X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=image%2Fbase%2FDockerfile;h=ba51a214ca5a3a3b13c865faf7f3be7959eea358;hb=c87937dc40abe2791a128b4463a6a5ceba181be4;hp=6158e837a3a93bec2d91c9b50f8acd1e266c96f3;hpb=e1635b2559d84c1ebededddc6c0e6b5555457335;p=discourse_docker.git diff --git a/image/base/Dockerfile b/image/base/Dockerfile index 6158e83..ba51a21 100644 --- a/image/base/Dockerfile +++ b/image/base/Dockerfile @@ -1,80 +1,92 @@ # NAME: discourse/base -# VERSION: 1.3.7 -FROM ubuntu:16.04 +# VERSION: release +FROM debian:buster-slim -ENV PG_MAJOR 9.5 -ENV PG_VERSION 9.5.4-1.pgdg16.04+2 +ENV PG_MAJOR 10 +ENV RUBY_ALLOCATOR /usr/lib/libjemalloc.so.1 +ENV RAILS_ENV production -MAINTAINER Sam Saffron "https://twitter.com/samsaffron" +#LABEL maintainer="Sam Saffron \"https://twitter.com/samsaffron\"" -ADD VERSION /VERSION +RUN echo 2.0.`date +%Y%m%d` > /VERSION -RUN apt-get update && apt-get install -y lsb-release sudo curl +RUN apt update && apt install -y gnupg sudo curl RUN echo "debconf debconf/frontend select Teletype" | debconf-set-selections -RUN echo "deb http://archive.ubuntu.com/ubuntu $(lsb_release -sc) main restricted universe" > /etc/apt/sources.list -RUN echo "deb http://archive.ubuntu.com/ubuntu $(lsb_release -sc)-updates main restricted universe" >> /etc/apt/sources.list -RUN echo "deb http://archive.ubuntu.com/ubuntu $(lsb_release -sc)-security main restricted universe" >> /etc/apt/sources.list -RUN apt-get update && apt-get -y install fping -RUN sh -c "fping proxy && echo 'Acquire { Retries \"0\"; HTTP { Proxy \"http://proxy:3128\";}; };' > /etc/apt/apt.conf.d/40proxy && apt-get update || true" -RUN apt-get -y install software-properties-common +RUN apt update && apt -y install fping +RUN sh -c "fping proxy && echo 'Acquire { Retries \"0\"; HTTP { Proxy \"http://proxy:3128\";}; };' > /etc/apt/apt.conf.d/40proxy && apt update || true" +RUN apt -y install software-properties-common RUN apt-mark hold initscripts -RUN apt-get -y upgrade -RUN curl http://apt.postgresql.org/pub/repos/apt/ACCC4CF8.asc | apt-key add - -RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -sc)-pgdg main" | \ +RUN apt -y upgrade + +RUN apt install -y locales locales-all +ENV LC_ALL en_US.UTF-8 +ENV LANG en_US.UTF-8 +ENV LANGUAGE en_US.UTF-8 + +RUN curl https://apt.postgresql.org/pub/repos/apt/ACCC4CF8.asc | apt-key add - +RUN echo "deb http://apt.postgresql.org/pub/repos/apt/ buster-pgdg main" | \ tee /etc/apt/sources.list.d/postgres.list -RUN curl --silent --location https://deb.nodesource.com/setup_4.x | sudo bash - -RUN apt-get -y update -RUN apt-get -y install build-essential git wget \ +RUN curl --silent --location https://deb.nodesource.com/setup_10.x | sudo bash - +RUN apt -y update +RUN apt -y install build-essential git wget rsync \ libxslt-dev libcurl4-openssl-dev \ libssl-dev libyaml-dev libtool \ libxml2-dev gawk parallel \ - postgresql-${PG_MAJOR}=${PG_VERSION} postgresql-client-${PG_MAJOR}=${PG_VERSION} \ - postgresql-contrib-${PG_MAJOR}=${PG_VERSION} libpq-dev libreadline-dev \ - language-pack-en cron anacron \ - psmisc rsyslog vim whois brotli + postgresql-${PG_MAJOR} postgresql-client-${PG_MAJOR} \ + postgresql-contrib-${PG_MAJOR} libpq-dev libreadline-dev \ + cron anacron \ + psmisc rsyslog vim whois brotli libunwind-dev \ + libtcmalloc-minimal4 RUN sed -i -e 's/start -q anacron/anacron -s/' /etc/cron.d/anacron RUN sed -i.bak 's/$ModLoad imklog/#$ModLoad imklog/' /etc/rsyslog.conf RUN dpkg-divert --local --rename --add /sbin/initctl RUN sh -c "test -f /sbin/initctl || ln -s /bin/true /sbin/initctl" -RUN apt-get -y install redis-server haproxy openssh-server +RUN apt -y install openssh-server RUN cd / &&\ - apt-get -y install runit monit socat &&\ + apt -y install runit socat &&\ mkdir -p /etc/runit/1.d &&\ - apt-get clean &&\ + apt clean &&\ rm -f /etc/apt/apt.conf.d/40proxy &&\ locale-gen en_US &&\ - apt-get install -y nodejs &&\ - npm