forked from grocy/grocy-docker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile-grocy
85 lines (70 loc) · 2.67 KB
/
Dockerfile-grocy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
FROM alpine:3.11.6
LABEL maintainer "Talmai Oliveira <[email protected]>, James Addison <[email protected]>"
ARG GROCY_VERSION
# Optionally authenticate with GitHub using an API token
#
# This can reduce instances of download rate limiting by GitHub
# https://developer.github.com/v3/#rate-limiting
#
# This value is *not* assigned to a variable using the ENV instruction,
# since those variables are persisted in the resulting image and could leak
# developer credentials
# https://docs.docker.com/engine/reference/builder/#env
ARG GITHUB_API_TOKEN
# ensure www-data user exists
RUN set -eux; \
addgroup -g 82 -S www-data; \
adduser -u 82 -D -S -G www-data www-data
# 82 is the standard uid/gid for "www-data" in Alpine
# https://git.alpinelinux.org/aports/tree/main/apache2/apache2.pre-install?h=3.9-stable
# https://git.alpinelinux.org/aports/tree/main/lighttpd/lighttpd.pre-install?h=3.9-stable
# https://git.alpinelinux.org/aports/tree/main/nginx/nginx.pre-install?h=3.9-stable
# Install build-time dependencies
RUN apk add --no-cache \
composer \
git \
gnupg \
wget
# Install system dependencies
RUN apk add --no-cache \
php7-fpm \
php7-fileinfo \
php7-iconv \
php7-json \
php7-gd \
php7-pdo_sqlite \
php7-simplexml \
php7-tokenizer
# Configure directory permissions
RUN chown www-data /var/log/php7 && \
mkdir /var/www && \
chown www-data /var/www
COPY docker_grocy/www.conf /etc/php7/php-fpm.d/zz-docker.conf
# Install application dependencies (unprivileged)
USER www-data
WORKDIR /var/www
# Extract application release package
ENV GROCY_RELEASE_KEY_URI="https://berrnd.de/data/Bernd_Bestel.asc"
RUN set -o pipefail && \
export GNUPGHOME=$(mktemp -d) && \
wget ${GROCY_RELEASE_KEY_URI} -O - | gpg --batch --import && \
git clone --branch ${GROCY_VERSION} --config advice.detachedHead=false --depth 1 "https://github.com/grocy/grocy.git" . && \
git verify-commit ${GROCY_VERSION} && \
rm -rf ${GNUPGHOME} && \
mkdir data/viewcache && \
cp config-dist.php data/config.php
# Install application dependencies
RUN COMPOSER_OAUTH=${GITHUB_API_TOKEN:+"\"github.com\": \"${GITHUB_API_TOKEN}\""} && \
COMPOSER_AUTH="{\"github-oauth\": { ${COMPOSER_OAUTH} }}" composer install --no-interaction --no-dev --optimize-autoloader && \
composer clear-cache
# Remove build-time dependencies (privileged)
USER root
RUN apk del \
composer \
git \
gnupg \
wget
VOLUME ["/var/www/data"]
EXPOSE 9000
USER www-data
CMD ["php-fpm7"]