~cytrogen/srht-deploy

ref: 098f0ded66b5f614ec99f0d3efb89b3a5b1bc0f6 srht-deploy/todo-custom/Dockerfile -rw-r--r-- 3.2 KiB
098f0ded — Cytrogen 初始提交:sourcehut Docker Compose 自托管部署 10 days ago 
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
# === Stage 1: Build core.sr.ht + todo.sr.ht from source ===
# k8ieone 不提供 todo.sr.ht 镜像,需从源码构建
FROM docker.io/library/alpine:3.20 AS builder

RUN adduser -D builder
# 启用 community 仓库(py3-graphql-core 等依赖需要)
RUN echo "https://dl-cdn.alpinelinux.org/alpine/v3.20/community" >> /etc/apk/repositories
RUN apk add git alpine-sdk sudo nodejs npm go sassc minify
RUN echo "builder ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/builder \
    && chmod 0440 /etc/sudoers.d/builder
RUN sudo -u builder abuild-keygen -a -i -n
RUN addgroup builder abuild

RUN git clone https://git.sr.ht/~sircmpwn/sr.ht-apkbuilds
RUN chown -R builder:builder /sr.ht-apkbuilds

# --- core.sr.ht 依赖 ---
WORKDIR /sr.ht-apkbuilds/sr.ht/py3-mistletoe
RUN sudo -u builder abuild -r -K
WORKDIR /sr.ht-apkbuilds/sr.ht/py3-celery
RUN sudo -u builder abuild -r -K
WORKDIR /sr.ht-apkbuilds/sr.ht/py3-infinity
RUN sudo -u builder abuild -r -K
WORKDIR /sr.ht-apkbuilds/sr.ht/py3-intervals
RUN sudo -u builder abuild -r -K
WORKDIR /sr.ht-apkbuilds/sr.ht/py3-orderedmultidict
RUN sudo -u builder abuild -r -K
WORKDIR /sr.ht-apkbuilds/sr.ht/py3-furl
RUN sudo -u builder abuild -r -K

# --- core.sr.ht(同时产出 core.sr.ht-dev、py3-srht 子包)---
WORKDIR /sr.ht-apkbuilds/sr.ht/core.sr.ht
RUN sudo -u builder abuild checksum
RUN sudo -u builder abuild -r -K

# --- todo.sr.ht 额外构建依赖 ---
# py3-graphql-core 在 Alpine 3.20 不存在,从 edge 安装
RUN apk add --repository https://dl-cdn.alpinelinux.org/alpine/edge/community py3-graphql-core
WORKDIR /sr.ht-apkbuilds/sr.ht/py3-autoflake
RUN sudo -u builder abuild -r -K
WORKDIR /sr.ht-apkbuilds/sr.ht/ariadne-codegen
# Alpine 3.20 的 hatchling 太旧,不支持新版 license-files 格式
RUN apk add py3-pip && pip3 install --break-system-packages hatchling --upgrade
RUN sudo -u builder abuild -r -K
WORKDIR /sr.ht-apkbuilds/sr.ht/sourcehut-migrate
RUN sudo -u builder abuild -r -K

# --- todo.sr.ht ---
WORKDIR /sr.ht-apkbuilds/sr.ht/todo.sr.ht
RUN sudo -u builder abuild checksum
RUN sudo -u builder abuild -r -K


# === Stage 2: Runner ===
FROM docker.io/library/alpine:3.20

RUN echo "https://dl-cdn.alpinelinux.org/alpine/v3.20/community" >> /etc/apk/repositories

COPY --from=builder /home/builder/packages /home/builder/packages
COPY --from=builder /etc/apk/keys/builder* /etc/apk/keys/

RUN apk add --repository /home/builder/packages/sr.ht todo.sr.ht
RUN apk add nginx sudo py3-alembic py3-pip
# celery 5.5.3 需要 kombu >= 5.4,Alpine 3.20 只有 5.3.7
RUN pip3 install --break-system-packages 'kombu>=5.4'

# core.sr.ht 0.78.6 重命名了部分 API,todo.sr.ht 0.77.5 仍使用旧名
COPY compat_oauth.py /tmp/compat_oauth.py
RUN python3 /tmp/compat_oauth.py && rm /tmp/compat_oauth.py

RUN adduser -D srht

# --- Jinja2 修复 ---
COPY fix_jinja2_do.py /tmp/fix_jinja2_do.py
RUN python3 /tmp/fix_jinja2_do.py && rm /tmp/fix_jinja2_do.py

# 创建 nginx 静态文件符号链接(适配 Python 版本)
RUN PYVER=$(python3 -c 'import sys; print(f"{sys.version_info.major}.{sys.version_info.minor}")') \
    && ln -sf /usr/lib/python${PYVER}/site-packages/todosrht /srv/todosrht

COPY start.sh /start.sh
COPY nginx.conf /etc/nginx/http.d/default.conf

CMD ["/bin/sh", "/start.sh"]