From e8853d224f50ff7d985d2525a252d7b7b7f9e392 Mon Sep 17 00:00:00 2001
From: Tulir Asokan <tulir@maunium.net>
Date: Tue, 15 Aug 2023 14:31:09 +0300
Subject: [PATCH] Add meow dockerfile
N.B. requires requirements.txt to be generated in repo root beforehand
---
.dockerignore | 1 +
.gitlab-ci.yml | 19 ++++++++++++++++
Dockerfile | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 82 insertions(+)
create mode 100644 .gitlab-ci.yml
create mode 100644 Dockerfile
diff --git a/.dockerignore b/.dockerignore
index 0b51345cbd..c7d7137131 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -8,6 +8,7 @@
!README.rst
!pyproject.toml
!poetry.lock
+!requirements.txt
!Cargo.lock
!Cargo.toml
!build_rust.py
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 0000000000..8e7d10e126
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,19 @@
+image: docker:stable
+
+stages:
+- build
+
+build amd64:
+ stage: build
+ tags:
+ - amd64
+ only:
+ - master
+ before_script:
+ - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
+ script:
+ - synversion=$(cat pyproject.toml | grep '^version =' | sed -E 's/^version = "(.+)"$/\1/')
+ - docker build --tag $CI_REGISTRY_IMAGE:latest --tag $CI_REGISTRY_IMAGE:$synversion .
+ - docker push $CI_REGISTRY_IMAGE:latest
+ - docker push $CI_REGISTRY_IMAGE:$synversion
+ - docker rmi $CI_REGISTRY_IMAGE:latest $CI_REGISTRY_IMAGE:$synversion
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000000..45c5ac5820
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,62 @@
+ARG PYTHON_VERSION=3.13
+
+FROM docker.io/python:${PYTHON_VERSION}-slim as builder
+
+RUN apt-get update && apt-get install -y \
+ build-essential \
+ libffi-dev \
+ libjpeg-dev \
+ libpq-dev \
+ libssl-dev \
+ libwebp-dev \
+ libxml++2.6-dev \
+ libxslt1-dev \
+ zlib1g-dev \
+ openssl \
+ git \
+ curl \
+ && rm -rf /var/lib/apt/lists/*
+
+ENV RUSTUP_HOME=/rust
+ENV CARGO_HOME=/cargo
+ENV PATH=/cargo/bin:/rust/bin:$PATH
+RUN mkdir /rust /cargo
+
+RUN curl -sSf https://sh.rustup.rs | sh -s -- -y --no-modify-path --default-toolchain stable
+
+COPY synapse /synapse/synapse/
+COPY rust /synapse/rust/
+COPY README.rst pyproject.toml requirements.txt build_rust.py /synapse/
+
+RUN pip install --prefix="/install" --no-warn-script-location --ignore-installed \
+ --no-deps -r /synapse/requirements.txt \
+ && pip install --prefix="/install" --no-warn-script-location \
+ --no-deps \
+ 'synapse-simple-antispam @ git+https://github.com/maunium/synapse-simple-antispam' \
+ 'synapse-http-antispam @ git+https://github.com/maunium/synapse-http-antispam' \
+ 'shared_secret_authenticator @ git+https://github.com/devture/matrix-synapse-shared-secret-auth@2.0.3' \
+ && pip install --prefix="/install" --no-warn-script-location \
+ --no-deps /synapse
+
+FROM docker.io/python:${PYTHON_VERSION}-slim
+
+RUN apt-get update && apt-get install -y \
+ curl \
+ libjpeg62-turbo \
+ libpq5 \
+ libwebp7 \
+ xmlsec1 \
+ libjemalloc2 \
+ openssl \
+ && rm -rf /var/lib/apt/lists/*
+
+COPY --from=builder /install /usr/local
+
+VOLUME ["/data"]
+ENV LD_PRELOAD="/usr/lib/x86_64-linux-gnu/libjemalloc.so.2"
+
+ENTRYPOINT ["python3", "-m", "synapse.app.homeserver"]
+CMD ["--keys-directory", "/data", "-c", "/data/homeserver.yaml"]
+
+HEALTHCHECK --start-period=5s --interval=1m --timeout=5s \
+ CMD curl -fSs http://localhost:8008/health || exit 1
--
GitLab