forge/Vervis
1
0
Fork 0
Code Pull requests Activity

Initial Dockerfile

Browse source 
* I tested only `docker build`, next step is to make sure Vervis runs
  properly (committing already because just getting it to build was a
  long process)
* docker-compose.yml is coming next, as well as uploading the image to
  Codeberg container registry
This commit is contained in:
Pere Lev 2024-10-18 16:08:49 +03:00
parent 0e2ab56219
commit d077203b2f
No known key found for this signature in database
GPG key ID: 5252C5C863E5E57D
4 changed files with 139 additions and 73 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

125
Dockerfile Normal file
View file

@ -0,0 +1,125 @@
#############################################################################
## build
#############################################################################
FROM debian:bookworm AS builder
RUN apt-get -yq update && apt-get -yq install \
libpq-dev zlib1g-dev libssl-dev libpcre3-dev libgmp-dev \
darcs git \
postgresql libpq-dev \
locales locales-all \
build-essential \
ca-certificates \
curl \
liblapack-dev \
liblzma-dev \
libyaml-dev \
netbase \
openssh-client \
pkg-config
RUN curl --proto '=https' --tlsv1.2 -sSf https://get-ghcup.haskell.org -o /install-ghcup.sh && \
BOOTSTRAP_HASKELL_MINIMAL=1 sh /install-ghcup.sh && \
rm /install-ghcup.sh
RUN locale-gen en_US.UTF-8
ENV LANG=en_US.UTF-8
ENV LANGUAGE=en_US:en
ENV LC_ALL=en_US.UTF-8
ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/root/.ghcup/bin
RUN ghcup install ghc 9.6.6
RUN ghcup install stack
RUN mkdir /build \
/build/.git \
/build/app \
/build/embed \
/build/hook-darcs \
/build/hook-git \
/build/migrations \
/build/src \
/build/static \
/build/templates \
/build/th
COPY stack.yaml vervis.cabal COPYING.AGPL3 /build/
COPY .git /build/.git
COPY app /build/app
COPY embed /build/embed
COPY hook-darcs /build/hook-darcs
COPY hook-git /build/hook-git
COPY migrations /build/migrations
COPY src /build/src
COPY static /build/static
COPY templates /build/templates
COPY th /build/th
WORKDIR /build
RUN mkdir /build/lib && \
darcs clone https://vervis.peers.community/repos/6r4Ao /build/lib/ssh
RUN stack build --flag vervis:-dev --only-dependencies
RUN ls -lh /build
RUN stack build --flag vervis:-dev
RUN mkdir -p /build/artifacts && \
cp `stack exec which vervis` /build/artifacts/ && \
cp `stack exec which vervis-post-receive` /build/artifacts/ && \
cp `stack exec which vervis-post-apply` /build/artifacts/
RUN ls -lh /build/artifacts
#############################################################################
## deployment
#############################################################################
FROM debian:bookworm
RUN apt-get -yq update && apt-get -yq install \
ca-certificates \
curl \
libgmp10 \
liblapack3 \
liblzma5 \
libpq5 \
libssl3 \
libyaml-0-2 \
netbase \
openssh-client \
zlib1g \
libpcre3 darcs git \
locales locales-all \
&& rm -rf /var/lib/apt/lists/*
RUN locale-gen en_US.UTF-8
ENV \
LANG=en_US.UTF-8 \
LANGUAGE=en_US:en \
LC_ALL=en_US.UTF-8 \
TZ=Etc/UTC
RUN groupadd vervis && useradd -l -g vervis -m -d /app vervis
WORKDIR /app
EXPOSE 3000
EXPOSE 5022
RUN mkdir /app/static /app/log
COPY --from=builder /build/artifacts/* /app/
RUN mkdir /app/state /app/state/repos /app/state/deliveries && \
chown vervis:vervis /app/state /app/static /app/log
COPY settings-default.yaml /app/state/settings.yml
RUN ssh-keygen -t rsa -m PEM -f /app/state/ssh-host-key
VOLUME /app/state
RUN ls /app
USER vervis
ENTRYPOINT /app/vervis

