forked from enviPath/enviPy
[Feature] Dockerized Setup (#366)
Co-authored-by: Tim Lorsbach <tim@lorsba.ch> Reviewed-on: enviPath/enviPy#366
This commit is contained in:
95
Dockerfile
Normal file
95
Dockerfile
Normal file
@ -0,0 +1,95 @@
|
||||
FROM python:3.12-slim AS builder
|
||||
|
||||
ENV PYTHONDONTWRITEBYTECODE=1 \
|
||||
PYTHONUNBUFFERED=1 \
|
||||
UV_LINK_MODE=copy
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
build-essential \
|
||||
libpq-dev \
|
||||
curl \
|
||||
openssh-client \
|
||||
git \
|
||||
nodejs \
|
||||
npm \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# Install pnpm
|
||||
RUN npm install -g pnpm
|
||||
|
||||
RUN curl -LsSf https://astral.sh/uv/install.sh | sh
|
||||
ENV PATH="/root/.local/bin:${PATH}"
|
||||
|
||||
# Install dependencies first (cached layer — only invalidated when lockfile changes)
|
||||
COPY pyproject.toml uv.lock ./
|
||||
|
||||
# Add key from git.envipath.com to known_hosts
|
||||
RUN mkdir -p -m 0700 /root/.ssh \
|
||||
&& ssh-keyscan git.envipath.com >> /root/.ssh/known_hosts
|
||||
|
||||
# We'll need access to private repos, let docker make use of host ssh agent and use it like:
|
||||
# docker build --ssh default -t envipath/envipy:1.0 .
|
||||
RUN --mount=type=ssh \
|
||||
uv sync --locked --extra ms-login --extra pepper-plugin
|
||||
|
||||
# Now copy source and do a final sync to install the project itself
|
||||
# Ensure .dockerignore is reasonable
|
||||
COPY bridge bridge
|
||||
COPY envipath envipath
|
||||
COPY epapi epapi
|
||||
COPY epauth epauth
|
||||
COPY epdb epdb
|
||||
COPY fixtures fixtures
|
||||
COPY migration migration
|
||||
COPY pepper pepper
|
||||
COPY scripts scripts
|
||||
COPY static static
|
||||
COPY templates templates
|
||||
COPY tests tests
|
||||
COPY utilities utilities
|
||||
COPY manage.py .
|
||||
|
||||
# Install frontend deps
|
||||
COPY package.json pnpm-lock.yaml pnpm-workspace.yaml ./
|
||||
|
||||
# Build frontend assets
|
||||
RUN uv run python scripts/pnpm_wrapper.py install
|
||||
RUN uv run python scripts/pnpm_wrapper.py run build
|
||||
|
||||
FROM python:3.12-slim AS production
|
||||
|
||||
ENV PYTHONDONTWRITEBYTECODE=1 \
|
||||
PYTHONUNBUFFERED=1 \
|
||||
PATH="/app/.venv/bin:$PATH"
|
||||
|
||||
WORKDIR /app
|
||||
|
||||
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
libpq5 \
|
||||
libxrender1 \
|
||||
libxext6 \
|
||||
libfontconfig1 \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
RUN useradd -ms /bin/bash django
|
||||
|
||||
# Create directories in /opt and set ownership
|
||||
RUN mkdir -p /opt/enviPy \
|
||||
&& mkdir -p /opt/enviPy/celery \
|
||||
&& mkdir -p /opt/enviPy/log \
|
||||
&& mkdir -p /opt/enviPy/models \
|
||||
&& mkdir -p /opt/enviPy/plugins \
|
||||
&& mkdir -p /opt/enviPy/static \
|
||||
&& chown -R django:django /opt/enviPy
|
||||
|
||||
COPY --from=builder --chown=django:django /app /app
|
||||
|
||||
RUN touch /app/.env && chown -R django:django /app/.env
|
||||
|
||||
USER django
|
||||
|
||||
EXPOSE 8000
|
||||
|
||||
CMD ["gunicorn", "envipath.wsgi:application", "--bind", "0.0.0.0:8000", "--workers", "3"]
|
||||
Reference in New Issue
Block a user