197 lines
5.6 KiB
Docker
197 lines
5.6 KiB
Docker
FROM node:20-alpine3.19 AS pdfviewer-dev
|
|
|
|
# Add custom CA certificates
|
|
ARG CA_CERTIFICATES=""
|
|
RUN mkdir -p /usr/local/share/ca-certificates/ && \
|
|
echo "${CA_CERTIFICATES}" | tee -a /usr/local/share/ca-certificates/custom-user-cert.crt /etc/ssl/certs/ca-certificates.crt && \
|
|
apk add --no-cache ca-certificates && \
|
|
update-ca-certificates
|
|
|
|
# Install dependencies
|
|
WORKDIR /app/packages/pdfviewer/
|
|
COPY packages/pdfviewer/package.json packages/pdfviewer/package-lock.json /app/packages/pdfviewer//
|
|
RUN npm install
|
|
|
|
FROM pdfviewer-dev AS pdfviewer
|
|
# Build JS bundle
|
|
COPY packages/pdfviewer /app/packages/pdfviewer//
|
|
RUN npm run build
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
FROM node:20-alpine3.19 AS frontend-dev
|
|
|
|
ENV NODE_OPTIONS="--max-old-space-size=4096"
|
|
|
|
# Add custom CA certificates
|
|
ARG CA_CERTIFICATES=""
|
|
RUN mkdir -p /usr/local/share/ca-certificates/ && \
|
|
echo "${CA_CERTIFICATES}" | tee -a /usr/local/share/ca-certificates/custom-user-cert.crt /etc/ssl/certs/ca-certificates.crt && \
|
|
apk add --no-cache ca-certificates && \
|
|
update-ca-certificates
|
|
|
|
# Install dependencies
|
|
WORKDIR /app/packages/markdown/
|
|
COPY packages/markdown/package.json packages/markdown/package-lock.json /app/packages/markdown/
|
|
RUN npm install
|
|
|
|
WORKDIR /app/frontend
|
|
COPY frontend/package.json frontend/package-lock.json /app/frontend/
|
|
RUN npm install
|
|
|
|
|
|
FROM frontend-dev AS frontend-test
|
|
# Include source code
|
|
COPY packages/markdown/ /app/packages/markdown/
|
|
COPY frontend /app/frontend/
|
|
COPY api/src/reportcreator_api/tasks/rendering/global_assets /app/frontend/src/assets/rendering/
|
|
COPY --from=pdfviewer /app/packages/pdfviewer/dist/ /app/frontend/src/public/static/pdfviewer/
|
|
|
|
# Test command
|
|
CMD npm run test
|
|
|
|
|
|
FROM frontend-test AS frontend
|
|
# Build JS bundle
|
|
RUN npm run generate
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
FROM node:20-alpine3.19 AS rendering-dev
|
|
|
|
# Add custom CA certificates
|
|
ARG CA_CERTIFICATES=""
|
|
RUN mkdir -p /usr/local/share/ca-certificates/ && \
|
|
echo "${CA_CERTIFICATES}" | tee -a /usr/local/share/ca-certificates/custom-user-cert.crt /etc/ssl/certs/ca-certificates.crt && \
|
|
apk add --no-cache ca-certificates && \
|
|
update-ca-certificates
|
|
|
|
# Install dependencies
|
|
WORKDIR /app/packages/markdown/
|
|
COPY packages/markdown/package.json packages/markdown/package-lock.json /app/packages/markdown/
|
|
RUN npm install
|
|
|
|
WORKDIR /app/rendering/
|
|
COPY rendering/package.json rendering/package-lock.json /app/rendering/
|
|
RUN npm install
|
|
|
|
|
|
FROM rendering-dev AS rendering
|
|
# Include source code
|
|
COPY rendering /app/rendering/
|
|
COPY packages/markdown/ /app/packages/markdown/
|
|
# Build JS bundle
|
|
RUN npm run build
|
|
|
|
|
|
|
|
|
|
FROM python:3.12-slim-bookworm AS api-dev
|
|
|
|
# Add custom CA certificates
|
|
ARG CA_CERTIFICATES=""
|
|
RUN echo "${CA_CERTIFICATES}" | tee -a /usr/local/share/ca-certificates/custom-user-cert.crt && \
