52 lines
1.7 KiB
Docker
Raw Normal View History

FROM ruby
2017-12-25 11:43:06 +01:00
MAINTAINER Disassembler <disassembler@dasm.cz>
2018-01-08 21:04:35 +01:00
RUN \
# Install NodeJS runtime
apk --no-cache add nodejs paxctl \
# Fix grsec attributes to loosen memory protection restrictions
&& paxctl -cm /usr/bin/node \
# Cleanup
&& apk --no-cache del paxctl
2018-01-08 21:04:35 +01:00
2017-12-25 11:43:06 +01:00
RUN \
# Install runtime dependencies
2018-01-08 21:04:35 +01:00
apk --no-cache add libpq libxml2 libxslt tzdata
ENV RAILS_ENV production
2018-01-08 21:04:35 +01:00
RUN \
2017-12-25 11:43:06 +01:00
# Install build dependencies
2018-01-08 21:04:35 +01:00
apk --no-cache add --virtual .deps build-base git libxml2-dev libxslt-dev linux-headers postgresql-dev yarn zlib-dev \
2017-12-25 11:43:06 +01:00
# Clone CrisisCleanup
&& git clone --depth 1 https://github.com/CrisisCleanup/crisiscleanup /srv/crisiscleanup \
# Hackfix ruby dependency versions
&& sed -i 's/2\.2\.5/2.3.6/' /srv/crisiscleanup/Gemfile \
&& sed -i 's/rdoc (4\.2\.0)/rdoc (4.3.0)/' /srv/crisiscleanup/Gemfile.lock \
# Install Ruby and NodeJS dependencies
&& cd /srv/crisiscleanup \
&& bundle config build.nokogiri --use-system-libraries \
&& bundle install \
&& npm install \
&& yarn \
# Create CrisisCleanup secret
&& echo -e "production:\n secret_key_base: $(rake secret)" >/srv/crisiscleanup/config/secrets.yml \
# Generate static resources
&& rake assets:precompile \
# Create OS user
&& addgroup -S -g 8005 crisiscleanup \
&& adduser -S -u 8005 -h /srv/crisiscleanup -s /bin/false -g crisiscleanup -G crisiscleanup crisiscleanup \
&& chown -R crisiscleanup:crisiscleanup /srv/crisiscleanup \
# Cleanup
&& apk --no-cache del .deps \
&& find /srv/crisiscleanup -name '.git*' -exec rm -rf {} + \
2017-12-25 11:43:06 +01:00
&& rm -rf /usr/local/share/.cache \
&& rm -rf /root/.bundle /root/.config /root/.npm
2017-12-25 11:43:06 +01:00
VOLUME ["/srv/crisiscleanup/config"]
EXPOSE 8005
USER crisiscleanup
WORKDIR /srv/crisiscleanup
CMD ["rails", "server"]