This repository has been archived by the owner on Feb 24, 2021. It is now read-only.
forked from devinsolutions/docker-taiga
-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathDockerfile
143 lines (143 loc) · 4.7 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
FROM python:3.7-alpine3.12
RUN set -ex; \
\
export CFLAGS="-Os"; \
export CPPFLAGS="${CFLAGS}"; \
export LDFLAGS="-Wl,--strip-all"; \
export PYTHONDONTWRITEBYTECODE=yes; \
\
apk add --no-cache \
libjpeg-turbo \
libpq\>=12.2-r0 \
libxslt \
mailcap \
pcre \
; \
\
apk add --no-cache --virtual .build-deps \
gcc \
linux-headers \
musl-dev \
pcre-dev \
; \
\
pip install --upgrade pip wheel setuptools; \
pip install --no-cache-dir --no-compile 'uWSGI>=2.0,<2.1'; \
\
addgroup -g 101 -S taiga; \
adduser -D -H -g taiga -G taiga -s /sbin/nologin -S -u 101 taiga; \
\
mkdir -p \
/etc/opt/taiga-back \
/etc/opt/taiga-front \
/srv/taiga-back/media \
/srv/taiga-back/static \
; \
chown taiga:taiga \
/srv/taiga-back/media \
/srv/taiga-back/static \
; \
\
apk del .build-deps; \
rm -rf /root/.cache /var/cache/apk/*
# !!! DO NOT FORGET TO UPDATE "tags" FILE !!!
ENV TAIGA_BACK_VERSION=5.5.9 \
TAIGA_BACK_SHA256SUM=b0c4eba0aef8fd2c0352a0485337230778f3dc64bb0f9e35f6a6806b96f0fac1
RUN set -ex; \
\
export CFLAGS="-Os"; \
export CPPFLAGS="${CFLAGS}"; \
export LDFLAGS="-Wl,--strip-all"; \
export PYTHONDONTWRITEBYTECODE=yes; \
\
apk add --no-cache --virtual .build-deps \
g++ \
gcc \
gettext \
libffi-dev \
libjpeg-turbo-dev \
libxslt-dev \
musl-dev \
postgresql-dev \
zlib-dev \
; \
\
wget -q -O taiga-back.tar.gz \
https://github.com/taigaio/taiga-back/archive/${TAIGA_BACK_VERSION}.tar.gz; \
echo "${TAIGA_BACK_SHA256SUM} taiga-back.tar.gz" | sha256sum -c; \
tar -xzf taiga-back.tar.gz; \
rm -r taiga-back.tar.gz; \
mv taiga-back-${TAIGA_BACK_VERSION} /opt/taiga-back; \
\
cd /opt/taiga-back; \
\
sed -i '/^gunicorn==/d' requirements.txt; \
# psd-tools versions prior to 1.8.31 require potentially insecure Pillow versions
sed -i 's/^\(psd-tools==1\.8\.\).*/\131/' requirements.txt; \
# requests versions prior to 2.22.0 require insecure urllib3 versions
sed -i 's/^\(requests==2\.2\).*/\12.0/' requirements.txt; \
# urllib3 versions prior to 1.25.9 are insecure
sed -i 's/^\(urllib3==1\.2\).*/\15.9/' requirements.txt; \
pip install --no-cache-dir --no-compile -r requirements.txt; \
find /usr/local -depth -type d -name tests -exec rm -rf '{}' +; \
\
./manage.py compilemessages; \
\
find . -mindepth 1 \( \
-name '*.po' -o ! \( \
-path ./LICENSE \
-o \
-path ./manage.py \
-o \
-path ./NOTICE \
-o \
-path ./settings \
-o \
-path ./settings/'*' \
-o \
-path ./taiga \
-o \
-path ./taiga/'*' \
\) \
\) -exec rm -rf '{}' +; \
\
find . \( -type d -o -type f -path ./manage.py \) -exec chmod 755 '{}' +; \
find . -type f ! -path ./manage.py -exec chmod 644 '{}' +; \
\
apk del .build-deps; \
rm -rf /root/.cache /var/cache/apk/*
# !!! DO NOT FORGET TO UPDATE "tags" FILE !!!
ENV TAIGA_FRONT_VERSION=5.5.9 \
TAIGA_FRONT_SHA256SUM=b07f101fcdea5b76c83a7ee28415522fcbf622fc58d5290dffedb14773e52c45
RUN set -ex; \
\
wget -q -O taiga-front-dist.tar.gz \
https://github.com/taigaio/taiga-front-dist/archive/${TAIGA_FRONT_VERSION}-stable.tar.gz; \
echo "${TAIGA_FRONT_SHA256SUM} taiga-front-dist.tar.gz" | sha256sum -c; \
tar -xzf taiga-front-dist.tar.gz; \
mv taiga-front-dist-${TAIGA_FRONT_VERSION}-stable/dist /opt/taiga-front; \
rm -r taiga-front-dist.tar.gz taiga-front-dist-${TAIGA_FRONT_VERSION}-stable; \
\
cd /opt/taiga-front; \
\
# Removes origin from "api" URL. By default, the API is served on port
# 8080. Also, the URL doesn't have to be absolute, so this make the
# default configuration more generic.
sed -i 's|http://localhost:8000||' conf.example.json; \
mv conf.example.json /etc/opt/taiga-front/conf.json; \
ln -s /etc/opt/taiga-front/conf.json conf.json; \
\
find . -type d -exec chmod 755 '{}' +; \
find . -type f -exec chmod 644 '{}' +
COPY root /
WORKDIR /opt/taiga-back
ENV \
# See https://uwsgi-docs.readthedocs.io/en/latest/HTTP.html.
UWSGI_HTTP=:8080 \
# See https://uwsgi-docs.readthedocs.io/en/latest/StaticFiles.html#offloading and
# https://uwsgi-docs.readthedocs.io/en/latest/OffloadSubsystem.html.
UWSGI_OFFLOAD_THREADS=1
USER taiga
ENTRYPOINT ["taiga-ctl"]
CMD ["migrate", "run-server"]
EXPOSE 8080