dockers/grocy-docker/Dockerfile-grocy

90 lines
2.8 KiB
Docker
Raw Normal View History

2023-01-26 21:03:03 +00:00
FROM alpine:3.12.3
LABEL maintainer "Talmai Oliveira <to@talm.ai>, James Addison <jay@jp-hosting.net>"
ARG GROCY_VERSION
# Optionally authenticate with GitHub using an API token
#
# This can reduce instances of download rate limiting by GitHub
# https://developer.github.com/v3/#rate-limiting
#
# This value is *not* assigned to a variable using the ENV instruction,
# since those variables are persisted in the resulting image and could leak
# developer credentials
# https://docs.docker.com/engine/reference/builder/#env
ARG GITHUB_API_TOKEN
# ensure www-data user exists
RUN set -eux; \
addgroup -g 82 -S www-data; \
adduser -u 82 -D -S -G www-data www-data
# 82 is the standard uid/gid for "www-data" in Alpine
# https://git.alpinelinux.org/aports/tree/main/apache2/apache2.pre-install?h=3.9-stable
# https://git.alpinelinux.org/aports/tree/main/lighttpd/lighttpd.pre-install?h=3.9-stable
# https://git.alpinelinux.org/aports/tree/main/nginx/nginx.pre-install?h=3.9-stable
# Install build-time dependencies
RUN apk update && \
apk add --no-cache \
composer \
git \
gnupg \
wget
# Install system dependencies
RUN apk add --no-cache \
php7-ctype \
php7-fpm \
php7-exif \
php7-fileinfo \
php7-gd \
php7-iconv \
php7-json \
php7-ldap \
php7-pdo_sqlite \
php7-simplexml \
php7-tokenizer
# Configure directory permissions
RUN chown www-data /var/log/php7 && \
mkdir /var/www && \
chown www-data /var/www
COPY docker_grocy/www.conf /etc/php7/php-fpm.d/zz-docker.conf
# Install application dependencies (unprivileged)
USER www-data
WORKDIR /var/www
# Extract application release package
ENV GROCY_RELEASE_KEY_URI="https://berrnd.de/data/Bernd_Bestel.asc"
RUN set -o pipefail && \
export GNUPGHOME=$(mktemp -d) && \
wget ${GROCY_RELEASE_KEY_URI} -O - | gpg --batch --import && \
git clone --branch ${GROCY_VERSION} --config advice.detachedHead=false --depth 1 "https://github.com/grocy/grocy.git" . && \
git verify-commit ${GROCY_VERSION} && \
rm -rf ${GNUPGHOME} && \
mkdir data/viewcache && \
cp config-dist.php data/config.php
# Install application dependencies
RUN COMPOSER_OAUTH=${GITHUB_API_TOKEN:+"\"github.com\": \"${GITHUB_API_TOKEN}\""} && \
COMPOSER_AUTH="{\"github-oauth\": { ${COMPOSER_OAUTH} }}" composer install --no-interaction --no-dev --optimize-autoloader && \
composer clear-cache
# Remove build-time dependencies (privileged)
USER root
RUN apk del \
composer \
git \
gnupg \
wget
VOLUME ["/var/www/data"]
EXPOSE 9000
USER www-data
CMD ["php-fpm7"]