From 050796186037170348b18fc95e8980d46ec61c81 Mon Sep 17 00:00:00 2001 From: Adam Laycock Date: Mon, 7 Oct 2024 19:10:27 +0100 Subject: [PATCH 1/8] feat: rebase to alpine and split worker and remix into their own commands --- Dockerfile | 62 +++++++++++++++++++++++++------------------- docker-entrypoint.sh | 19 ++++++++++++++ 2 files changed, 54 insertions(+), 27 deletions(-) create mode 100644 docker-entrypoint.sh diff --git a/Dockerfile b/Dockerfile index 5851fe2..3a2e0a8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,42 +1,50 @@ -# base node image -FROM node:20-bookworm-slim as base +# +# Net-Doc Docker File +# -# Install openssl for Prisma -RUN apt-get update && apt-get install -y openssl +# Start with the node alpine image +FROM node:20-alpine as base -# Install all node_modules, including dev dependencies -FROM base as deps +# Install openssl for Prisma and NGINX +RUN apk update && apk add openssl nginx -RUN mkdir /app -WORKDIR /app -ADD package.json package-lock.json ./ -RUN npm install --production=false +# Create a new temp container called `deps` from `base` +# Add the package files and install all the deps. + FROM base as deps -# Setup production node_modules -FROM base as production-deps + RUN mkdir /app + WORKDIR /app -RUN mkdir /app -WORKDIR /app + ADD package.json package-lock.json ./ + RUN npm install --production=false -COPY --from=deps /app/node_modules /app/node_modules -ADD package.json package-lock.json ./ -RUN npm prune --production +# create a new temp container called `production-deps` from `base` +# copy the `deps` node_modules folder over and prune it to production only. + FROM base as production-deps -# Build the app -FROM base as build + RUN mkdir /app + WORKDIR /app -ENV NODE_ENV=production + COPY --from=deps /app/node_modules /app/node_modules + ADD package.json package-lock.json ./ + RUN npm prune --production -RUN mkdir /app -WORKDIR /app +# create a new temp container called `build` from `base` +# Copy over the full deps and run build. + FROM base as build -COPY --from=deps /app/node_modules /app/node_modules + ENV NODE_ENV=production -ADD . . -RUN npm run build + RUN mkdir /app + WORKDIR /app + + COPY --from=deps /app/node_modules /app/node_modules + + ADD . . + RUN npm run build -# Finally, build the production image with minimal footprint +# Go back to the `base` image and copy in the production deps and build FROM base ENV NODE_ENV=production @@ -50,4 +58,4 @@ COPY --from=build /app/build/server /app/build/server COPY --from=build /app/build/client /app/build/client ADD . . -CMD ["npm", "run", "docker"] \ No newline at end of file +ENTRYPOINT [ "docker-entrypoint.sh" ] \ No newline at end of file diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh new file mode 100644 index 0000000..ee29e23 --- /dev/null +++ b/docker-entrypoint.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash + +set -e + +function prepare_database { + npx prisma migrate deploy + npx prisma generate --sql +} + +if [ "$1" = 'net-doc-remix' ]; then + prepare_database + + npm run start:remix + +elif [ "$1" = 'net-doc-worker' ]; then + prepare_database + + npm run start:worker +fi \ No newline at end of file From 6e6c7bb4ad739ce04cc5fac1c03bf8991ccfdc46 Mon Sep 17 00:00:00 2001 From: Adam Laycock Date: Mon, 7 Oct 2024 19:14:31 +0100 Subject: [PATCH 2/8] ci: add docker files to app output --- .github/workflows/deployment.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/deployment.yml b/.github/workflows/deployment.yml index 058c91a..6926720 100644 --- a/.github/workflows/deployment.yml +++ b/.github/workflows/deployment.yml @@ -49,6 +49,8 @@ jobs: - 'public/**' - '.github/workflows/**' - 'tests/**' + - Dockerfile + - docker-entrypoint.sh docs: - 'docs/**' - '.github/workflows/**' From 1102b2ba5039a80ac4615943b9f0ee9eb12f0f9e Mon Sep 17 00:00:00 2001 From: Adam Laycock Date: Mon, 7 Oct 2024 20:31:59 +0100 Subject: [PATCH 3/8] feat: add nginx and change back to debian --- Dockerfile | 8 ++++---- docker-compose.sample.yml | 42 ++++++++++++++++++++++++++++----------- docker-entrypoint.sh | 16 ++++++++++++++- docker/nginx.conf | 38 +++++++++++++++++++++++++++++++++++ 4 files changed, 87 insertions(+), 17 deletions(-) create mode 100644 docker/nginx.conf diff --git a/Dockerfile b/Dockerfile index 3a2e0a8..0353c54 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,11 +3,10 @@ # # Start with the node alpine image -FROM node:20-alpine as base +FROM node:20-bookworm-slim as base # Install openssl for Prisma and NGINX -RUN apk update && apk add openssl nginx - +RUN apt-get update && apt-get install openssl nginx -y # Create a new temp container called `deps` from `base` # Add the package files and install all the deps. @@ -58,4 +57,5 @@ COPY --from=build /app/build/server /app/build/server COPY --from=build /app/build/client /app/build/client ADD . . -ENTRYPOINT [ "docker-entrypoint.sh" ] \ No newline at end of file +ENTRYPOINT [ "/app/docker-entrypoint.sh" ] +CMD [] \ No newline at end of file diff --git a/docker-compose.sample.yml b/docker-compose.sample.yml index a22f89c..410c8e8 100644 --- a/docker-compose.sample.yml +++ b/docker-compose.sample.yml @@ -1,23 +1,41 @@ -version: '3.9' -services: - remix: - image: longridgehighschool/net-doc:main - restart: always - ports: - - '3000:3000' - environment: +x-shared: + net-doc-service: &net-doc-service + environment: &net-doc-environment - PASSWORD_KEY=YOUR KEY - PASSWORD_SALT=YOUR SALT - PASSWORD_IV=YOUR IV - DATABASE_URL=file:./data/net-doc.db - volumes: + - REDIS_URL=net-doc-redis:6379 + volumes: &net-doc-volumes - ./db:/app/prisma/data - ./uploads:/app/public/uploads - ./backups:/app/public/backups - redis: + image: net-doc-service + restart: always + depends_on: + - net-doc-redis + +services: + net-doc-remix: + <<: *net-doc-service + command: ['net-doc-remix'] + + net-doc-worker: + <<: *net-doc-service + command: ['net-doc-worker'] + depends_on: + - net-doc-remix + + net-doc-nginx: + <<: *net-doc-service + command: ['net-doc-nginx'] + depends_on: + - net-doc-remix + ports: + - '8080:80' + + net-doc-redis: image: redis:7 restart: always volumes: - ./data/redis:/data - ports: - - 6379:6379 diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index ee29e23..b18da7d 100644 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -1,8 +1,14 @@ -#!/usr/bin/env bash +#!/bin/bash set -e +: "${REMIX_HOST:=net-doc-remix}" +: "${REMIX_PORT:=3000}" + function prepare_database { + npm uninstall bcrypt + npm install bcrypt + npx prisma migrate deploy npx prisma generate --sql } @@ -16,4 +22,12 @@ elif [ "$1" = 'net-doc-worker' ]; then prepare_database npm run start:worker +elif [ "$1" = 'net-doc-nginx' ]; then + # configure nginx + sed -e "s#server .*:3000#server ${REMIX_HOST}:${REMIX_PORT}#g" \ + -e 's#/var/log/nginx/net-doc.\(access\|error\).log#/dev/stdout#g' < /app/docker/nginx.conf > /etc/nginx/sites-enabled/default + + echo "starting nginx..." + + exec /usr/sbin/nginx -g 'daemon off;' fi \ No newline at end of file diff --git a/docker/nginx.conf b/docker/nginx.conf new file mode 100644 index 0000000..e9ef5c4 --- /dev/null +++ b/docker/nginx.conf @@ -0,0 +1,38 @@ +upstream net-doc-remix { + server 127.0.0.1:3000; +} + +server { + listen 80; + listen [::]:80; + + # replace 'localhost' with your fqdn if you want to use zammad from remote + server_name localhost; + + # security - prevent information disclosure about server version + server_tokens off; + + root /app/build/client; + + access_log /var/log/nginx/net-doc.access.log; + error_log /var/log/nginx/net-doc.error.log; + + client_max_body_size 50M; + + location ~ ^/(assets/|robots.txt|humans.txt|favicon.ico|apple-touch-icon.png) { + expires max; + } + + location / { + proxy_set_header Host $http_host; + proxy_set_header CLIENT_IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + + proxy_read_timeout 300; + proxy_pass http://net-doc-remix; + + gzip on; + gzip_types text/plain text/xml text/css image/svg+xml application/javascript application/x-javascript application/json application/xml; + gzip_proxied any; + } +} \ No newline at end of file From 5fee5b6a261def8450d7c2775298a9585674770d Mon Sep 17 00:00:00 2001 From: Adam Laycock Date: Mon, 7 Oct 2024 20:46:35 +0100 Subject: [PATCH 4/8] fix: add +x to entrypoint --- Dockerfile | 10 ++++++---- docker-compose.sample.yml | 2 +- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 0353c54..6956980 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,14 +3,14 @@ # # Start with the node alpine image -FROM node:20-bookworm-slim as base +FROM node:20-bookworm-slim AS base # Install openssl for Prisma and NGINX RUN apt-get update && apt-get install openssl nginx -y # Create a new temp container called `deps` from `base` # Add the package files and install all the deps. - FROM base as deps + FROM base AS deps RUN mkdir /app WORKDIR /app @@ -20,7 +20,7 @@ RUN apt-get update && apt-get install openssl nginx -y # create a new temp container called `production-deps` from `base` # copy the `deps` node_modules folder over and prune it to production only. - FROM base as production-deps + FROM base AS production-deps RUN mkdir /app WORKDIR /app @@ -31,7 +31,7 @@ RUN apt-get update && apt-get install openssl nginx -y # create a new temp container called `build` from `base` # Copy over the full deps and run build. - FROM base as build + FROM base AS build ENV NODE_ENV=production @@ -57,5 +57,7 @@ COPY --from=build /app/build/server /app/build/server COPY --from=build /app/build/client /app/build/client ADD . . +RUN chmod +x /app/docker-entrypoint.sh + ENTRYPOINT [ "/app/docker-entrypoint.sh" ] CMD [] \ No newline at end of file diff --git a/docker-compose.sample.yml b/docker-compose.sample.yml index 410c8e8..03b05ff 100644 --- a/docker-compose.sample.yml +++ b/docker-compose.sample.yml @@ -10,7 +10,7 @@ x-shared: - ./db:/app/prisma/data - ./uploads:/app/public/uploads - ./backups:/app/public/backups - image: net-doc-service + image: longridgehighschool/net-doc:2 restart: always depends_on: - net-doc-redis From 87583adf0d352f37f48530e681827e6de4302c55 Mon Sep 17 00:00:00 2001 From: Adam Laycock Date: Tue, 8 Oct 2024 19:45:57 +0100 Subject: [PATCH 5/8] feat: rebase to alpine and node 22 --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6956980..1780660 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,10 +3,10 @@ # # Start with the node alpine image -FROM node:20-bookworm-slim AS base +FROM node:22-alpine AS base # Install openssl for Prisma and NGINX -RUN apt-get update && apt-get install openssl nginx -y +RUN apk update && apk add openssl nginx # Create a new temp container called `deps` from `base` # Add the package files and install all the deps. From d191797446a0f7a3d978c4fde5f067f686f3cf80 Mon Sep 17 00:00:00 2001 From: AML - A Laycock Date: Wed, 9 Oct 2024 10:35:04 +0100 Subject: [PATCH 6/8] feat: revert to debian, alpine has too many issues --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1780660..ae65877 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,8 +2,8 @@ # Net-Doc Docker File # -# Start with the node alpine image -FROM node:22-alpine AS base +# Start with the node debian image +FROM node:22-bullseye-slim AS base # Install openssl for Prisma and NGINX RUN apk update && apk add openssl nginx From c35829d61f3a67a215b8c9a1ee3ac119696e6baa Mon Sep 17 00:00:00 2001 From: AML - A Laycock Date: Wed, 9 Oct 2024 10:37:38 +0100 Subject: [PATCH 7/8] fix: apt-get not apk --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index ae65877..fde769e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ FROM node:22-bullseye-slim AS base # Install openssl for Prisma and NGINX -RUN apk update && apk add openssl nginx +RUN apt-get update && apt-get install openssl nginx -y # Create a new temp container called `deps` from `base` # Add the package files and install all the deps. From c044707bf2126e32e8ccdfd64ea3c7d7e302f09c Mon Sep 17 00:00:00 2001 From: AML - A Laycock Date: Wed, 9 Oct 2024 10:52:16 +0100 Subject: [PATCH 8/8] docs: document change --- docs/docs/getting-started/install.md | 46 ++++++++++++++++++++-------- 1 file changed, 33 insertions(+), 13 deletions(-) diff --git a/docs/docs/getting-started/install.md b/docs/docs/getting-started/install.md index 234cc6e..ee67bc0 100644 --- a/docs/docs/getting-started/install.md +++ b/docs/docs/getting-started/install.md @@ -13,32 +13,52 @@ Net-Doc is distributed as a docker container. > The tag `latest` will always pull the latest > [release](https://github.com/Longridge-High-School/net-doc/releases), `main` -> will pull the latest commit to the main branch. +> will pull the latest commit to the main branch. Ideally you should use the +> major version tag e.g. `2` to avoid automatically installing any breaking +> changes. `2` would include any `2.x.y` release. ```yml -version: '3.9' -services: - remix: - image: longridgehighschool/net-doc:latest - restart: always - ports: - - '3000:3000' - environment: +x-shared: + net-doc-service: &net-doc-service + environment: &net-doc-environment - PASSWORD_KEY=YOUR KEY - PASSWORD_SALT=YOUR SALT - PASSWORD_IV=YOUR IV - DATABASE_URL=file:./data/net-doc.db - volumes: + - REDIS_URL=net-doc-redis:6379 + volumes: &net-doc-volumes - ./db:/app/prisma/data - ./uploads:/app/public/uploads - ./backups:/app/public/backups - redis: + image: longridgehighschool/net-doc:2 + restart: always + depends_on: + - net-doc-redis + +services: + net-doc-remix: + <<: *net-doc-service + command: ['net-doc-remix'] + + net-doc-worker: + <<: *net-doc-service + command: ['net-doc-worker'] + depends_on: + - net-doc-remix + + net-doc-nginx: + <<: *net-doc-service + command: ['net-doc-nginx'] + depends_on: + - net-doc-remix + ports: + - '8080:80' + + net-doc-redis: image: redis:7 restart: always volumes: - ./data/redis:/data - ports: - - 6379:6379 ``` ### Environment Variables