forked from City-of-Helsinki/kerrokantasi
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Dockerfile
70 lines (49 loc) · 2.05 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
# Dockerfile for Kerrokantasi backend
# Attemps to provide for both local development and server usage
FROM python:3.7-buster as appbase
RUN useradd -ms /bin/bash -d /kerrokantasi kerrokantasi
WORKDIR /kerrokantasi
# Can be used to inquire about running app
# eg. by running `echo $APP_NAME`
ENV APP_NAME kerrokantasi
# This is server out by Django itself, but aided
# by whitenoise by adding cache headers and also delegating
# much of the work to WSGI-server
ENV STATIC_ROOT /srv/static
# For some reason python output buffering buffers much longer
# while in Docker. Maybe the buffer is larger?
ENV PYTHONUNBUFFERED True
# less & netcat-openbsd are there for in-container manual debugging
# kerrokantasi needs gdal
RUN apt-get update && apt-get install -y postgresql-client less netcat-openbsd gettext locales gdal-bin python-gdal python3-gdal
# we need the Finnish locale built
RUN sed -i 's/^# *\(fi_FI.UTF-8\)/\1/' /etc/locale.gen
RUN locale-gen
RUN pip install --no-cache-dir uwsgi
# Sentry CLI for sending events from non-Python processes to Sentry
# eg. https://docs.sentry.io/cli/send-event/#bash-hook
RUN curl -sL https://sentry.io/get-cli/ | bash
# Copy requirements files to image for preloading dependencies
# in their own layer
COPY requirements.txt ./
# deploy/requirements.txt must reference the base requirements
RUN pip install --no-cache-dir -r requirements.txt
COPY . .
# Statics are kept inside container image for serving using whitenoise
ENV DEBUG=True
RUN mkdir -p /srv/static && python manage.py collectstatic
# Keep media in its own directory outside home, in case home
# directory forms some sort of attack route
# Usually this would be some sort of volume
# RUN mkdir -p /srv/media && chown hauki:hauki /srv/media
ENTRYPOINT ["deploy/entrypoint.sh"]
# Both production and dev servers listen on port 8000
EXPOSE 8000
# Next, the development & testing extras
FROM appbase as development
RUN pip install --no-cache-dir -r requirements-dev.txt
USER kerrokantasi
# And the production image
FROM appbase as production
ENV DEBUG=False
USER kerrokantasi