build/piefed/piefed-base/Dockerfile

# Multi-stage build for smaller final image
FROM python:3.11-alpine3.21 AS builder

# Install build dependencies
RUN apk add --no-cache \
        pkgconfig \
        gcc \
        python3-dev \
        musl-dev \
        postgresql-dev \
        linux-headers \
        bash \
        git \
        curl

# Set working directory
WORKDIR /app

# Clone PieFed source
ARG PIEFED_VERSION=v1.5.1
RUN git clone https://codeberg.org/rimu/pyfedi.git /app \
    && cd /app \
    && git checkout ${PIEFED_VERSION} \
    && rm -rf .git

# Install Python dependencies to /app/venv and clean up cache/bytecode
RUN python -m venv /app/venv \
    && source /app/venv/bin/activate \
    && pip install --no-cache-dir -r requirements.txt \
    && pip install --no-cache-dir uwsgi \
    && find /app/venv -name "*.pyc" -delete \
    && find /app/venv -name "__pycache__" -type d -exec rm -rf {} + 2>/dev/null || true \
    && find /app -name "*.pyo" -delete 2>/dev/null || true

# Runtime stage - much smaller
FROM python:3.11-alpine3.21 AS runtime

# Set environment variables
ENV TZ=UTC
ENV PYTHONUNBUFFERED=1
ENV PYTHONDONTWRITEBYTECODE=1
ENV PATH="/app/venv/bin:$PATH"

# Install only runtime dependencies (no redis server, nginx, dcron, or tesseract - not needed)
# - redis: using external Redis cluster, only Python client needed
# - nginx: only needed in web container, installed there
# - dcron: using Kubernetes CronJobs for scheduling
# - tesseract: OCR not used by PieFed
RUN apk add --no-cache \
        ca-certificates \
        curl \
        su-exec \
        libpq \
        jpeg \
        freetype \
        lcms2 \
        openjpeg \
        tiff \
        supervisor \
        bash

# Create piefed user and set up directories in a single layer
RUN addgroup -g 1000 piefed \
    && adduser -u 1000 -G piefed -s /bin/sh -D piefed \
    && mkdir -p /app/logs /app/app/static/tmp /app/app/static/media \
        /var/log/piefed /var/run/piefed \
    && chown -R piefed:piefed /var/log/piefed /var/run/piefed

# Set working directory
WORKDIR /app

# Copy application and virtual environment from builder (venv is inside /app)
COPY --from=builder --chown=piefed:piefed /app /app

# Compile translations and set permissions in a single layer
RUN source /app/venv/bin/activate \
    && (pybabel compile -d app/translations || true) \
    && chmod 755 /app/logs /app/app/static/tmp /app/app/static/media

# Copy shared entrypoint utilities
COPY entrypoint-common.sh /usr/local/bin/entrypoint-common.sh
COPY entrypoint-init.sh /usr/local/bin/entrypoint-init.sh
RUN chmod +x /usr/local/bin/entrypoint-common.sh /usr/local/bin/entrypoint-init.sh
add source code and readme 2025-12-24 14:35:17 +01:00			`# Multi-stage build for smaller final image`
update with latest build versions, includes custom build for postgres and migrating from v16 to v18 2026-01-14 22:33:45 +02:00			`FROM python:3.11-alpine3.21 AS builder`
add source code and readme 2025-12-24 14:35:17 +01:00
update with latest build versions, includes custom build for postgres and migrating from v16 to v18 2026-01-14 22:33:45 +02:00			`# Install build dependencies`
			`RUN apk add --no-cache \`
add source code and readme 2025-12-24 14:35:17 +01:00			`pkgconfig \`
			`gcc \`
			`python3-dev \`
			`musl-dev \`
			`postgresql-dev \`
			`linux-headers \`
			`bash \`
			`git \`
			`curl`

