]>
Commit | Line | Data |
---|---|---|
1 | FROM node:8-stretch | |
2 | ||
3 | RUN set -ex; \ | |
4 | if ! command -v gpg > /dev/null; then \ | |
5 | apt-get update; \ | |
6 | apt-get install -y --no-install-recommends \ | |
7 | gnupg \ | |
8 | dirmngr \ | |
9 | ; \ | |
10 | rm -rf /var/lib/apt/lists/*; \ | |
11 | fi | |
12 | ||
13 | # Install dependencies | |
14 | RUN apt-get update \ | |
15 | && apt-get -y install ffmpeg \ | |
16 | && rm /var/lib/apt/lists/* -fR | |
17 | ||
18 | # Add peertube user | |
19 | RUN groupadd -r peertube \ | |
20 | && useradd -r -g peertube -m peertube | |
21 | ||
22 | # grab gosu for easy step-down from root | |
23 | # https://github.com/tianon/gosu/releases | |
24 | ENV GOSU_VERSION 1.10 | |
25 | RUN set -ex; \ | |
26 | \ | |
27 | fetchDeps='ca-certificates wget'; \ | |
28 | apt-get update; \ | |
29 | apt-get install -y --no-install-recommends $fetchDeps; \ | |
30 | rm -rf /var/lib/apt/lists/*; \ | |
31 | \ | |
32 | dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \ | |
33 | wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \ | |
34 | wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \ | |
35 | export GNUPGHOME="$(mktemp -d)"; \ | |
36 | for server in $(shuf -e ha.pool.sks-keyservers.net \ | |
37 | hkp://p80.pool.sks-keyservers.net:80 \ | |
38 | keyserver.ubuntu.com \ | |
39 | hkp://keyserver.ubuntu.com:80 \ | |
40 | pgp.mit.edu) ; do \ | |
41 | gpg --keyserver "$server" --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 && break || : ; \ | |
42 | done; \ | |
43 | gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ | |
44 | rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \ | |
45 | chmod +x /usr/local/bin/gosu; \ | |
46 | gosu nobody true; \ | |
47 | \ | |
48 | apt-get purge -y --auto-remove wget | |
49 | ||
50 | # Install PeerTube | |
51 | WORKDIR /app | |
52 | COPY . ./ | |
53 | RUN chown -R peertube:peertube /app | |
54 | ||
55 | USER peertube | |
56 | ||
57 | RUN yarn install --pure-lockfile \ | |
58 | && npm run build | |
59 | ||
60 | USER root | |
61 | ||
62 | RUN mkdir /data /config | |
63 | RUN chown -R peertube:peertube /data /config | |
64 | ||
65 | ENV NODE_ENV production | |
66 | ENV NODE_CONFIG_DIR /config | |
67 | ||
68 | VOLUME /data | |
69 | VOLUME /config | |
70 | ||
71 | COPY ./support/docker/production/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh | |
72 | ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"] | |
73 | ||
74 | # Run the application | |
75 | CMD ["npm", "start"] | |
76 | EXPOSE 9000 |