|
@@ -1,39 +1,62 @@
|
|
|
# syntax=docker/dockerfile:1
|
|
|
-# Inherit from the official Synapse docker image
|
|
|
-ARG SYNAPSE_VERSION=latest
|
|
|
-FROM matrixdotorg/synapse:$SYNAPSE_VERSION
|
|
|
-
|
|
|
-# Install deps
|
|
|
-RUN \
|
|
|
- --mount=type=cache,target=/var/cache/apt,sharing=locked \
|
|
|
- --mount=type=cache,target=/var/lib/apt,sharing=locked \
|
|
|
- apt-get update -qq && \
|
|
|
- DEBIAN_FRONTEND=noninteractive apt-get install -yqq --no-install-recommends \
|
|
|
- redis-server nginx-light
|
|
|
-
|
|
|
-# Install supervisord with pip instead of apt, to avoid installing a second
|
|
|
-# copy of python.
|
|
|
-RUN --mount=type=cache,target=/root/.cache/pip \
|
|
|
- pip install supervisor~=4.2
|
|
|
-
|
|
|
-# Disable the default nginx sites
|
|
|
-RUN rm /etc/nginx/sites-enabled/default
|
|
|
|
|
|
-# Copy Synapse worker, nginx and supervisord configuration template files
|
|
|
-COPY ./docker/conf-workers/* /conf/
|
|
|
-
|
|
|
-# Copy a script to prefix log lines with the supervisor program name
|
|
|
-COPY ./docker/prefix-log /usr/local/bin/
|
|
|
-
|
|
|
-# Expose nginx listener port
|
|
|
-EXPOSE 8080/tcp
|
|
|
+ARG SYNAPSE_VERSION=latest
|
|
|
|
|
|
-# A script to read environment variables and create the necessary
|
|
|
-# files to run the desired worker configuration. Will start supervisord.
|
|
|
-COPY ./docker/configure_workers_and_start.py /configure_workers_and_start.py
|
|
|
-ENTRYPOINT ["/configure_workers_and_start.py"]
|
|
|
+# first of all, we create a base image with an nginx which we can copy into the
|
|
|
+# target image. For repeated rebuilds, this is much faster than apt installing
|
|
|
+# each time.
|
|
|
+
|
|
|
+FROM debian:bullseye-slim AS deps_base
|
|
|
+ RUN \
|
|
|
+ --mount=type=cache,target=/var/cache/apt,sharing=locked \
|
|
|
+ --mount=type=cache,target=/var/lib/apt,sharing=locked \
|
|
|
+ apt-get update -qq && \
|
|
|
+ DEBIAN_FRONTEND=noninteractive apt-get install -yqq --no-install-recommends \
|
|
|
+ redis-server nginx-light
|
|
|
+
|
|
|
+# Similarly, a base to copy the redis server from.
|
|
|
+#
|
|
|
+# The redis docker image has fewer dynamic libraries than the debian package,
|
|
|
+# which makes it much easier to copy (but we need to make sure we use an image
|
|
|
+# based on the same debian version as the synapse image, to make sure we get
|
|
|
+# the expected version of libc.
|
|
|
+FROM redis:6-bullseye AS redis_base
|
|
|
+
|
|
|
+# now build the final image, based on the the regular Synapse docker image
|
|
|
+FROM matrixdotorg/synapse:$SYNAPSE_VERSION
|
|
|
|
|
|
-# Replace the healthcheck with one which checks *all* the workers. The script
|
|
|
-# is generated by configure_workers_and_start.py.
|
|
|
-HEALTHCHECK --start-period=5s --interval=15s --timeout=5s \
|
|
|
- CMD /bin/sh /healthcheck.sh
|
|
|
+ # Install supervisord with pip instead of apt, to avoid installing a second
|
|
|
+ # copy of python.
|
|
|
+ RUN --mount=type=cache,target=/root/.cache/pip \
|
|
|
+ pip install supervisor~=4.2
|
|
|
+ RUN mkdir -p /etc/supervisor/conf.d
|
|
|
+
|
|
|
+ # Copy over redis and nginx
|
|
|
+ COPY --from=redis_base /usr/local/bin/redis-server /usr/local/bin
|
|
|
+
|
|
|
+ COPY --from=deps_base /usr/sbin/nginx /usr/sbin
|
|
|
+ COPY --from=deps_base /usr/share/nginx /usr/share/nginx
|
|
|
+ COPY --from=deps_base /usr/lib/nginx /usr/lib/nginx
|
|
|
+ COPY --from=deps_base /etc/nginx /etc/nginx
|
|
|
+ RUN rm /etc/nginx/sites-enabled/default
|
|
|
+ RUN mkdir /var/log/nginx /var/lib/nginx
|
|
|
+ RUN chown www-data /var/log/nginx /var/lib/nginx
|
|
|
+
|
|
|
+ # Copy Synapse worker, nginx and supervisord configuration template files
|
|
|
+ COPY ./docker/conf-workers/* /conf/
|
|
|
+
|
|
|
+ # Copy a script to prefix log lines with the supervisor program name
|
|
|
+ COPY ./docker/prefix-log /usr/local/bin/
|
|
|
+
|
|
|
+ # Expose nginx listener port
|
|
|
+ EXPOSE 8080/tcp
|
|
|
+
|
|
|
+ # A script to read environment variables and create the necessary
|
|
|
+ # files to run the desired worker configuration. Will start supervisord.
|
|
|
+ COPY ./docker/configure_workers_and_start.py /configure_workers_and_start.py
|
|
|
+ ENTRYPOINT ["/configure_workers_and_start.py"]
|
|
|
+
|
|
|
+ # Replace the healthcheck with one which checks *all* the workers. The script
|
|
|
+ # is generated by configure_workers_and_start.py.
|
|
|
+ HEALTHCHECK --start-period=5s --interval=15s --timeout=5s \
|
|
|
+ CMD /bin/sh /healthcheck.sh
|