-
Notifications
You must be signed in to change notification settings - Fork 24
/
Dockerfile
151 lines (118 loc) · 5.31 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
# Marsha, a FUN LTI video provider
# ---- base image to inherit from ----
FROM python:3.12-slim-bookworm AS base
# ---- back-end builder image ----
FROM base AS back-builder
# We want the most up-to-date stable pip release
RUN pip install --upgrade pip
WORKDIR /builder
# Only copy the setup files for dependencies install
COPY src/backend/setup.* /builder/
# Install Install xmlsec1 dependencies required for xmlsec (for SAML)
# Needs to be kept before the `pip install`
RUN apt-get update && \
apt-get install -y \
pkg-config \
gcc \
libxml2-dev \
libxmlsec1-dev \
libxmlsec1-openssl && \
rm -rf /var/lib/apt/lists/*
RUN mkdir /install && \
pip install --prefix=/install .
# ---- front-end builder image ----
FROM node:20 AS front-builder
WORKDIR /app
# Make layers for node_modules which will be mostly cached
COPY ./src/frontend/package.json /app/package.json
COPY ./src/frontend/yarn.lock /app/yarn.lock
COPY ./src/frontend/apps/lti_site/package.json /app/apps/lti_site/package.json
COPY ./src/frontend/apps/standalone_site/package.json /app/apps/standalone_site/package.json
COPY ./src/frontend/packages/eslint-config-marsha/package.json /app/packages/eslint-config-marsha/package.json
COPY ./src/frontend/packages/marsha-config/package.json /app/packages/marsha-config/package.json
COPY ./src/frontend/packages/lib_classroom/package.json /app/packages/lib_classroom/package.json
COPY ./src/frontend/packages/lib_common/package.json /app/packages/lib_common/package.json
COPY ./src/frontend/packages/lib_components/package.json /app/packages/lib_components/package.json
COPY ./src/frontend/packages/lib_tests/package.json /app/packages/lib_tests/package.json
COPY ./src/frontend/packages/lib_video/package.json /app/packages/lib_video/package.json
COPY ./src/frontend/packages/lib_markdown/package.json /app/packages/lib_markdown/package.json
RUN yarn install --frozen-lockfile --network-timeout 1200000
COPY ./src/frontend /app/
COPY ./src/.prettierrc.js /app/
RUN yarn compile-translations && \
yarn workspace marsha run sass scss/_main.scss /app/marsha/static/css/main.css --style=compressed --load-path=../../node_modules && \
mkdir -p /app/marsha/static/css/fonts && cp node_modules/katex/dist/fonts/* /app/marsha/static/css/fonts && \
VITE_DIR_PROD=/app/marsha/static/js/build/site/ VITE_CDN_REPLACE_KEYWORD=/__static_base_url__/ yarn workspace standalone_site run build && \
yarn workspace marsha run build --mode=production --output-path /app/marsha/static/js/build/lti_site/
# ---- mails ----
FROM node:20 AS mail-builder
RUN mkdir -p /app/backend/marsha/core/templates/core/mail/html/ && \
mkdir -p /app/backend/marsha/core/templates/core/mail/text/ && \
mkdir -p /app/mail
COPY ./src/mail /app/mail
WORKDIR /app/mail
RUN yarn install --frozen-lockfile && \
yarn build-mails
# ---- static link collector ----
FROM base AS link-collector
ARG MARSHA_STATIC_ROOT=/data/static
# Install rdfind & libxmlsec1 (required to run django)
RUN apt-get update && \
apt-get install -y \
rdfind \
libxml2-dev \
libxmlsec1-dev \
libxmlsec1-openssl && \
rm -rf /var/lib/apt/lists/*
# Copy installed python dependencies
COPY --from=back-builder /install /usr/local
# Copy marsha backend application (see .dockerignore)
COPY ./src/backend /app/src/backend
# Copy front-end dependencies
COPY --from=front-builder /app/marsha/static /app/src/backend/marsha/static
COPY --from=mail-builder /app/backend/marsha/core/templates/core/mail /app/src/backend/marsha/core/templates/core/mail
WORKDIR /app/src/backend
# collecstatic
RUN DJANGO_CONFIGURATION=Build python manage.py collectstatic --noinput
# Replace duplicated file by a symlink to decrease the overall size of the
# final image
RUN rdfind -makesymlinks true -followsymlinks true -makeresultsfile false ${MARSHA_STATIC_ROOT}
# ---- final application image ----
FROM base
ARG MARSHA_STATIC_ROOT=/data/static
# Install gettext & latex + dvisvgm
# Also reinstall xmlsec1 dependency to provide .so required for runtime (SAML)
RUN apt-get update && \
apt-get install -y \
gettext \
texlive-latex-extra \
dvisvgm \
libxml2-dev \
libxmlsec1-dev \
libxmlsec1-openssl \
ffmpeg && \
rm -rf /var/lib/apt/lists/*
# Copy installed python dependencies
COPY --from=back-builder /install /usr/local
# Copy application
COPY --from=link-collector /app /app
# Copy statics
COPY --from=link-collector ${MARSHA_STATIC_ROOT} ${MARSHA_STATIC_ROOT}
# Gunicorn
RUN mkdir -p /usr/local/etc/gunicorn
COPY docker/files/usr/local/etc/gunicorn/marsha.py /usr/local/etc/gunicorn/marsha.py
COPY docker/files/usr/local/bin/entrypoint /usr/local/bin/entrypoint
# Give the "root" group the same permissions as the "root" user on /etc/passwd
# to allow a user belonging to the root group to add new users; typically the
# docker user (see entrypoint).
RUN chmod g=u /etc/passwd
WORKDIR /app/src/backend
# We wrap commands run in this container by the following entrypoint that
# creates a user on-the-fly with the container user ID (see USER) and root group
# ID.
ENTRYPOINT [ "entrypoint" ]
# The default command runs gunicorn WSGI server
CMD ["gunicorn", "-c", "/usr/local/etc/gunicorn/marsha.py", "marsha.asgi:application"]
# Un-privileged user running the application
ARG DOCKER_USER
USER ${DOCKER_USER}