175 lines
4.0 KiB
Docker
175 lines
4.0 KiB
Docker
ARG PYTHON_IMAGE=python:3.11-slim-bookworm
|
|
ARG UV_IMAGE=ghcr.io/astral-sh/uv:0.7.2
|
|
ARG GOLDEN_WEB_IMAGE=web-deps-base
|
|
ARG GOLDEN_CELERY_IMAGE=celery-deps-base
|
|
|
|
FROM ${UV_IMAGE} AS uv-bin
|
|
|
|
FROM ${PYTHON_IMAGE} AS base
|
|
|
|
ENV PYTHONDONTWRITEBYTECODE=1 \
|
|
PYTHONUNBUFFERED=1 \
|
|
UV_COMPILE_BYTECODE=1 \
|
|
UV_LINK_MODE=copy \
|
|
UV_PYTHON_DOWNLOADS=never \
|
|
UV_PROJECT_ENVIRONMENT=/app/.venv
|
|
|
|
WORKDIR /app
|
|
|
|
RUN groupadd -r appgroup && useradd -r -g appgroup -m appuser
|
|
|
|
COPY --from=uv-bin /uv /uvx /usr/local/bin/
|
|
|
|
|
|
FROM base AS builder-base
|
|
|
|
# hadolint ignore=DL3008
|
|
RUN apt-get update \
|
|
&& apt-get install -y --no-install-recommends \
|
|
build-essential \
|
|
gcc \
|
|
libpq-dev \
|
|
libffi-dev \
|
|
libxml2-dev \
|
|
libxslt1-dev \
|
|
zlib1g-dev \
|
|
pkg-config \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
COPY pyproject.toml uv.lock ./
|
|
|
|
|
|
FROM builder-base AS prod-deps-base
|
|
|
|
RUN uv sync --frozen --no-install-project
|
|
|
|
|
|
FROM builder-base AS ci-deps-build
|
|
|
|
RUN uv sync --frozen --no-install-project --dev
|
|
|
|
|
|
FROM base AS ci-deps-base
|
|
|
|
COPY --from=ci-deps-build /app/.venv /app/.venv
|
|
|
|
ENV PATH="/app/.venv/bin:${PATH}" \
|
|
PYTHONPATH=/workspace/src \
|
|
DJANGO_SETTINGS_MODULE=settings.test
|
|
|
|
|
|
FROM ci-deps-base AS web-deps-base
|
|
|
|
USER root
|
|
|
|
# hadolint ignore=DL3008
|
|
RUN apt-get update \
|
|
&& apt-get install -y --no-install-recommends \
|
|
curl \
|
|
libpq5 \
|
|
libffi8 \
|
|
libxml2 \
|
|
libxslt1.1 \
|
|
zlib1g \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
RUN mkdir -p logs media staticfiles input/fns input/fns/processed input/fns/failed src/static \
|
|
&& chown -R appuser:appgroup logs media staticfiles input src/static
|
|
|
|
ENV PATH="/app/.venv/bin:${PATH}" \
|
|
PYTHONPATH=/app/src \
|
|
DJANGO_SETTINGS_MODULE=settings.dev \
|
|
POSTGRES_HOST=db \
|
|
POSTGRES_PORT=5432 \
|
|
POSTGRES_DB=mostovik \
|
|
POSTGRES_USER=postgres \
|
|
POSTGRES_PASSWORD=postgres \
|
|
POSTGRES_SSLMODE=disable \
|
|
REDIS_HOST=redis \
|
|
REDIS_CACHE_URL=redis://redis:6379/1 \
|
|
CELERY_BROKER_URL=redis://redis:6379/0 \
|
|
CELERY_RESULT_BACKEND=redis://redis:6379/0 \
|
|
PORT=8000 \
|
|
GUNICORN_WORKERS=4 \
|
|
GUNICORN_TIMEOUT=300 \
|
|
CELERY_LOG_LEVEL=INFO \
|
|
CELERY_WORKER_CONCURRENCY=2 \
|
|
CHECKO_API_KEY= \
|
|
ZAKUPKI_TOKEN= \
|
|
SUPERJOB_APP_ID= \
|
|
COLLECTSTATIC_ON_MIGRATE=0 \
|
|
BACKUP_ENCRYPTION_KEY= \
|
|
BACKUP_KEY_ID=default \
|
|
BACKUP_EXPORT_DIRECTORY=/app/media/backups \
|
|
STATE_CORP_EXCHANGE_URL= \
|
|
STATE_CORP_EXCHANGE_TOKEN= \
|
|
STATE_CORP_EXCHANGE_KEY_ID=state-corp-shared-token \
|
|
STATE_CORP_EXCHANGE_TIMEOUT_SECONDS=60
|
|
|
|
USER appuser
|
|
|
|
|
|
FROM ${GOLDEN_WEB_IMAGE} AS celery-deps-base
|
|
|
|
USER root
|
|
|
|
# Playwright/Chromium runtime dependencies.
|
|
# hadolint ignore=DL3008
|
|
RUN apt-get update \
|
|
&& apt-get install -y --no-install-recommends \
|
|
libnss3 \
|
|
libnspr4 \
|
|
libatk1.0-0 \
|
|
libatk-bridge2.0-0 \
|
|
libcups2 \
|
|
libdrm2 \
|
|
libdbus-1-3 \
|
|
libxkbcommon0 \
|
|
libxcomposite1 \
|
|
libxdamage1 \
|
|
libxfixes3 \
|
|
libxrandr2 \
|
|
libgbm1 \
|
|
libasound2 \
|
|
libpango-1.0-0 \
|
|
libcairo2 \
|
|
libatspi2.0-0 \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
ENV PLAYWRIGHT_BROWSERS_PATH=/app/.playwright
|
|
RUN python -m playwright install chromium \
|
|
&& chown -R appuser:appgroup /app/.playwright
|
|
|
|
USER appuser
|
|
|
|
|
|
FROM ${GOLDEN_WEB_IMAGE} AS runtime-web
|
|
|
|
WORKDIR /app
|
|
USER root
|
|
COPY src/ ./src/
|
|
COPY docker/scripts/ ./docker/scripts/
|
|
RUN mkdir -p logs media staticfiles input/fns input/fns/processed input/fns/failed src/static \
|
|
&& chmod +x /app/docker/scripts/*.sh \
|
|
&& chown -R appuser:appgroup logs media staticfiles input src/static docker/scripts
|
|
|
|
USER appuser
|
|
|
|
EXPOSE 8000
|
|
CMD ["/app/docker/scripts/start-web.sh"]
|
|
|
|
|
|
FROM ${GOLDEN_CELERY_IMAGE} AS runtime-celery
|
|
|
|
WORKDIR /app
|
|
USER root
|
|
COPY src/ ./src/
|
|
COPY docker/scripts/ ./docker/scripts/
|
|
RUN mkdir -p logs media staticfiles input/fns input/fns/processed input/fns/failed src/static \
|
|
&& chmod +x /app/docker/scripts/*.sh \
|
|
&& chown -R appuser:appgroup logs media staticfiles input src/static docker/scripts
|
|
|
|
USER appuser
|
|
|
|
CMD ["/app/docker/scripts/start-celery-worker.sh"]
|