|
|
update-ca-certificates && \
|
|
cat /etc/ssl/certs/* > /etc/ssl/certs/bundle.pem && \
|
|
pip config set global.cert /etc/ssl/certs/bundle.pem
|
|
ENV REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
|
|
ENV SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt
|
|
|
|
# Install system dependencies required by weasyprint and chromium
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
chromium \
|
|
curl \
|
|
fontconfig \
|
|
fonts-noto \
|
|
fonts-noto-mono \
|
|
fonts-noto-ui-core \
|
|
fonts-noto-color-emoji \
|
|
fonts-noto-cjk \
|
|
fonts-noto-cjk-extra \
|
|
gpg \
|
|
gpg-agent \
|
|
libpango-1.0-0 \
|
|
libpangoft2-1.0-0 \
|
|
unzip \
|
|
wget \
|
|
postgresql-client \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
# Install fonts
|
|
COPY api/fonts /usr/share/fonts/truetype
|
|
RUN mv /usr/share/fonts/truetype/fontconfig.conf /etc/fonts/conf.d/00-sysreptor-fonts.conf && \
|
|
rm -rf /usr/share/fonts/truetype/dejavu/ && \
|
|
rm -f /etc/fonts/conf.d/*dejavu* && \
|
|
fc-cache -f
|
|
|
|
# Install python packages
|
|
ENV PYTHONUNBUFFERED=on \
|
|
PYTHONDONTWRITEBYTECODE=on \
|
|
CHROMIUM_EXECUTABLE=/usr/lib/chromium/chromium
|
|
WORKDIR /app/api/
|
|
COPY api/requirements.txt /app/api/requirements.txt
|
|
RUN pip install -r /app/api/requirements.txt
|
|
|
|
# Configure application
|
|
ARG VERSION=dev
|
|
ENV VERSION=${VERSION} \
|
|
DEBUG=off \
|
|
MEDIA_ROOT=/data/ \
|
|
SERVER_WORKERS=4 \
|
|
PDF_RENDER_SCRIPT_PATH=/app/rendering/dist/bundle.js
|
|
|
|
# Copy license and changelog
|
|
COPY LICENSE CHANGELOG.md /app/
|
|
COPY api/generate_notice.sh api/NOTICE /app/api/
|
|
|
|
# Start server
|
|
EXPOSE 8000
|
|
CMD python3 manage.py migrate && \
|
|
gunicorn \
|
|
--bind=:8000 --worker-class=uvicorn.workers.UvicornWorker --workers=${SERVER_WORKERS} \
|
|
--max-requests=500 --max-requests-jitter=100 \
|
|
reportcreator_api.conf.asgi:application
|
|
|
|
|
|
|
|
FROM api-dev as api-prebuilt
|
|
|
|
# Copy source code (including pre-build static files)
|
|
COPY api/src /app/api
|
|
COPY rendering/dist /app/rendering/dist/
|
|
|
|
# Create data directory
|
|
RUN mkdir /data && chown 1000:1000 /data && chmod 777 /data
|
|
VOLUME [ "/data" ]
|
|
USER 1000
|
|
|
|
|
|
|
|
FROM api-dev AS api-test
|
|
# Copy source code
|
|
COPY api/src /app/api
|
|
|
|
# Copy generated template rendering script
|
|
COPY --from=rendering /app/rendering/dist /app/rendering/dist/
|
|
|
|
|
|
FROM api-test as api
|
|
# Generate static frontend files
|
|
# Post-process django files (for admin, API browser) and post-process them (e.g. add unique file hash)
|
|
# Do not post-process nuxt files, because they already have hash names (and django failes to post-process them)
|
|
USER root
|
|
RUN python3 manage.py collectstatic --no-input --clear
|
|
COPY --from=frontend /app/frontend/dist/index.html /app/frontend/dist/static/ /app/api/frontend/static/
|
|
RUN mv /app/api/frontend/static/index.html /app/api/frontend/index.html \
|
|
&& python3 manage.py collectstatic --no-input --no-post-process \
|
|
&& python3 -m whitenoise.compress /app/api/static/ map
|
|
USER 1000
|