mirror of
https://github.com/wekan/wekan.git
synced 2025-12-27 12:48:49 +01:00
Download node from sandstorm in Dockerfile.
This commit is contained in:
Lauri Ojansivu
parent
8fbbc104f7
commit
bbdb6a90b2
1 changed files with 68 additions and 15 deletions
83
Dockerfile
83
Dockerfile
|
|
@ -28,10 +28,10 @@ ENV SRC_PATH ${SRC_PATH:-./}
|
|||
COPY ${SRC_PATH} /home/wekan/app
|
||||
|
||||
RUN \
|
||||
# Add non-root user wekan
|
||||
echo "=== Add non-root user wekan" && \
|
||||
useradd --user-group --system --home-dir /home/wekan wekan && \
|
||||
\
|
||||
# OS dependencies
|
||||
echo "=== OS dependencies" && \
|
||||
apt-get update -y && apt-get install -y --no-install-recommends ${BUILD_DEPS} && \
|
||||
\
|
||||
# Download nodejs
|
||||
|
|
@ -45,13 +45,65 @@ RUN \
|
|||
# Also see beginning of wekan/server/authentication.js
|
||||
# import Fiber from "fibers";
|
||||
# Fiber.poolSize = 1e9;
|
||||
echo "=== Getting newest Node from Sandstorm fork of Node" && \
|
||||
echo "=== Source: https://github.com/sandstorm-io/node ===" && \
|
||||
\
|
||||
# From https://github.com/sandstorm-io/sandstorm/blob/master/branch.conf
|
||||
SANDSTORM_BRANCH_NUMBER=0 && \
|
||||
\
|
||||
# From https://github.com/sandstorm-io/sandstorm/blob/master/release.sh
|
||||
SANDSTORM_CHANNEL=dev && \
|
||||
SANDSTORM_LAST_BUILD=$(curl -fs https://install.sandstorm.io/$SANDSTORM_CHANNEL) && \
|
||||
\
|
||||
echo "=== Latest Sandstorm Release: ${SANDSTORM_LAST_BUILD}===" && \
|
||||
if (( SANDSTORM_LAST_BUILD / 1000 > SANDSTORM_BRANCH_NUMBER )); && \
|
||||
then && \
|
||||
echo "SANDSTORM BRANCH ERROR: $CHANNEL has already moved past this branch!" >&2 && \
|
||||
echo " I refuse to replace it with an older branch." >&2 && \
|
||||
exit 1 && \
|
||||
fi && \
|
||||
BASE_BUILD=$(( BRANCH_NUMBER * 1000 )) && \
|
||||
BUILD=$(( BASE_BUILD > LAST_BUILD ? BASE_BUILD : LAST_BUILD + 1 )) && \
|
||||
BUILD_MINOR="$(( $BUILD % 1000 ))" && \
|
||||
DISPLAY_VERSION="${BRANCH_NUMBER}.${BUILD_MINOR}" && \
|
||||
TAG_NAME="v${DISPLAY_VERSION}" && \
|
||||
SIGNING_KEY_ID=160D2D577518B58D94C9800B63F227499DA8CCBD && \
|
||||
TARBALL=sandstorm-$SANDSTORM_LAST_BUILD.tar.xz && \
|
||||
NODE_EXE=sandstorm-$SANDSTORM_LAST_BUILD/bin/node && \
|
||||
echo "=== Downloading Sandstorm GPG keys to verify Sandstorm release" && \
|
||||
# Do verification in custom GPG workspace
|
||||
# https://docs.sandstorm.io/en/latest/install/#option-3-pgp-verified-install
|
||||
export GNUPGHOME=$(mktemp -d) && \
|
||||
curl https://raw.githubusercontent.com/sandstorm-io/sandstorm/master/keys/release-keyring.gpg | gpg --import && \
|
||||
wget https://raw.githubusercontent.com/sandstorm-io/sandstorm/master/keys/release-certificate.kentonv.sig && \
|
||||
gpg --decrypt release-certificate.kentonv.sig && \
|
||||
echo "=== Downloading Sandstorm release from https://dl.sandstorm.io/${TARBALL} ===" && \
|
||||
wget https://dl.sandstorm.io/$TARBALL && \
|
||||
echo "=== Downloading signature for Sandstorm release from https://dl.sandstorm.io/${TARBALL}.sig ===" && \
|
||||
wget https://dl.sandstorm.io/$TARBALL.sig && \
|
||||
echo "=== Verifying signature of Sandstorm release" && \
|
||||
gpg --verify $TARBALL.sig $TARBALL && \
|
||||
\
|
||||
if [ $? -eq 0 ] && \
|
||||
then && \
|
||||
echo "=== All is well. Good signature in Sandstorm." && \
|
||||
else && \
|
||||
echo "=== PROBLEM WITH SANDSTORM SIGNATURE." && \
|
||||
exit 1 && \
|
||||
fi && \
|
||||
echo "=== Extracting Node from Sandstorm release tarball" && \
|
||||
# --strip 2 removes path of 2 subdirectories
|
||||
tar -xf $TARBALL $NODE_EXE --strip=2 && \
|
||||
echo "=== Deleting Sandstorm release tarball and signature" && \
|
||||
