Vervis/Dockerfile
Pere Lev d077203b2f
Initial Dockerfile
* I tested only `docker build`, next step is to make sure Vervis runs
  properly (committing already because just getting it to build was a
  long process)
* docker-compose.yml is coming next, as well as uploading the image to
  Codeberg container registry
2024-10-18 16:08:49 +03:00

125 lines
3.2 KiB
Docker

#############################################################################
## build
#############################################################################
FROM debian:bookworm AS builder
RUN apt-get -yq update && apt-get -yq install \
libpq-dev zlib1g-dev libssl-dev libpcre3-dev libgmp-dev \
darcs git \
postgresql libpq-dev \
locales locales-all \
build-essential \
ca-certificates \
curl \
liblapack-dev \
liblzma-dev \
libyaml-dev \
netbase \
openssh-client \
pkg-config
RUN curl --proto '=https' --tlsv1.2 -sSf https://get-ghcup.haskell.org -o /install-ghcup.sh && \
BOOTSTRAP_HASKELL_MINIMAL=1 sh /install-ghcup.sh && \
rm /install-ghcup.sh
RUN locale-gen en_US.UTF-8
ENV LANG=en_US.UTF-8
ENV LANGUAGE=en_US:en
ENV LC_ALL=en_US.UTF-8
ENV PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/root/.ghcup/bin
RUN ghcup install ghc 9.6.6
RUN ghcup install stack
RUN mkdir /build \
/build/.git \
/build/app \
/build/embed \
/build/hook-darcs \
/build/hook-git \
/build/migrations \
/build/src \
/build/static \
/build/templates \
/build/th
COPY stack.yaml vervis.cabal COPYING.AGPL3 /build/
COPY .git /build/.git
COPY app /build/app
COPY embed /build/embed
COPY hook-darcs /build/hook-darcs
COPY hook-git /build/hook-git
COPY migrations /build/migrations
COPY src /build/src
COPY static /build/static
COPY templates /build/templates
COPY th /build/th
WORKDIR /build
RUN mkdir /build/lib && \
darcs clone https://vervis.peers.community/repos/6r4Ao /build/lib/ssh
RUN stack build --flag vervis:-dev --only-dependencies
RUN ls -lh /build
RUN stack build --flag vervis:-dev
RUN mkdir -p /build/artifacts && \
cp `stack exec which vervis` /build/artifacts/ && \
cp `stack exec which vervis-post-receive` /build/artifacts/ && \
cp `stack exec which vervis-post-apply` /build/artifacts/
RUN ls -lh /build/artifacts
#############################################################################
## deployment
#############################################################################
FROM debian:bookworm
RUN apt-get -yq update && apt-get -yq install \
ca-certificates \
curl \
libgmp10 \
liblapack3 \
liblzma5 \
libpq5 \
libssl3 \
libyaml-0-2 \
netbase \
openssh-client \
zlib1g \
libpcre3 darcs git \
locales locales-all \
&& rm -rf /var/lib/apt/lists/*
RUN locale-gen en_US.UTF-8
ENV \
LANG=en_US.UTF-8 \
LANGUAGE=en_US:en \
LC_ALL=en_US.UTF-8 \
TZ=Etc/UTC
RUN groupadd vervis && useradd -l -g vervis -m -d /app vervis
WORKDIR /app
EXPOSE 3000
EXPOSE 5022
RUN mkdir /app/static /app/log
COPY --from=builder /build/artifacts/* /app/
RUN mkdir /app/state /app/state/repos /app/state/deliveries && \
chown vervis:vervis /app/state /app/static /app/log
COPY settings-default.yaml /app/state/settings.yml
RUN ssh-keygen -t rsa -m PEM -f /app/state/ssh-host-key
VOLUME /app/state
RUN ls /app
USER vervis
ENTRYPOINT /app/vervis