install uglify-js -g &&\ - npm install svgo -g + apt install -y nodejs &&\ + npm install -g uglify-js &&\ + npm install -g svgo ADD install-nginx /tmp/install-nginx RUN /tmp/install-nginx -RUN apt-get -y install advancecomp jhead jpegoptim libjpeg-turbo-progs optipng +RUN apt -y install advancecomp jhead jpegoptim libjpeg-turbo-progs optipng +RUN mkdir /jemalloc-stable && cd /jemalloc-stable &&\ + wget https://github.com/jemalloc/jemalloc/releases/download/3.6.0/jemalloc-3.6.0.tar.bz2 &&\ + tar -xjf jemalloc-3.6.0.tar.bz2 && cd jemalloc-3.6.0 && ./configure --prefix=/usr && make && make install &&\ + cd / && rm -rf /jemalloc-stable -# consider upgrading this -RUN mkdir /jemalloc && cd /jemalloc &&\ - wget http://www.canonware.com/download/jemalloc/jemalloc-3.6.0.tar.bz2 &&\ - tar -xjf jemalloc-3.6.0.tar.bz2 && cd jemalloc-3.6.0 && ./configure && make &&\ - mv lib/libjemalloc.so.1 /usr/lib && cd / && rm -rf /jemalloc +RUN mkdir /jemalloc-new && cd /jemalloc-new &&\ + wget https://github.com/jemalloc/jemalloc/releases/download/5.2.0/jemalloc-5.2.0.tar.bz2 &&\ + tar -xjf jemalloc-5.2.0.tar.bz2 && cd jemalloc-5.2.0 && ./configure --prefix=/usr --with-install-suffix=5.1.0 && make build_lib && make install_lib &&\ + cd / && rm -rf /jemalloc-new RUN echo 'gem: --no-document' >> /usr/local/etc/gemrc &&\ mkdir /src && cd /src && git clone https://github.com/sstephenson/ruby-build.git &&\ cd /src/ruby-build && ./install.sh &&\ - cd / && rm -rf /src/ruby-build && ruby-build 2.3.1 /usr/local + cd / && rm -rf /src/ruby-build && (ruby-build 2.6.5 /usr/local) + +RUN gem update --system -RUN gem install bundler &&\ - rm -rf /usr/local/share/ri/2.3.0/system &&\ - cd / && git clone https://github.com/SamSaffron/pups.git +RUN gem install bundler --force &&\ + rm -rf /usr/local/share/ri/2.6.5/system &&\ + cd / && git clone https://github.com/discourse/pups.git + +ADD install-redis /tmp/install-redis +RUN /tmp/install-redis ADD install-imagemagick /tmp/install-imagemagick RUN /tmp/install-imagemagick # Validate install -RUN ruby -e "v='`convert -version`'; ['png','tiff','jpeg','freetype'].each{ |f| ((STDERR.puts('no ' + f + ' support in imagemagick')); exit(-1)) unless v.include?(f)}" +RUN ruby -Eutf-8 -e "v = \`convert -version\`; %w{png tiff jpeg freetype}.each { |f| unless v.include?(f); STDERR.puts('no ' + f + ' support in imagemagick'); exit(-1); end }" -# ADD install-pngcrush /tmp/install-pngcrush RUN /tmp/install-pngcrush @@ -84,11 +96,11 @@ RUN /tmp/install-gifsicle ADD install-pngquant /tmp/install-pngquant RUN /tmp/install-pngquant -ADD phantomjs /usr/local/bin/phantomjs - -# Not using the official repo until they compile against a recent openssl -# RUN cd tmp && wget https://bitbucket.org/ariya/phantomjs/downloads/phantomjs-2.1.1-linux-x86_64.tar.bz2 -# RUN cd tmp && tar jxf phantomjs-2.1.1-linux-x86_64.tar.bz2 && mv /tmp/phantomjs-2.1.1-linux-x86_64/bin/phantomjs /usr/local/bin +# This tool allows us to disable huge page support for our current process +# since the flag is preserved through forks and execs it can be used on any +# process +ADD thpoff.c /src/thpoff.c +RUN gcc -o /usr/local/sbin/thpoff /src/thpoff.c && rm /src/thpoff.c # clean up for docker squash RUN rm -fr /usr/share/man &&\ @@ -120,3 +132,16 @@ ADD boot /sbin/boot ADD cron /etc/service/cron/run ADD rsyslog /etc/service/rsyslog/run ADD cron.d_anacron /etc/cron.d/anacron + +# Discourse specific bits +RUN useradd discourse -s /bin/bash -m -U &&\ + mkdir -p /var/www &&\ + cd /var/www &&\ + git clone https://github.com/discourse/discourse.git &&\ + cd discourse &&\ + git remote set-branches --add origin tests-passed &&\ + chown -R discourse:discourse /var/www/discourse &&\ + cd /var/www/discourse &&\ + sudo -u discourse bundle install --deployment --jobs 4 --without test development &&\ + bundle exec rake maxminddb:get &&\ + find /var/www/discourse/vendor/bundle -name tmp -type d -exec rm -rf {} +