diff --git a/.env.template b/.env.template index 9cc9ed738f..7a2c28c3a2 100644 --- a/.env.template +++ b/.env.template @@ -22,7 +22,6 @@ ENJU_LEAF_DEFAULT_LOCALE=ja ENJU_LEAF_TIME_ZONE=Asia/Tokyo # ENJU_LEAF_STORAGE_BUCKET=enju-leaf # ENJU_LEAF_STORAGE_ENDPOINT=http://minio:9000 -ENJU_LEAF_ACTION_MAILER_DELIVERY_METHOD=test ENJU_LEAF_EXTRACT_TEXT= ENJU_LEAF_EXTRACT_FILESIZE_LIMIT=2097152 # ENJU_LEAF_RESOURCESYNC_BASE_URL=http://localhost:8080 diff --git a/Dockerfile b/Dockerfile index 74bcc9d6a1..a45415dc86 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,34 +1,80 @@ -FROM ruby:3.2.3 as builder -LABEL maintainer="nabeta@fastmail.fm" +# syntax = docker/dockerfile:1 -ARG http_proxy -ARG https_proxy +# Make sure RUBY_VERSION matches the Ruby version in .ruby-version and Gemfile +ARG RUBY_VERSION=3.2.3 +FROM registry.docker.com/library/ruby:$RUBY_VERSION-slim as base + +# Rails app lives here +WORKDIR /enju -COPY Gemfile / -COPY Gemfile.lock / -RUN apt-get update -qq && apt-get install -y libpq-dev && bundle install +# Set production environment +ENV RAILS_ENV="production" \ + BUNDLE_DEPLOYMENT="1" \ + BUNDLE_PATH="/usr/local/bundle" \ + BUNDLE_WITHOUT="development" -FROM ruby:3.2.3 -LABEL maintainer="nabeta@fastmail.fm" -ARG http_proxy -ARG https_proxy +# Throw-away build stage to reduce size of final image +FROM base as build + +# Install packages needed to build gems +RUN apt-get update -qq && apt-get install --no-install-recommends -y curl gnupg && \ + mkdir -p /etc/apt/keyrings && \ + curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg && \ + curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor -o /etc/apt/keyrings/yarnkey.gpg && \ + echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list && \ + echo "deb [signed-by=/etc/apt/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian stable main" | tee /etc/apt/sources.list.d/yarn.list && \ + apt-get update -qq && \ + apt-get install --no-install-recommends -y build-essential git libpq-dev libvips pkg-config nodejs yarn + +# Install application gems +COPY Gemfile Gemfile.lock ./ +RUN bundle install && \ + rm -rf ~/.bundle/ "${BUNDLE_PATH}"/ruby/*/cache "${BUNDLE_PATH}"/ruby/*/bundler/gems/*/.git && \ + bundle exec bootsnap precompile --gemfile && \ + yarn install + +# Copy application code +COPY . . + +# Precompile bootsnap code for faster boot times +RUN bundle exec bootsnap precompile app/ lib/ + +# Precompiling assets for production without requiring secret RAILS_MASTER_KEY +# RUN SECRET_KEY_BASE_DUMMY=1 ./bin/rails assets:precompile + + +# Final stage for app image +FROM base ARG UID=1000 ARG GID=1000 +ARG http_proxy +ARG https_proxy -RUN groupadd --gid ${GID} enju && useradd -m --uid ${UID} --gid ${GID} enju -RUN mkdir -p /etc/apt/keyrings && \ - apt-get update -qq && apt-get install -y curl ca-certificates gnupg && \ +# Install packages needed for deployment +RUN apt-get update -qq && apt-get install --no-install-recommends -y curl gnupg && \ + mkdir -p /etc/apt/keyrings && \ curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg && \ curl -sL https://dl.yarnpkg.com/debian/pubkey.gpg | gpg --dearmor -o /etc/apt/keyrings/yarnkey.gpg && \ echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list && \ echo "deb [signed-by=/etc/apt/keyrings/yarnkey.gpg] https://dl.yarnpkg.com/debian stable main" | tee /etc/apt/sources.list.d/yarn.list && \ - apt-get update -qq && apt-get install -y nodejs yarn postgresql-client imagemagick poppler-utils ffmpeg libvips42 && \ - apt-get clean && rm -rf /var/lib/apt/lists/* -RUN mkdir /enju && chown -R enju:enju /enju -USER enju -WORKDIR /enju -ADD package.json yarn.lock ./ -RUN yarn install --frozen-lockfile -COPY --from=builder /usr/local/bundle /usr/local/bundle -COPY . /enju/ + apt-get update -qq && \ + apt-get install --no-install-recommends -y libvips postgresql-client nodejs yarn && \ + rm -rf /var/lib/apt/lists /var/cache/apt/archives + +# Copy built artifacts: gems, application +COPY --from=build /usr/local/bundle /usr/local/bundle +COPY --from=build /enju /enju + +# Run and own only the runtime files as a non-root user for security +RUN groupadd --gid ${GID} enju && \ + useradd enju --uid ${UID} --gid ${GID} --create-home --shell /bin/bash && \ + chown -R enju:enju db log storage tmp +USER enju:enju + +# Entrypoint prepares the database. +ENTRYPOINT ["/enju/bin/docker-entrypoint"] + +# Start the server by default, this can be overwritten at runtime +EXPOSE 3000 +CMD ["./bin/rails", "server"] diff --git a/bin/docker-entrypoint b/bin/docker-entrypoint new file mode 100755 index 0000000000..67ef493142 --- /dev/null +++ b/bin/docker-entrypoint @@ -0,0 +1,8 @@ +#!/bin/bash -e + +# If running the rails server then create or migrate existing database +if [ "${1}" == "./bin/rails" ] && [ "${2}" == "server" ]; then + ./bin/rails db:prepare +fi + +exec "${@}" diff --git a/config/application.rb b/config/application.rb index 4a22c42928..8454411cb2 100644 --- a/config/application.rb +++ b/config/application.rb @@ -14,7 +14,7 @@ module EnjuLeaf class Application < Rails::Application # Initialize configuration defaults for originally generated Rails version. - config.load_defaults 6.1 + config.load_defaults 7.0 # Configuration for the application, engines, and railties goes here. # diff --git a/config/environments/production.rb b/config/environments/production.rb index ac5c4a5692..1952c916d4 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -90,6 +90,4 @@ # Do not dump schema after migrations. config.active_record.dump_schema_after_migration = false - - config.action_mailer.delivery_method = ENV['ENJU_LEAF_ACTION_MAILER_DELIVERY_METHOD'].to_sym end diff --git a/docker-compose.yml b/docker-compose.yml index 25146b6f62..ed08c19bd3 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -33,7 +33,7 @@ x-app: &app services: web: <<: *app - command: bash -c "rm -f tmp/pids/server.pid && rails s -b 0.0.0.0" + command: bash -c "rm -f tmp/pids/server.pid && bin/rails s -b 0.0.0.0" environment: - WEBPACKER_DEV_SERVER_HOST=webpacker expose: diff --git a/package.json b/package.json index 993fcbc89d..491fc3c469 100644 --- a/package.json +++ b/package.json @@ -5,11 +5,11 @@ "@rails/actioncable": "~7.0.8", "@rails/activestorage": "~7.0.8", "@rails/ujs": "~7.0.8", - "@rails/webpacker": "5.4.3", + "@rails/webpacker": "5.4.4", + "jquery": "^2.2.4", "mirador": "^3.3.0", "webpack": "^4.46.0", - "webpack-cli": "^3.3.12", - "jquery": "^2.2.4" + "webpack-cli": "^3.3.12" }, "devDependencies": { "webpack-dev-server": "^3" diff --git a/yarn.lock b/yarn.lock index 7db8613595..8e84a1f0cb 100644 --- a/yarn.lock +++ b/yarn.lock @@ -1153,10 +1153,10 @@ resolved "https://registry.yarnpkg.com/@rails/ujs/-/ujs-7.0.8.tgz#59853367d0827b3955d2c4bedfd5eba4a79d3422" integrity sha512-tOQQBVH8LsUpGXqDnk+kaOGVsgZ8maHAhEiw3Git3p88q+c0Slgu47HuDnL6sVxeCfz24zbq7dOjsVYDiTpDIA== -"@rails/webpacker@5.4.3": - version "5.4.3" - resolved "https://registry.yarnpkg.com/@rails/webpacker/-/webpacker-5.4.3.tgz#cfe2d8faffe7db5001bad50a1534408b4f2efb2f" - integrity sha512-tEM8tpUtfx6FxKwcuQ9+v6pzgqM5LeAdhT6IJ4Te3BPKFO1xrGrXugqeRuZ+gE8ASDZRTOK6yuQkapOpuX5JdA== +"@rails/webpacker@5.4.4": + version "5.4.4" + resolved "https://registry.yarnpkg.com/@rails/webpacker/-/webpacker-5.4.4.tgz#971a41b987c096c908ce4088accd57c1a9a7e2f7" + integrity sha512-hp9myb2MChYFPfE5Fd/3gF4q2m4wpxC+WWCkxcg6My3HYCptWuqMVXRwrBZ5EJHYiL/WRyMLvVNWwlFV47xhUw== dependencies: "@babel/core" "^7.15.0" "@babel/plugin-proposal-class-properties" "^7.14.5"