90 lines
2.8 KiB
Docker
90 lines
2.8 KiB
Docker
|
FROM alpine:3.12.3
|
||
|
LABEL maintainer "Talmai Oliveira <to@talm.ai>, James Addison <jay@jp-hosting.net>"
|
||
|
|
||
|
ARG GROCY_VERSION
|
||
|
|
||
|
# Optionally authenticate with GitHub using an API token
|
||
|
#
|
||
|
# This can reduce instances of download rate limiting by GitHub
|
||
|
# https://developer.github.com/v3/#rate-limiting
|
||
|
#
|
||
|
# This value is *not* assigned to a variable using the ENV instruction,
|
||
|
# since those variables are persisted in the resulting image and could leak
|
||
|
# developer credentials
|
||
|
# https://docs.docker.com/engine/reference/builder/#env
|
||
|
ARG GITHUB_API_TOKEN
|
||
|
|
||
|
# ensure www-data user exists
|
||
|
RUN set -eux; \
|
||
|
addgroup -g 82 -S www-data; \
|
||
|
adduser -u 82 -D -S -G www-data www-data
|
||
|
# 82 is the standard uid/gid for "www-data" in Alpine
|
||
|
# https://git.alpinelinux.org/aports/tree/main/apache2/apache2.pre-install?h=3.9-stable
|
||
|
# https://git.alpinelinux.org/aports/tree/main/lighttpd/lighttpd.pre-install?h=3.9-stable
|
||
|
# https://git.alpinelinux.org/aports/tree/main/nginx/nginx.pre-install?h=3.9-stable
|
||
|
|
||
|
# Install build-time dependencies
|
||
|
RUN apk update && \
|
||
|
apk add --no-cache \
|
||
|
composer \
|
||
|
git \
|
||
|
gnupg \
|
||
|
wget
|
||
|
|
||
|
# Install system dependencies
|
||
|
RUN apk add --no-cache \
|
||
|
php7-ctype \
|
||
|
php7-fpm \
|
||
|
php7-exif \
|
||
|
php7-fileinfo \
|
||
|
php7-gd \
|
||
|
php7-iconv \
|
||
|
php7-json \
|
||
|
php7-ldap \
|
||
|
php7-pdo_sqlite \
|
||
|
php7-simplexml \
|
||
|
php7-tokenizer
|
||
|
|
||
|
# Configure directory permissions
|
||
|
RUN chown www-data /var/log/php7 && \
|
||
|
mkdir /var/www && \
|
||
|
chown www-data /var/www
|
||
|
|
||
|
COPY docker_grocy/www.conf /etc/php7/php-fpm.d/zz-docker.conf
|
||
|
|
||
|
# Install application dependencies (unprivileged)
|
||
|
USER www-data
|
||
|
WORKDIR /var/www
|
||
|
|
||
|
# Extract application release package
|
||
|
ENV GROCY_RELEASE_KEY_URI="https://berrnd.de/data/Bernd_Bestel.asc"
|
||
|
RUN set -o pipefail && \
|
||
|
export GNUPGHOME=$(mktemp -d) && \
|
||
|
wget ${GROCY_RELEASE_KEY_URI} -O - | gpg --batch --import && \
|
||
|
git clone --branch ${GROCY_VERSION} --config advice.detachedHead=false --depth 1 "https://github.com/grocy/grocy.git" . && \
|
||
|
git verify-commit ${GROCY_VERSION} && \
|
||
|
rm -rf ${GNUPGHOME} && \
|
||
|
mkdir data/viewcache && \
|
||
|
cp config-dist.php data/config.php
|
||
|
|
||
|
# Install application dependencies
|
||
|
RUN COMPOSER_OAUTH=${GITHUB_API_TOKEN:+"\"github.com\": \"${GITHUB_API_TOKEN}\""} && \
|
||
|
COMPOSER_AUTH="{\"github-oauth\": { ${COMPOSER_OAUTH} }}" composer install --no-interaction --no-dev --optimize-autoloader && \
|
||
|
composer clear-cache
|
||
|
|
||
|
# Remove build-time dependencies (privileged)
|
||
|
USER root
|
||
|
RUN apk del \
|
||
|
composer \
|
||
|
git \
|
||
|
gnupg \
|
||
|
wget
|
||
|
|
||
|
VOLUME ["/var/www/data"]
|
||
|
|
||
|
EXPOSE 9000
|
||
|
|
||
|
USER www-data
|
||
|
|
||
|
CMD ["php-fpm7"]
|