			`# Set working directory`
			`WORKDIR /app`

update with latest build versions, includes custom build for postgres and migrating from v16 to v18 2026-01-14 22:33:45 +02:00			`# Clone PieFed source`
			`ARG PIEFED_VERSION=v1.5.1`
add source code and readme 2025-12-24 14:35:17 +01:00			`RUN git clone https://codeberg.org/rimu/pyfedi.git /app \`
			`&& cd /app \`
			`&& git checkout ${PIEFED_VERSION} \`
			`&& rm -rf .git`

update with latest build versions, includes custom build for postgres and migrating from v16 to v18 2026-01-14 22:33:45 +02:00			`# Install Python dependencies to /app/venv and clean up cache/bytecode`
add source code and readme 2025-12-24 14:35:17 +01:00			`RUN python -m venv /app/venv \`
			`&& source /app/venv/bin/activate \`
			`&& pip install --no-cache-dir -r requirements.txt \`
update with latest build versions, includes custom build for postgres and migrating from v16 to v18 2026-01-14 22:33:45 +02:00			`&& pip install --no-cache-dir uwsgi \`
			`&& find /app/venv -name "*.pyc" -delete \`
			`&& find /app/venv -name "__pycache__" -type d -exec rm -rf {} + 2>/dev/null \|\| true \`
			`&& find /app -name "*.pyo" -delete 2>/dev/null \|\| true`
add source code and readme 2025-12-24 14:35:17 +01:00
			`# Runtime stage - much smaller`
update with latest build versions, includes custom build for postgres and migrating from v16 to v18 2026-01-14 22:33:45 +02:00			`FROM python:3.11-alpine3.21 AS runtime`
add source code and readme 2025-12-24 14:35:17 +01:00
			`# Set environment variables`
			`ENV TZ=UTC`
			`ENV PYTHONUNBUFFERED=1`
			`ENV PYTHONDONTWRITEBYTECODE=1`
			`ENV PATH="/app/venv/bin:$PATH"`

update with latest build versions, includes custom build for postgres and migrating from v16 to v18 2026-01-14 22:33:45 +02:00			`# Install only runtime dependencies (no redis server, nginx, dcron, or tesseract - not needed)`
			`# - redis: using external Redis cluster, only Python client needed`
			`# - nginx: only needed in web container, installed there`
			`# - dcron: using Kubernetes CronJobs for scheduling`
			`# - tesseract: OCR not used by PieFed`
			`RUN apk add --no-cache \`
add source code and readme 2025-12-24 14:35:17 +01:00			`ca-certificates \`
			`curl \`
			`su-exec \`
			`libpq \`
			`jpeg \`
			`freetype \`
			`lcms2 \`
			`openjpeg \`
			`tiff \`
			`supervisor \`
update with latest build versions, includes custom build for postgres and migrating from v16 to v18 2026-01-14 22:33:45 +02:00			`bash`
add source code and readme 2025-12-24 14:35:17 +01:00
update with latest build versions, includes custom build for postgres and migrating from v16 to v18 2026-01-14 22:33:45 +02:00			`# Create piefed user and set up directories in a single layer`
add source code and readme 2025-12-24 14:35:17 +01:00			`RUN addgroup -g 1000 piefed \`
update with latest build versions, includes custom build for postgres and migrating from v16 to v18 2026-01-14 22:33:45 +02:00			`&& adduser -u 1000 -G piefed -s /bin/sh -D piefed \`
			`&& mkdir -p /app/logs /app/app/static/tmp /app/app/static/media \`
			`/var/log/piefed /var/run/piefed \`
			`&& chown -R piefed:piefed /var/log/piefed /var/run/piefed`
add source code and readme 2025-12-24 14:35:17 +01:00
			`# Set working directory`
			`WORKDIR /app`

update with latest build versions, includes custom build for postgres and migrating from v16 to v18 2026-01-14 22:33:45 +02:00			`# Copy application and virtual environment from builder (venv is inside /app)`
			`COPY --from=builder --chown=piefed:piefed /app /app`
add source code and readme 2025-12-24 14:35:17 +01:00
update with latest build versions, includes custom build for postgres and migrating from v16 to v18 2026-01-14 22:33:45 +02:00			`# Compile translations and set permissions in a single layer`
			`RUN source /app/venv/bin/activate \`
			`&& (pybabel compile -d app/translations \|\| true) \`
			`&& chmod 755 /app/logs /app/app/static/tmp /app/app/static/media`
add source code and readme 2025-12-24 14:35:17 +01:00
			`# Copy shared entrypoint utilities`
			`COPY entrypoint-common.sh /usr/local/bin/entrypoint-common.sh`
			`COPY entrypoint-init.sh /usr/local/bin/entrypoint-init.sh`
update with latest build versions, includes custom build for postgres and migrating from v16 to v18 2026-01-14 22:33:45 +02:00			`RUN chmod +x /usr/local/bin/entrypoint-common.sh /usr/local/bin/entrypoint-init.sh`