122 lines
4.1 KiB
Docker
122 lines
4.1 KiB
Docker
# Dockerfile to build the matrixdotorg/synapse docker images.
|
|
#
|
|
# Note that it uses features which are only available in BuildKit - see
|
|
# https://docs.docker.com/go/buildkit/ for more information.
|
|
#
|
|
# To build the image, run `docker build` command from the root of the
|
|
# synapse repository:
|
|
#
|
|
# DOCKER_BUILDKIT=1 docker build -f docker/Dockerfile .
|
|
#
|
|
# There is an optional PYTHON_VERSION build argument which sets the
|
|
# version of python to build against: for example:
|
|
#
|
|
# DOCKER_BUILDKIT=1 docker build -f docker/Dockerfile --build-arg PYTHON_VERSION=3.10 .
|
|
#
|
|
|
|
ARG PYTHON_VERSION=3.9
|
|
|
|
FROM docker.io/python:${PYTHON_VERSION}-slim as base
|
|
|
|
###
|
|
### Stage 0: builder
|
|
###
|
|
|
|
# Irritatingly, there is no blessed guide on how to distribute an application with its
|
|
# poetry-managed environment in a docker image. For a while,
|
|
# `poetry export | pip install -r /dev/stdin` seemed plausible but is limited by bugs
|
|
# in `poetry export` whose fixes (scheduled for poetry 1.2) have yet to be released.
|
|
# This is inspired from:
|
|
# https://github.com/python-poetry/poetry/discussions/1879#discussioncomment-216865
|
|
# https://stackoverflow.com/questions/53835198/integrating-python-poetry-with-docker?answertab=scoredesc
|
|
FROM base as builder
|
|
|
|
# RUN --mount is specific to buildkit and is documented at
|
|
# https://github.com/moby/buildkit/blob/master/frontend/dockerfile/docs/syntax.md#build-mounts-run---mount.
|
|
# Here we use it to set up a cache for pip (below, for apt and poetry), to improve
|
|
# rebuild speeds on slow connections.
|
|
# We install poetry as --user so that it doesn't end up in the system-wide python
|
|
# installation. That gets copied later into the runtime image.
|
|
RUN --mount=type=cache,target=/root/.cache/pip \
|
|
pip install --user poetry==1.1.12
|
|
|
|
# install the OS build deps
|
|
RUN \
|
|
--mount=type=cache,target=/var/cache/apt,sharing=locked \
|
|
--mount=type=cache,target=/var/lib/apt,sharing=locked \
|
|
apt-get update && apt-get install -y \
|
|
build-essential \
|
|
libffi-dev \
|
|
libjpeg-dev \
|
|
libpq-dev \
|
|
libssl-dev \
|
|
libwebp-dev \
|
|
libxml++2.6-dev \
|
|
libxslt1-dev \
|
|
openssl \
|
|
rustc \
|
|
zlib1g-dev \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
WORKDIR /synapse
|
|
|
|
# Copy just what we need to run `poetry install`
|
|
COPY pyproject.toml poetry.lock README.rst /synapse/
|
|
|
|
# Install to the Python installation which hosts `pip`. In this case, it's the system
|
|
# Python.
|
|
ENV POETRY_VIRTUALENVS_IN_PROJECT=true \
|
|
POETRY_VIRTUALENVS_CREATE=true \
|
|
POETRY_HOME=/opt/poetry
|
|
# To speed up rebuilds, install all of the dependencies before we copy over
|
|
# the whole synapse project, so that this layer in the Docker cache can be
|
|
# used while you develop on the source
|
|
RUN --mount=type=cache,target=/opt/poetry/artifacts \
|
|
--mount=type=cache,target=/opt/poetry/.cache/pypoetry/cache \
|
|
/root/.local/bin/poetry install --no-dev --no-root --no-interaction --no-ansi --extras all
|
|
|
|
# Copy over the synapse source code.
|
|
COPY synapse /synapse/synapse/
|
|
|
|
# Install the synapse package itself, by omitting the --no-root argument
|
|
RUN --mount=type=cache,target=/opt/poetry/artifacts \
|
|
--mount=type=cache,target=/opt/poetry/cache \
|
|
/root/.local/bin/poetry install --no-dev --no-interaction --no-ansi --extras all
|
|
|
|
###
|
|
### Stage 1: runtime
|
|
###
|
|
|
|
FROM base
|
|
|
|
LABEL org.opencontainers.image.url='https://matrix.org/docs/projects/server/synapse'
|
|
LABEL org.opencontainers.image.documentation='https://github.com/matrix-org/synapse/blob/master/docker/README.md'
|
|
LABEL org.opencontainers.image.source='https://github.com/matrix-org/synapse.git'
|
|
LABEL org.opencontainers.image.licenses='Apache-2.0'
|
|
|
|
RUN \
|
|
--mount=type=cache,target=/var/cache/apt,sharing=locked \
|
|
--mount=type=cache,target=/var/lib/apt,sharing=locked \
|
|
apt-get update && apt-get install -y \
|
|
curl \
|
|
gosu \
|
|
libjpeg62-turbo \
|
|
libpq5 \
|
|
libwebp6 \
|
|
xmlsec1 \
|
|
libjemalloc2 \
|
|
libssl-dev \
|
|
openssl \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
COPY --from=builder /synapse/ /synapse
|
|
COPY ./docker/start.py /start.py
|
|
COPY ./docker/conf /conf
|
|
|
|
EXPOSE 8008/tcp 8009/tcp 8448/tcp
|
|
|
|
ENTRYPOINT ["/start.py"]
|
|
|
|
HEALTHCHECK --start-period=5s --interval=15s --timeout=5s \
|
|
CMD curl -fSs http://localhost:8008/health || exit 1
|