2022-04-26 17:31:52 +03:00
|
|
|
# syntax=docker/dockerfile:1
|
2019-02-05 16:42:21 +03:00
|
|
|
# Dockerfile to build the matrixdotorg/synapse docker images.
|
|
|
|
#
|
2022-01-12 13:37:57 +03:00
|
|
|
# Note that it uses features which are only available in BuildKit - see
|
|
|
|
# https://docs.docker.com/go/buildkit/ for more information.
|
|
|
|
#
|
2019-02-05 16:42:21 +03:00
|
|
|
# To build the image, run `docker build` command from the root of the
|
|
|
|
# synapse repository:
|
|
|
|
#
|
2022-01-12 13:37:57 +03:00
|
|
|
# DOCKER_BUILDKIT=1 docker build -f docker/Dockerfile .
|
2019-02-05 16:42:21 +03:00
|
|
|
#
|
|
|
|
# There is an optional PYTHON_VERSION build argument which sets the
|
|
|
|
# version of python to build against: for example:
|
|
|
|
#
|
2022-03-01 16:55:18 +03:00
|
|
|
# DOCKER_BUILDKIT=1 docker build -f docker/Dockerfile --build-arg PYTHON_VERSION=3.10 .
|
2019-02-05 16:42:21 +03:00
|
|
|
#
|
|
|
|
|
2022-04-07 14:43:31 +03:00
|
|
|
# Irritatingly, there is no blessed guide on how to distribute an application with its
|
|
|
|
# poetry-managed environment in a docker image. We have opted for
|
|
|
|
# `poetry export | pip install -r /dev/stdin`, but there are known bugs in
|
|
|
|
# in `poetry export` whose fixes (scheduled for poetry 1.2) have yet to be released.
|
|
|
|
# In case we get bitten by those bugs in the future, the recommendations here might
|
|
|
|
# be useful:
|
|
|
|
# https://github.com/python-poetry/poetry/discussions/1879#discussioncomment-216865
|
|
|
|
# https://stackoverflow.com/questions/53835198/integrating-python-poetry-with-docker?answertab=scoredesc
|
|
|
|
|
|
|
|
|
|
|
|
|
2022-03-01 16:55:18 +03:00
|
|
|
ARG PYTHON_VERSION=3.9
|
2018-02-03 22:18:36 +03:00
|
|
|
|
2018-10-01 14:29:17 +03:00
|
|
|
###
|
2022-04-07 14:43:31 +03:00
|
|
|
### Stage 0: generate requirements.txt
|
2018-10-01 14:29:17 +03:00
|
|
|
###
|
2022-04-07 14:43:31 +03:00
|
|
|
FROM docker.io/python:${PYTHON_VERSION}-slim as requirements
|
2018-09-10 17:02:42 +03:00
|
|
|
|
2022-01-12 13:37:57 +03:00
|
|
|
# RUN --mount is specific to buildkit and is documented at
|
|
|
|
# https://github.com/moby/buildkit/blob/master/frontend/dockerfile/docs/syntax.md#build-mounts-run---mount.
|
2022-04-07 14:43:31 +03:00
|
|
|
# Here we use it to set up a cache for apt (and below for pip), to improve
|
|
|
|
# rebuild speeds on slow connections.
|
|
|
|
RUN \
|
|
|
|
--mount=type=cache,target=/var/cache/apt,sharing=locked \
|
|
|
|
--mount=type=cache,target=/var/lib/apt,sharing=locked \
|
