forked from openfoodfacts/openfoodfacts-server
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
221 lines (207 loc) · 6.8 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
# syntax=docker/dockerfile:1.2
# Base user uid / gid keep 1000 on prod, align with your user on dev
ARG USER_UID=1000
ARG USER_GID=1000
ARG CPANMOPTS=
######################
# Base modperl image stage
######################
FROM bitnami/minideb:buster AS modperl
# Install cpm to install cpanfile dependencies
RUN --mount=type=cache,id=apt-cache,target=/var/cache/apt set -x && \
install_packages \
apache2 \
apt-utils \
cpanminus \
g++ \
gcc \
less \
libapache2-mod-perl2 \
# libexpat1-dev \
make \
gettext \
wget \
imagemagick \
graphviz \
tesseract-ocr \
# perlmagick \
#
# Packages from ./cpanfile:
# If cpanfile specifies a newer version than apt has, cpanm will install the newer version.
#
libtie-ixhash-perl \
libwww-perl \
libimage-magick-perl \
libxml-encoding-perl \
libtext-unaccent-perl \
libmime-lite-perl \
libcache-memcached-fast-perl \
libjson-pp-perl \
libclone-perl \
libcrypt-passwdmd5-perl \
libencode-detect-perl \
libgraphics-color-perl \
libbarcode-zbar-perl \
libxml-feedpp-perl \
liburi-find-perl \
libxml-simple-perl \
libexperimental-perl \
libapache2-request-perl \
libdigest-md5-perl \
libtime-local-perl \
libdbd-pg-perl \
libtemplate-perl \
liburi-escape-xs-perl \
# NB: not available in ubuntu 1804 LTS:
libmath-random-secure-perl \
libfile-copy-recursive-perl \
libemail-stuffer-perl \
liblist-moreutils-perl \
libexcel-writer-xlsx-perl \
libpod-simple-perl \
liblog-any-perl \
liblog-log4perl-perl \
liblog-any-adapter-log4perl-perl \
# NB: not available in ubuntu 1804 LTS:
libgeoip2-perl \
libemail-valid-perl \
#
# cpan dependencies that can be satisfied by apt even if the package itself can't:
#
# Action::Retry
libmath-fibonacci-perl \
# Algorithm::CheckDigits
libprobe-perl-perl \
# CLDR::Number
libmath-round-perl \
libsoftware-license-perl \
libtest-differences-perl \
libtest-exception-perl \
# Data::Dumper::AutoEncode
# NB: not available in ubuntu 1804 LTS:
libmodule-build-pluggable-perl \
libclass-accessor-lite-perl \
# DateTime
libclass-singleton-perl \
# DateTime::Locale
libfile-sharedir-install-perl \
# Encode::Punycode
libnet-idn-encode-perl \
libtest-nowarnings-perl \
# File::chmod::Recursive
libfile-chmod-perl \
# GeoIP2
libdata-dumper-concise-perl \
libdata-printer-perl \
libdata-validate-ip-perl \
libio-compress-perl \
libjson-maybexs-perl \
liblist-allutils-perl \
liblist-someutils-perl \
# GraphViz2
libdata-section-simple-perl \
libfile-which-perl \
libipc-run3-perl \
liblog-handler-perl \
libtest-deep-perl \
libwant-perl \
# Image::OCR::Tesseract
libfile-find-rule-perl \
liblinux-usermod-perl \
# Locale::Maketext::Lexicon::Getcontext
liblocale-maketext-lexicon-perl \
# Log::Any::Adapter::TAP
liblog-any-adapter-tap-perl \
# Math::Random::Secure
libcrypt-random-source-perl \
libmath-random-isaac-perl \
libtest-sharedfork-perl \
libtest-warn-perl \
# Mojo::Pg
libsql-abstract-perl \
# MongoDB
libauthen-sasl-saslprep-perl \
libauthen-scram-perl \
libbson-perl \
libclass-xsaccessor-perl \
libconfig-autoconf-perl \
libdigest-hmac-perl \
libpath-tiny-perl \
libsafe-isa-perl \
# Spreadsheet::CSV
libspreadsheet-parseexcel-perl \
# Test::Number::Delta
libtest-number-delta-perl \
libdevel-size-perl \
gnumeric \
incron \
# for dev
# gnu readline
libreadline-dev \
# IO::AIO needed by Perl::LanguageServer
libperl-dev
# Run www-data user as host user 'off' or developper uid
ARG USER_UID
ARG USER_GID
RUN usermod --uid $USER_UID www-data && \
groupmod --gid $USER_GID www-data
######################
# Stage for installing/compiling cpanfile dependencies
######################
FROM modperl AS builder
ARG CPANMOPTS
WORKDIR /tmp
# Install Product Opener from the workdir.
COPY ./cpanfile /tmp/cpanfile
# Add ProductOpener runtime dependencies from cpan
RUN --mount=type=cache,id=cpanm-cache,target=/root/.cpanm cpanm $CPANMOPTS --notest --quiet --skip-satisfied --local-lib /tmp/local/ --installdeps .
######################
# backend production image stage
######################
FROM modperl AS runnable
# Prepare Apache to include our custom config
RUN rm /etc/apache2/sites-enabled/000-default.conf
# Copy Perl libraries from the builder image
COPY --from=builder /tmp/local/ /opt/perl/local/
ENV PERL5LIB="/opt/product-opener/lib/:/opt/perl/local/lib/perl5/"
ENV PATH="/opt/perl/local/bin:${PATH}"
# Set up apache2 to use npm prefork
RUN \
a2dismod mpm_event && \
a2enmod mpm_prefork
# Create writable dirs and change ownership to www-data
RUN \
mkdir -p var/run/apache2/ && \
chown www-data:www-data var/run/apache2/ && \
for path in data html_data users products product_images orgs new_images logs tmp; do \
mkdir -p /mnt/podata/${path}; \
done && \
chown www-data:www-data -R /mnt/podata && \
# Create symlinks of data files that are indeed conf data in /mnt/podata (because we currently mix data and conf data)
for path in ecoscore emb_codes forest-footprint ingredients packager-codes po taxonomies templates; do \
ln -sf /opt/product-opener/${path} /mnt/podata/${path}; \
done && \
# Create some necessary files to ensure permissions in volumes
mkdir -p /opt/product-opener/html/data/ && \
mkdir -p /opt/product-opener/html/images/ && \
chown www-data:www-data -R /opt/product-opener/html/ && \
# logs dir
mkdir -p /var/log/apache2/ && \
chown www-data:www-data -R /var/log
# Install Product Opener from the workdir
COPY --chown=www-data:www-data . /opt/product-opener/
RUN \
# www-data user shall be able to use incron
echo www-data >> /etc/incron.allow && \
incrontab -u www-data /opt/product-opener/conf/incron.conf
EXPOSE 80
COPY ./docker/docker-entrypoint.sh /
WORKDIR /opt/product-opener/
USER www-data
ENTRYPOINT [ "/docker-entrypoint.sh" ]
# default command is apache2ctl start
CMD ["apache2ctl", "-D", "FOREGROUND"]
######################
# Prod image is default
######################
FROM runnable as prod