rm $TARBALL $TARBALL.sig release-certificate.kentonv.si* && \
|
||||
# == OLD ==
|
||||
# Download node version 8.11.1 that has fix included, node binary copied from Sandstorm
|
||||
# Description at https://releases.wekan.team/node.txt
|
||||
wget https://releases.wekan.team/node-${NODE_VERSION}-${ARCHITECTURE}.tar.gz && \
|
||||
echo "308d0caaef0a1da3e98d1a1615016aad9659b3caf31d0f09ced20cabedb8acbf node-v8.11.1-linux-x64.tar.gz" >> SHASUMS256.txt.asc && \
|
||||
\
|
||||
##wget https://releases.wekan.team/node-${NODE_VERSION}-${ARCHITECTURE}.tar.gz && \
|
||||
##echo "308d0caaef0a1da3e98d1a1615016aad9659b3caf31d0f09ced20cabedb8acbf node-v8.11.1-linux-x64.tar.gz" >> SHASUMS256.txt.asc && \
|
||||
##\
|
||||
# Verify nodejs authenticity
|
||||
grep ${NODE_VERSION}-${ARCHITECTURE}.tar.gz SHASUMS256.txt.asc | shasum -a 256 -c - && \
|
||||
##grep ${NODE_VERSION}-${ARCHITECTURE}.tar.gz SHASUMS256.txt.asc | shasum -a 256 -c - && \
|
||||
#export GNUPGHOME="$(mktemp -d)" && \
|
||||
#\
|
||||
# Try other key servers if ha.pool.sks-keyservers.net is unreachable
|
||||
|
|
@ -75,24 +127,25 @@ RUN \
|
|||
# Ignore socket files then delete files then delete directories
|
||||
#find "$GNUPGHOME" -type f | xargs rm -f && \
|
||||
#find "$GNUPGHOME" -type d | xargs rm -fR && \
|
||||
rm -f SHASUMS256.txt.asc && \
|
||||
##rm -f SHASUMS256.txt.asc && \
|
||||
\
|
||||
# Install Node
|
||||
tar xvzf node-${NODE_VERSION}-${ARCHITECTURE}.tar.gz && \
|
||||
rm node-${NODE_VERSION}-${ARCHITECTURE}.tar.gz && \
|
||||
mv node-${NODE_VERSION}-${ARCHITECTURE} /opt/nodejs && \
|
||||
#tar xvzf node-${NODE_VERSION}-${ARCHITECTURE}.tar.gz && \
|
||||
#rm node-${NODE_VERSION}-${ARCHITECTURE}.tar.gz && \
|
||||
#mv node-${NODE_VERSION}-${ARCHITECTURE} /opt/nodejs && \
|
||||
mv node /opt/nodejs && \
|
||||
ln -s /opt/nodejs/bin/node /usr/bin/node && \
|
||||
ln -s /opt/nodejs/bin/npm /usr/bin/npm && \
|
||||
\
|
||||
#DOES NOT WORK: paxctl fix for alpine linux: https://github.com/wekan/wekan/issues/1303
|
||||
#paxctl -mC `which node` && \
|
||||
\
|
||||
# Install Node dependencies
|
||||
echo "=== Install Node dependencies" && \
|
||||
npm install -g npm@${NPM_VERSION} && \
|
||||
npm install -g node-gyp && \
|
||||
npm install -g fibers@${FIBERS_VERSION} && \
|
||||
\
|
||||
# Change user to wekan and install meteor
|
||||
echo "=== Change user to wekan and install meteor" && \
|
||||
cd /home/wekan/ && \
|
||||
chown wekan:wekan --recursive /home/wekan && \
|
||||
curl https://install.meteor.com -o /home/wekan/install_meteor.sh && \
|
||||
|
|
@ -107,7 +160,7 @@ RUN \
|
|||
gosu wekan:wekan git clone --recursive --depth 1 -b release/METEOR@${METEOR_EDGE} git://github.com/meteor/meteor.git /home/wekan/.meteor; \
|
||||
fi; \
|
||||
\
|
||||
# Get additional packages
|
||||
echo "=== Get additional packages" && \
|
||||
mkdir -p /home/wekan/app/packages && \
|
||||
chown wekan:wekan --recursive /home/wekan && \
|
||||
cd /home/wekan/app/packages && \
|
||||
|
|
@ -117,7 +170,7 @@ RUN \
|
|||
cd /home/wekan/.meteor && \
|
||||
gosu wekan:wekan /home/wekan/.meteor/meteor -- help; \
|
||||
\
|
||||
# Build app
|
||||
echo "=== Build app" && \
|
||||
cd /home/wekan/app && \
|
||||
gosu wekan:wekan /home/wekan/.meteor/meteor add standard-minifier-js && \
|
||||
gosu wekan:wekan /home/wekan/.meteor/meteor npm install && \
|
||||
|
|
@ -135,7 +188,7 @@ RUN \
|
|||
#gosu wekan:wekan npm install bcrypt && \
|
||||
mv /home/wekan/app_build/bundle /build && \
|
||||
\
|
||||
# Cleanup
|
||||
echo "=== Cleanup" && \
|
||||
apt-get remove --purge -y ${BUILD_DEPS} && \
|
||||
apt-get autoremove -y && \
|
||||
rm -R /var/lib/apt/lists/* && \
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue