52 lines
1.6 KiB
Docker
52 lines
1.6 KiB
Docker
FROM ruby
|
|
MAINTAINER Disassembler <disassembler@dasm.cz>
|
|
|
|
RUN \
|
|
# Install NodeJS runtime
|
|
apk --no-cache add nodejs paxctl \
|
|
# Fix grsec attributes to loosen memory protection restrictions
|
|
&& paxctl -cm /usr/bin/node \
|
|
# Cleanup
|
|
&& apk --no-cache del paxctl
|
|
|
|
RUN \
|
|
# Install runtime dependencies
|
|
apk --no-cache add libpq libxml2 libxslt tzdata
|
|
|
|
ENV RAILS_ENV production
|
|
|
|
RUN \
|
|
# Install build dependencies
|
|
apk --no-cache add --virtual .deps build-base git libxml2-dev libxslt-dev linux-headers postgresql-dev yarn zlib-dev \
|
|
# Clone CrisisCleanup
|
|
&& git clone --depth 1 https://github.com/CrisisCleanup/crisiscleanup /srv/ccleanup \
|
|
# Hackfix ruby dependency versions
|
|
&& sed -i 's/2\.2\.5/2.3.6/' /srv/ccleanup/Gemfile \
|
|
&& sed -i 's/rdoc (4\.2\.0)/rdoc (4.3.0)/' /srv/ccleanup/Gemfile.lock \
|
|
# Install Ruby and NodeJS dependencies
|
|
&& cd /srv/ccleanup \
|
|
&& bundle config build.nokogiri --use-system-libraries \
|
|
&& bundle install \
|
|
&& npm install \
|
|
&& yarn \
|
|
# Create CrisisCleanup secret
|
|
&& echo -e "production:\n secret_key_base: $(rake secret)" >/srv/ccleanup/config/secrets.yml \
|
|
# Generate static resources
|
|
&& rake assets:precompile \
|
|
# Create OS user
|
|
&& addgroup -S -g 8005 ccleanup \
|
|
&& adduser -S -u 8005 -h /srv/ccleanup -s /bin/false -g ccleanup -G ccleanup ccleanup \
|
|
&& chown -R ccleanup:ccleanup /srv/ccleanup \
|
|
# Cleanup
|
|
&& apk --no-cache del .deps \
|
|
&& find /srv/ccleanup -name '.git*' -exec rm -rf {} + \
|
|
&& rm -rf /usr/local/share/.cache \
|
|
&& rm -rf /root/.bundle /root/.config /root/.npm
|
|
|
|
VOLUME ["/srv/ccleanup/config"]
|
|
EXPOSE 8080
|
|
|
|
USER ccleanup
|
|
WORKDIR /srv/ccleanup
|
|
CMD ["rails", "server"]
|