5
INSTALL.md
View file

@ -15,6 +15,9 @@ hopefully I'll make a nicer binary release soon :)
2022 UPDATE: The binary release is unavailable right now. But a docker image is 2022 UPDATE: The binary release is unavailable right now. But a docker image is
being prepared. More news soon. being prepared. More news soon.
2024 UPDATE: For production hosting and deployment with Docker, use the
`Dockerfile` and `docker-compose.yml` files in this repo's root directory.
# (1) System libraries # (1) System libraries
Install dependency library development packages. It's very likely you already Install dependency library development packages. It's very likely you already
@ -160,7 +163,7 @@ generating the rest, run this:
Run. Run.
$ stack run $ stack run -- state/settings.yml
By default, Vervis is configured with User Registration disabled. This is to By default, Vervis is configured with User Registration disabled. This is to
prevent any automatic spambot registration for bots that may be monitoring the prevent any automatic spambot registration for bots that may be monitoring the

57
bindist.sh
View file

@ -1,57 +0,0 @@
#!/bin/bash
set -e
set -x
key='6FEEC2227323EF85A49D54875252C5C863E5E57D'
bindir='bin'
distdir='package'
if [ "$1" == 'fed' ]; then
mode='fed'
elif [ "$1" == 'dev' ]; then
mode='dev'
else
echo "Please specify mode, either 'fed' or 'dev'"
fi
version=`darcs log --last 1 \
| head --lines 1 \
| cut --delimiter " " --fields 2 \
| head --bytes 10`
out="${distdir}/vervis-${mode}-${version}.tar.xz"
outsum="${out}.sha256sum"
touch 'src/Vervis/Widget.hs'
if [ "$mode" == 'fed' ]; then
stack build --flag vervis:-dev
else
stack build --flag vervis:dev
fi
mkdir -p "$distdir"
mkdir -p "$bindir"
cp `stack exec which vervis` "$bindir/"
cp `stack exec which vervis-post-apply` "$bindir/"
cp `stack exec which vervis-post-receive` "$bindir/"
tar --create --file - \
'COPYING' \
'COPYING.AGPL3' \
'COPYING.CC0' \
'INSTALL.md' \
'README.md' \
'config/' \
'data/' \
'static/' \
"$bindir/" \
| xz --compress > "$out"
sha256sum "$out" > "$outsum"
gpg --detach-sign --armor --local-user "$key" "$outsum"
echo "Success"

25
src/Vervis/Application.hs
View file

@ -75,6 +75,7 @@ import Network.Wai.Middleware.RequestLogger (Destination (Logger),
import System.Directory import System.Directory
import System.FilePath import System.FilePath
import System.Log.FastLogger import System.Log.FastLogger
import System.Environment
import Yesod.Auth import Yesod.Auth
import Yesod.Core import Yesod.Core
import Yesod.Core.Dispatch import Yesod.Core.Dispatch
@ -165,9 +166,6 @@ moveFileIfExists from to = do
exists <- doesFileExist from exists <- doesFileExist from
when exists $ renameFile from to when exists $ renameFile from to
settingsYml :: FilePath
settingsYml = "state/settings.yml"
-- This line actually creates our YesodDispatch instance. It is the second half -- This line actually creates our YesodDispatch instance. It is the second half
-- of the call to mkYesodData which occurs in Foundation.hs. Please see the -- of the call to mkYesodData which occurs in Foundation.hs. Please see the
-- comments there for more details. -- comments there for more details.
@ -464,7 +462,14 @@ getApplicationDev = do
return (wsettings, app) return (wsettings, app)
getAppSettings :: IO AppSettings getAppSettings :: IO AppSettings
getAppSettings = loadYamlSettings [settingsYml] [] useEnv getAppSettings = do
path <- do
as <- getArgs
case as of
[] -> pure "state/settings.yml"
[p] -> pure p
_ -> throwIO $ userError "Expected 1 argument, the settings filename"
loadYamlSettings [path] [] useEnv
-- | main function for use by yesod devel -- | main function for use by yesod devel
develMain :: IO () develMain :: IO ()
@ -559,17 +564,7 @@ appMain = do
moveFileIfExists "config/settings.yml" "state/settings.yml" moveFileIfExists "config/settings.yml" "state/settings.yml"
-- Get the settings from all relevant sources -- Get the settings from all relevant sources
settings <- loadYamlSettings settings <- getAppSettings
-- Read settings from the settings file
[settingsYml]
-- Fall back to compile-time values, set to [] to require values at
-- runtime
--[configSettingsYmlValue]
[]
-- Allow environment variables to override
useEnv
-- Generate the foundation from the settings -- Generate the foundation from the settings
foundation <- makeFoundation settings foundation <- makeFoundation settings