2022-08-03 13:16:32 +03:00
|
|
|
apt-get update -qq && apt-get install -yqq \
|
|
|
|
build-essential cargo git libffi-dev libssl-dev \
|
2022-04-07 14:43:31 +03:00
|
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
|
|
|
|
# We install poetry in its own build stage to avoid its dependencies conflicting with
|
|
|
|
# synapse's dependencies.
|
2022-07-15 18:18:47 +03:00
|
|
|
# We use a specific commit from poetry's master branch instead of our usual 1.1.14,
|
2022-04-07 14:43:31 +03:00
|
|
|
# to incorporate fixes to some bugs in `poetry export`. This commit corresponds to
|
|
|
|
# https://github.com/python-poetry/poetry/pull/5156 and
|
|
|
|
# https://github.com/python-poetry/poetry/issues/5141 ;
|
|
|
|
# without it, we generate a requirements.txt with incorrect environment markers,
|
|
|
|
# which causes necessary packages to be omitted when we `pip install`.
|
2022-01-12 13:37:57 +03:00
|
|
|
#
|
2022-04-07 14:43:31 +03:00
|
|
|
# NB: In poetry 1.2 `poetry export` will be moved into a plugin; we'll need to also
|
|
|
|
# pip install poetry-plugin-export (https://github.com/python-poetry/poetry-plugin-export).
|
|
|
|
RUN --mount=type=cache,target=/root/.cache/pip \
|
2022-05-24 13:35:08 +03:00
|
|
|
pip install --user "poetry-core==1.1.0a7" "git+https://github.com/python-poetry/poetry.git@fb13b3a676f476177f7937ffa480ee5cff9a90a5"
|
2022-04-07 14:43:31 +03:00
|
|
|
|
|
|
|
WORKDIR /synapse
|
|
|
|
|
|
|
|
# Copy just what we need to run `poetry export`...
|
2022-04-20 19:33:20 +03:00
|
|
|
COPY pyproject.toml poetry.lock /synapse/
|
2022-04-07 14:43:31 +03:00
|
|
|
|
2022-07-01 18:42:49 +03:00
|
|
|
|
|
|
|
# If specified, we won't verify the hashes of dependencies.
|
|
|
|
# This is only needed if the hashes of dependencies cannot be checked for some
|
|
|
|
# reason, such as when a git repository is used directly as a dependency.
|
|
|
|
ARG TEST_ONLY_SKIP_DEP_HASH_VERIFICATION
|
|
|
|
|
2022-08-01 13:55:31 +03:00
|
|
|
# If specified, we won't use the Poetry lockfile.
|
|
|
|
# Instead, we'll just install what a regular `pip install` would from PyPI.
|
|
|
|
ARG TEST_ONLY_IGNORE_POETRY_LOCKFILE
|
|
|
|
|
|
|
|
# Export the dependencies, but only if we're actually going to use the Poetry lockfile.
|
|
|
|
# Otherwise, just create an empty requirements file so that the Dockerfile can
|
|
|
|
# proceed.
|
|
|
|
RUN if [ -z "$TEST_ONLY_IGNORE_POETRY_LOCKFILE" ]; then \
|
|
|
|
/root/.local/bin/poetry export --extras all -o /synapse/requirements.txt ${TEST_ONLY_SKIP_DEP_HASH_VERIFICATION:+--without-hashes}; \
|
|
|
|
else \
|
|
|
|
touch /synapse/requirements.txt; \
|
|
|
|
fi
|
2022-04-07 14:43:31 +03:00
|
|
|
|
|
|
|
###
|
|
|
|
### Stage 1: builder
|
|
|
|
###
|
|
|
|
FROM docker.io/python:${PYTHON_VERSION}-slim as builder
|
|
|
|
|
|
|
|
# install the OS build deps
|
2022-01-12 13:37:57 +03:00
|
|
|
RUN \
|
|
|
|
--mount=type=cache,target=/var/cache/apt,sharing=locked \
|
|
|
|
--mount=type=cache,target=/var/lib/apt,sharing=locked \
|
2022-06-15 17:42:27 +03:00
|
|
|
apt-get update -qq && apt-get install -yqq \
|
2021-03-26 21:42:58 +03:00
|
|
|
build-essential \
|
|
|
|
libffi-dev \
|
|
|
|
libjpeg-dev \
|
|
|
|
libpq-dev \
|
|
|
|
libssl-dev \
|
|
|
|
libwebp-dev \
|
|
|
|
libxml++2.6-dev \
|
|
|
|
libxslt1-dev \
|
|
|
|
openssl \
|
|
|
|
rustc \
|
|
|
|
zlib1g-dev \
|
2022-07-01 18:42:49 +03:00
|
|
|
git \
|
2021-03-26 21:42:58 +03:00
|
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
|
|
|
|
# To speed up rebuilds, install all of the dependencies before we copy over
|
2022-04-07 14:43:31 +03:00
|
|
|
# the whole synapse project, so that this layer in the Docker cache can be
|
2021-03-26 21:42:58 +03:00
|
|
|
# used while you develop on the source
|
|
|
|
#
|
2022-04-07 14:43:31 +03:00
|
|
|
# This is aiming at installing the `[tool.poetry.depdendencies]` from pyproject.toml.
|
|
|
|
COPY --from=requirements /synapse/requirements.txt /synapse/
|
2022-01-12 13:37:57 +03:00
|
|
|
RUN --mount=type=cache,target=/root/.cache/pip \
|
2022-04-12 12:16:01 +03:00
|
|
|
pip install --prefix="/install" --no-deps --no-warn-script-location -r /synapse/requirements.txt
|
2021-03-26 21:42:58 +03:00
|
|
|
|
2022-04-07 14:43:31 +03:00
|
|
|
# Copy over the rest of the synapse source code.
|
2021-03-26 21:42:58 +03:00
|
|
|
COPY synapse /synapse/synapse/
|
2022-04-07 14:43:31 +03:00
|
|
|
# ... and what we need to `pip install`.
|
2022-04-20 19:33:20 +03:00
|
|
|
COPY pyproject.toml README.rst /synapse/
|
2021-03-26 21:42:58 +03:00
|
|
|
|
2022-08-01 13:55:31 +03:00
|
|
|
# Repeat of earlier build argument declaration, as this is a new build stage.
|
|
|
|
ARG TEST_ONLY_IGNORE_POETRY_LOCKFILE
|
|
|
|
|
2022-04-07 14:43:31 +03:00
|
|
|
# Install the synapse package itself.
|
2022-08-01 13:55:31 +03:00
|
|
|
# If we have populated requirements.txt, we don't install any dependencies
|
|
|
|
# as we should already have those from the previous `pip install` step.
|
|
|
|
RUN if [ -z "$TEST_ONLY_IGNORE_POETRY_LOCKFILE" ]; then \
|
|
|
|
pip install --prefix="/install" --no-deps --no-warn-script-location /synapse[all]; \
|
|
|
|
else \
|
|
|
|
pip install --prefix="/install" --no-warn-script-location /synapse[all]; \
|
|
|
|
fi
|
2018-10-01 14:29:17 +03:00
|
|
|
|
|
|
|
###
|
2022-04-07 14:43:31 +03:00
|
|
|
### Stage 2: runtime
|
2018-10-01 14:29:17 +03:00
|
|
|
###
|
|
|
|
|
2020-07-17 19:40:53 +03:00
|
|
|
FROM docker.io/python:${PYTHON_VERSION}-slim
|
2018-10-01 14:29:17 +03:00
|
|
|
|
2021-04-08 15:49:14 +03:00
|
|
|
LABEL org.opencontainers.image.url='https://matrix.org/docs/projects/server/synapse'
|
|
|
|
LABEL org.opencontainers.image.documentation='https://github.com/matrix-org/synapse/blob/master/docker/README.md'
|
|
|
|
LABEL org.opencontainers.image.source='https://github.com/matrix-org/synapse.git'
|
|
|
|
LABEL org.opencontainers.image.licenses='Apache-2.0'
|
|
|
|
|
2022-01-12 13:37:57 +03:00
|
|
|
RUN \
|
|
|
|
--mount=type=cache,target=/var/cache/apt,sharing=locked \
|
|
|
|
--mount=type=cache,target=/var/lib/apt,sharing=locked \
|
2022-06-15 17:42:27 +03:00
|
|
|
apt-get update -qq && apt-get install -yqq \
|
2021-03-26 21:42:58 +03:00
|
|
|
curl \
|
|
|
|
gosu \
|
|
|
|
libjpeg62-turbo \
|
|
|
|
libpq5 \
|
|
|
|
libwebp6 \
|
|
|
|
xmlsec1 \
|
|
|
|
libjemalloc2 \
|
|
|
|
libssl-dev \
|
|
|
|
openssl \
|
|
|
|
&& rm -rf /var/lib/apt/lists/*
|
2018-10-01 14:29:17 +03:00
|
|
|
|
|
|
|
COPY --from=builder /install /usr/local
|
|
|
|
COPY ./docker/start.py /start.py
|
|
|
|
COPY ./docker/conf /conf
|
|
|
|
|
2019-02-05 16:42:21 +03:00
|
|
|
EXPOSE 8008/tcp 8009/tcp 8448/tcp
|
2018-02-04 14:55:20 +03:00
|
|
|
|
2018-02-03 22:18:36 +03:00
|
|
|
ENTRYPOINT ["/start.py"]
|
2020-08-24 20:15:18 +03:00
|
|
|
|
2021-05-05 18:33:04 +03:00
|
|
|
HEALTHCHECK --start-period=5s --interval=15s --timeout=5s \
|
2021-03-26 21:42:58 +03:00
|
|
|
CMD curl -fSs http://localhost:8008/health || exit 1
|