Dockerfile 4.1 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121
  1. # Dockerfile to build the matrixdotorg/synapse docker images.
  2. #
  3. # Note that it uses features which are only available in BuildKit - see
  4. # https://docs.docker.com/go/buildkit/ for more information.
  5. #
  6. # To build the image, run `docker build` command from the root of the
  7. # synapse repository:
  8. #
  9. # DOCKER_BUILDKIT=1 docker build -f docker/Dockerfile .
  10. #
  11. # There is an optional PYTHON_VERSION build argument which sets the
  12. # version of python to build against: for example:
  13. #
  14. # DOCKER_BUILDKIT=1 docker build -f docker/Dockerfile --build-arg PYTHON_VERSION=3.10 .
  15. #
  16. ARG PYTHON_VERSION=3.9
  17. FROM docker.io/python:${PYTHON_VERSION}-slim as base
  18. ###
  19. ### Stage 0: builder
  20. ###
  21. # Irritatingly, there is no blessed guide on how to distribute an application with its
  22. # poetry-managed environment in a docker image. For a while,
  23. # `poetry export | pip install -r /dev/stdin` seemed plausible but is limited by bugs
  24. # in `poetry export` whose fixes (scheduled for poetry 1.2) have yet to be released.
  25. # The best references I could find are
  26. # https://github.com/python-poetry/poetry/discussions/1879#discussioncomment-216865
  27. # https://stackoverflow.com/questions/53835198/integrating-python-poetry-with-docker?answertab=scoredesc#tab-top
  28. FROM base as builder
  29. # RUN --mount is specific to buildkit and is documented at
  30. # https://github.com/moby/buildkit/blob/master/frontend/dockerfile/docs/syntax.md#build-mounts-run---mount.
  31. # Here we use it to set up a cache for pip (below, for apt and poetry), to improve
  32. # rebuild speeds on slow connections.
  33. # We install poetry as --user so that it doesn't end up in the system-wide python
  34. # installation. That gets copied later into the runtime image.
  35. RUN --mount=type=cache,target=/root/.cache/pip \
  36. pip install poetry==1.1.12
  37. # install the OS build deps
  38. RUN \
  39. --mount=type=cache,target=/var/cache/apt,sharing=locked \
  40. --mount=type=cache,target=/var/lib/apt,sharing=locked \
  41. apt-get update && apt-get install -y \
  42. build-essential \
  43. libffi-dev \
  44. libjpeg-dev \
  45. libpq-dev \
  46. libssl-dev \
  47. libwebp-dev \
  48. libxml++2.6-dev \
  49. libxslt1-dev \
  50. openssl \
  51. rustc \
  52. zlib1g-dev \
  53. && rm -rf /var/lib/apt/lists/*
  54. WORKDIR /synapse
  55. # Copy just what we need to poetry install
  56. COPY pyproject.toml poetry.lock README.rst /synapse/
  57. # Install to the Python installation which hosts `pip`. In this case, it's the system
  58. # Python.
  59. ENV POETRY_VIRTUALENVS_IN_PROJECT=true \
  60. POETRY_VIRTUALENVS_CREATE=true \
  61. POETRY_HOME=/opt/poetry
  62. # To speed up rebuilds, install all of the dependencies before we copy over
  63. # the whole synapse project, so that this layer in the Docker cache can be
  64. # used while you develop on the source
  65. RUN --mount=type=cache,target=/opt/poetry/artifacts \
  66. --mount=type=cache,target=/opt/poetry/.cache/pypoetry/cache \
  67. poetry install --no-dev --no-root --no-interaction --no-ansi --extras all
  68. # Copy over the synapse source code.
  69. COPY synapse /synapse/synapse/
  70. # Install the synapse package itself, by omitting the --no-root argument
  71. RUN --mount=type=cache,target=/opt/poetry/artifacts \
  72. --mount=type=cache,target=/opt/poetry/cache \
  73. poetry install --no-dev --no-interaction --no-ansi --extras all
  74. ###
  75. ### Stage 1: runtime
  76. ###
  77. FROM base
  78. LABEL org.opencontainers.image.url='https://matrix.org/docs/projects/server/synapse'
  79. LABEL org.opencontainers.image.documentation='https://github.com/matrix-org/synapse/blob/master/docker/README.md'
  80. LABEL org.opencontainers.image.source='https://github.com/matrix-org/synapse.git'
  81. LABEL org.opencontainers.image.licenses='Apache-2.0'
  82. RUN \
  83. --mount=type=cache,target=/var/cache/apt,sharing=locked \
  84. --mount=type=cache,target=/var/lib/apt,sharing=locked \
  85. apt-get update && apt-get install -y \
  86. curl \
  87. gosu \
  88. libjpeg62-turbo \
  89. libpq5 \
  90. libwebp6 \
  91. xmlsec1 \
  92. libjemalloc2 \
  93. libssl-dev \
  94. openssl \
  95. && rm -rf /var/lib/apt/lists/*
  96. COPY --from=builder /synapse/ /synapse
  97. COPY ./docker/start.py /start.py
  98. COPY ./docker/conf /conf
  99. EXPOSE 8008/tcp 8009/tcp 8448/tcp
  100. ENTRYPOINT ["/start.py"]
  101. HEALTHCHECK --start-period=5s --interval=15s --timeout=5s \
  102. CMD curl -fSs http://localhost:8008/health || exit 1