4.0",
"sinon": "~7.3.2", "sinon": "~7.3.2",
"standard": "~13.1.0", "standard": "~13.1.0",
"string-loader": "~0.0.1", "string-loader": "~0.0.1",

View File

@ -48,7 +48,7 @@
<div id="ui-toc-affix" class="ui-affix-toc ui-toc-dropdown unselectable hidden-print" data-spy="affix" style="top:17px;display:none;" {{{lang}}} {{{dir}}}> <div id="ui-toc-affix" class="ui-affix-toc ui-toc-dropdown unselectable hidden-print" data-spy="affix" style="top:17px;display:none;" {{{lang}}} {{{dir}}}>
{{{ui-toc-affix}}} {{{ui-toc-affix}}}
</div> </div>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js" integrity="sha256-hVVnYaiADRTO2PzUGmuLJr8BLUSjGIZsDYGmIJLv2b8=" crossorigin="anonymous"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js" integrity="sha256-CSXorXvZcTkaix6Yvo6HppcZGetbYMGWSFlBw8HfCJo=" crossorigin="anonymous"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.0/js/bootstrap.min.js" integrity="sha256-kJrlY+s09+QoWjpkOrXXwhxeaoDz9FW5SaxF8I0DibQ=" crossorigin="anonymous" defer></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.0/js/bootstrap.min.js" integrity="sha256-kJrlY+s09+QoWjpkOrXXwhxeaoDz9FW5SaxF8I0DibQ=" crossorigin="anonymous" defer></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/gist-embed/2.6.0/gist-embed.min.js" integrity="sha256-KyF2D6xPIJUW5sUDSs93vWyZm+1RzIpKCexxElmxl8g=" crossorigin="anonymous" defer></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/gist-embed/2.6.0/gist-embed.min.js" integrity="sha256-KyF2D6xPIJUW5sUDSs93vWyZm+1RzIpKCexxElmxl8g=" crossorigin="anonymous" defer></script>
<script> <script>

View File

@ -13,8 +13,8 @@
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.0/css/bootstrap.min.css" integrity="sha256-H0KfTigpUV+0/5tn2HXC0CPwhhDhWgSawJdnFd0CGCo=" crossorigin="anonymous" /> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.0/css/bootstrap.min.css" integrity="sha256-H0KfTigpUV+0/5tn2HXC0CPwhhDhWgSawJdnFd0CGCo=" crossorigin="anonymous" />
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/fork-awesome/1.1.7/css/fork-awesome.min.css" integrity="sha256-gsmEoJAws/Kd3CjuOQzLie5Q3yshhvmo7YNtBG7aaEY=" crossorigin="anonymous" /> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/fork-awesome/1.1.7/css/fork-awesome.min.css" integrity="sha256-gsmEoJAws/Kd3CjuOQzLie5Q3yshhvmo7YNtBG7aaEY=" crossorigin="anonymous" />
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap-social/4.9.0/bootstrap-social.min.css" integrity="sha256-02JtFTurpwBjQJ6q13iJe82/NF0RbZlJroDegK5g87Y=" crossorigin="anonymous" /> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap-social/4.9.0/bootstrap-social.min.css" integrity="sha256-02JtFTurpwBjQJ6q13iJe82/NF0RbZlJroDegK5g87Y=" crossorigin="anonymous" />
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.4/select2.min.css" integrity="sha256-ijlUKKj3hJCiiT2HWo1kqkI79NTEYpzOsw5Rs3k42dI=" crossorigin="anonymous" /> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.css" integrity="sha256-k5tPXFBQl+dOk8OmqCtptRa7bRYNRJuvs37bcqsmDB0=" crossorigin="anonymous" />
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.4/select2-bootstrap.min.css" integrity="sha256-NAWFcNIZdH+TS1xpWujF/EB/Y8gwBbEOCoaK/eqaer8=" crossorigin="anonymous" /> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2-bootstrap.min.css" integrity="sha256-HbewCP50syA/2d3zPv+/CdQ4ufX6bI2ntjD3MwsA0UE=" crossorigin="anonymous" />
<%- include ../build/cover-header %> <%- include ../build/cover-header %>
<%- include ../shared/polyfill %> <%- include ../shared/polyfill %>
<% } else { %> <% } else { %>