From eec3157c54dfca904be344e273f7cc14e6686e38 Mon Sep 17 00:00:00 2001 From: Quentin Gliech Date: Wed, 2 Feb 2022 15:26:02 +0100 Subject: [PATCH 1/5] Multi-arch capable Dockerfile --- Dockerfile | 15 ++++++++++----- doc/docker.md | 4 +++- 2 files changed, 13 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index f9e323130e..4b085ebcc1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,9 +1,14 @@ -FROM docker.io/node:alpine as builder +FROM --platform=${BUILDPLATFORM} docker.io/library/node:16.13-alpine3.15 as builder RUN apk add --no-cache git python3 build-base -COPY . /app WORKDIR /app -RUN yarn install \ - && yarn build -FROM docker.io/nginx:alpine +# Install the dependencies first +COPY yarn.lock package.json ./ +RUN yarn install + +# Copy the rest and build the app +COPY . . +RUN yarn build + +FROM --platform=${TARGETPLATFORM} docker.io/library/nginx:alpine COPY --from=builder /app/target /usr/share/nginx/html diff --git a/doc/docker.md b/doc/docker.md index 910938f0be..6ca67c02ec 100644 --- a/doc/docker.md +++ b/doc/docker.md @@ -35,7 +35,9 @@ To stop the container, simply hit `ctrl+c`. In this repository, create a Docker image: -``` +```sh +# Enable BuildKit https://docs.docker.com/develop/develop-images/build_enhancements/ +export DOCKER_BUILDKIT=1 docker build -t hydrogen . ``` From 1883aef25352ffd855c69daf59c442682e40e163 Mon Sep 17 00:00:00 2001 From: Quentin Gliech Date: Wed, 2 Feb 2022 15:33:10 +0100 Subject: [PATCH 2/5] Use non-root nginx base in Docker image --- Dockerfile | 2 +- doc/docker.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 4b085ebcc1..fade2a24e8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,5 +10,5 @@ RUN yarn install COPY . . RUN yarn build -FROM --platform=${TARGETPLATFORM} docker.io/library/nginx:alpine +FROM --platform=${TARGETPLATFORM} docker.io/nginxinc/nginx-unprivileged:1.21-alpine COPY --from=builder /app/target /usr/share/nginx/html diff --git a/doc/docker.md b/doc/docker.md index 6ca67c02ec..f7c1b45040 100644 --- a/doc/docker.md +++ b/doc/docker.md @@ -55,6 +55,6 @@ Then, start up a container from that image: ``` docker run \ --name hydrogen \ - --publish 80:80 \ + --publish 8080:80 \ hydrogen ``` From d753442aeb60c0c9ad9171ccd83415c05f3ec587 Mon Sep 17 00:00:00 2001 From: Quentin Gliech Date: Wed, 2 Feb 2022 15:54:01 +0100 Subject: [PATCH 3/5] Build and push multi-arch Docker images in CI --- .github/workflows/docker-publish.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 0a322a3d41..e02282f8a1 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -23,6 +23,9 @@ jobs: - name: Checkout repository uses: actions/checkout@v2 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + - name: Log into registry ${{ env.REGISTRY }} uses: docker/login-action@v1 with: @@ -39,6 +42,7 @@ jobs: - name: Build and push Docker image uses: docker/build-push-action@v2 with: + platforms: linux/amd64,linux/arm64,linux/arm/v7 push: ${{ github.event_name != 'pull_request' }} tags: ${{ steps.meta.outputs.tags }} labels: ${{ steps.meta.outputs.labels }} From 4728b1038202d2c47f64e85d528aa15d68f58484 Mon Sep 17 00:00:00 2001 From: Quentin Gliech Date: Wed, 2 Feb 2022 16:02:53 +0100 Subject: [PATCH 4/5] Update the documentation to reference the published docker image --- doc/docker.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/docker.md b/doc/docker.md index f7c1b45040..c3b1f5abdb 100644 --- a/doc/docker.md +++ b/doc/docker.md @@ -41,11 +41,11 @@ export DOCKER_BUILDKIT=1 docker build -t hydrogen . ``` -Or, pull the docker image from GitLab: +Or, pull the Docker image the GitHub Container Registry: ``` -docker pull registry.gitlab.com/jcgruenhage/hydrogen-web -docker tag registry.gitlab.com/jcgruenhage/hydrogen-web hydrogen +docker pull ghcr.io/vector-im/hydrogen +docker tag ghcr.io/vector-im/hydrogen hydrogen ``` ### Start container image From 6ebb058e59b3dc75fb1c19ca388a59479e1ddfdf Mon Sep 17 00:00:00 2001 From: Quentin Gliech Date: Wed, 2 Feb 2022 15:49:58 +0100 Subject: [PATCH 5/5] Make the Docker image configurable at runtime --- Dockerfile | 16 ++++++++++++++++ docker/config-template.sh | 7 +++++++ docker/config.json.tmpl | 8 ++++++++ 3 files changed, 31 insertions(+) create mode 100755 docker/config-template.sh create mode 100644 docker/config.json.tmpl diff --git a/Dockerfile b/Dockerfile index fade2a24e8..d4faba7e2a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,5 +10,21 @@ RUN yarn install COPY . . RUN yarn build +# Remove the default config, replace it with a symlink to somewhere that will be updated at runtime +RUN rm -f target/config.json \ + && ln -sf /tmp/config.json target/config.json + FROM --platform=${TARGETPLATFORM} docker.io/nginxinc/nginx-unprivileged:1.21-alpine + +# Copy the config template as well as the templating script +COPY ./docker/config.json.tmpl /config.json.tmpl +COPY ./docker/config-template.sh /docker-entrypoint.d/99-config-template.sh + +# Copy the built app from the first build stage COPY --from=builder /app/target /usr/share/nginx/html + +# Values from the default config that can be overridden at runtime +ENV PUSH_APP_ID="io.element.hydrogen.web" \ + PUSH_GATEWAY_URL="https://matrix.org" \ + PUSH_APPLICATION_SERVER_KEY="BC-gpSdVHEXhvHSHS0AzzWrQoukv2BE7KzpoPO_FfPacqOo3l1pdqz7rSgmB04pZCWaHPz7XRe6fjLaC-WPDopM" \ + DEFAULT_HOMESERVER="matrix.org" diff --git a/docker/config-template.sh b/docker/config-template.sh new file mode 100755 index 0000000000..f6cff00c1d --- /dev/null +++ b/docker/config-template.sh @@ -0,0 +1,7 @@ +#!/bin/sh + +set -eux + +envsubst '$PUSH_APP_ID,$PUSH_GATEWAY_URL,$PUSH_APPLICATION_SERVER_KEY,$DEFAULT_HOMESERVER' \ + < /config.json.tmpl \ + > /tmp/config.json diff --git a/docker/config.json.tmpl b/docker/config.json.tmpl new file mode 100644 index 0000000000..94295c43dd --- /dev/null +++ b/docker/config.json.tmpl @@ -0,0 +1,8 @@ +{ + "push": { + "appId": "$PUSH_APP_ID", + "gatewayUrl": "$PUSH_GATEWAY_URL", + "applicationServerKey": "$PUSH_APPLICATION_SERVER_KEY" + }, + "defaultHomeServer": "$DEFAULT_HOMESERVER" +}