From d12455bfd7d9a38c39d4af791de2dadcdc25c00f Mon Sep 17 00:00:00 2001 From: Inex Code Date: Fri, 23 Jul 2021 23:23:34 +0300 Subject: [PATCH] Add Dockerfile --- Dockerfile | 64 +++++++++++++++++++++++++++++++++++++++++++++++++++ docker-run.sh | 38 ++++++++++++++++++++++++++++++ package.json | 6 ++--- 3 files changed, 105 insertions(+), 3 deletions(-) create mode 100644 Dockerfile create mode 100755 docker-run.sh diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..654ae76 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,64 @@ +FROM node:alpine AS builder + +WORKDIR /opt/mx-puppet-vk + +# run build process as user in case of npm pre hooks +# pre hooks are not executed while running as root +RUN chown node:node /opt/mx-puppet-vk +RUN apk --no-cache add git python3 make g++ pkgconfig \ + build-base \ + cairo-dev \ + jpeg-dev \ + pango-dev \ + musl-dev \ + giflib-dev \ + pixman-dev \ + pangomm-dev \ + libjpeg-turbo-dev \ + freetype-dev + +#RUN wget -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub && \ +# wget -O glibc-2.32-r0.apk https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.32-r0/glibc-2.32-r0.apk && \ +# apk add glibc-2.32-r0.apk + +COPY package.json ./ +RUN chown node:node package.json + +USER node + +RUN npm install + +COPY tsconfig.json ./ +COPY src/ ./src/ +RUN npm run build + + +FROM node:alpine + +VOLUME /data + +ENV CONFIG_PATH=/data/config.yaml \ + REGISTRATION_PATH=/data/vk-registration.yaml + +# su-exec is used by docker-run.sh to drop privileges +RUN apk add --no-cache su-exec \ + cairo \ + jpeg \ + pango \ + musl \ + giflib \ + pixman \ + pangomm \ + libjpeg-turbo \ + freetype + + +WORKDIR /opt/mx-puppet-vk +COPY docker-run.sh ./ +COPY --from=builder /opt/mx-puppet-vk/node_modules/ ./node_modules/ +COPY --from=builder /opt/mx-puppet-vk/build/ ./build/ + +# change workdir to /data so relative paths in the config.yaml +# point to the persisten volume +WORKDIR /data +ENTRYPOINT ["/opt/mx-puppet-vk/docker-run.sh"] diff --git a/docker-run.sh b/docker-run.sh new file mode 100755 index 0000000..1963947 --- /dev/null +++ b/docker-run.sh @@ -0,0 +1,38 @@ +#!/bin/sh -e + +if [ ! -f "$CONFIG_PATH" ]; then + echo 'No config found' + exit 1 +fi + +args="$@" + +if [ ! -f "$REGISTRATION_PATH" ]; then + echo 'No registration found, generating now' + args="-r" +fi + + +# if no --uid is supplied, prepare files to drop privileges +if [ "$(id -u)" = 0 ]; then + chown node:node /data + + if find *.db > /dev/null 2>&1; then + # make sure sqlite files are writeable + chown node:node *.db + fi + if find *.log.* > /dev/null 2>&1; then + # make sure log files are writeable + chown node:node *.log.* + fi + + su_exec='su-exec node:node' +else + su_exec='' +fi + +# $su_exec is used in case we have to drop the privileges +exec $su_exec /usr/local/bin/node '/opt/mx-puppet-vk/build/index.js' \ + -c "$CONFIG_PATH" \ + -f "$REGISTRATION_PATH" \ + $args diff --git a/package.json b/package.json index 9df93ba..4993855 100755 --- a/package.json +++ b/package.json @@ -4,8 +4,8 @@ "description": "Matrix <-> VK bridge based on mx-puppet-bridge and VK-IO.", "main": "index.js", "repository": { - "type" : "git", - "url" : "https://github.com/innereq/mx-puppet-vk.git" + "type": "git", + "url": "https://github.com/innereq/mx-puppet-vk.git" }, "license": "AGPL-3.0-only", "scripts": { @@ -23,7 +23,7 @@ "showdown": "^1.9.1", "tslint": "^5.17.0", "typescript": "^4.3.4", - "vk-io": "^4.3.1" + "vk-io": "^4.3.2" }, "devDependencies": { "@types/node": "^12.20.15",