build/piefed/piefed-base/Dockerfile

# Multi-stage build for smaller final image
FROM python:3.11-alpine AS builder

# Use HTTP repositories to avoid SSL issues, then install dependencies
RUN echo "http://dl-cdn.alpinelinux.org/alpine/v3.22/main" > /etc/apk/repositories \
    && echo "http://dl-cdn.alpinelinux.org/alpine/v3.22/community" >> /etc/apk/repositories \
    && apk update \
    && apk add --no-cache \
        pkgconfig \
        gcc \
        python3-dev \
        musl-dev \
        postgresql-dev \
        linux-headers \
        bash \
        git \
        curl

# Set working directory
WORKDIR /app

# v1.3.x
ARG PIEFED_VERSION=main
RUN git clone https://codeberg.org/rimu/pyfedi.git /app \
    && cd /app \
    && git checkout ${PIEFED_VERSION} \
    && rm -rf .git

# Install Python dependencies to /app/venv
RUN python -m venv /app/venv \
    && source /app/venv/bin/activate \
    && pip install --no-cache-dir -r requirements.txt \
    && pip install --no-cache-dir uwsgi

# Runtime stage - much smaller
FROM python:3.11-alpine AS runtime

# Set environment variables
ENV TZ=UTC
ENV PYTHONUNBUFFERED=1
ENV PYTHONDONTWRITEBYTECODE=1
ENV PATH="/app/venv/bin:$PATH"

# Install only runtime dependencies
RUN echo "http://dl-cdn.alpinelinux.org/alpine/v3.22/main" > /etc/apk/repositories \
    && echo "http://dl-cdn.alpinelinux.org/alpine/v3.22/community" >> /etc/apk/repositories \
    && apk update \
    && apk add --no-cache \
        ca-certificates \
        curl \
        su-exec \
        dcron \
        libpq \
        jpeg \
        freetype \
        lcms2 \
        openjpeg \
        tiff \
        nginx \
        supervisor \
        redis \
        bash \
        tesseract-ocr \
        tesseract-ocr-data-eng

# Create piefed user
RUN addgroup -g 1000 piefed \
    && adduser -u 1000 -G piefed -s /bin/sh -D piefed

# Set working directory
WORKDIR /app

# Copy application and virtual environment from builder
COPY --from=builder /app /app
COPY --from=builder /app/venv /app/venv

# Compile translations (matching official Dockerfile)
RUN source /app/venv/bin/activate && \
    (pybabel compile -d app/translations || true)

# Set proper permissions - ensure logs directory is writable for dual logging
RUN chown -R piefed:piefed /app \
    && mkdir -p /app/logs /app/app/static/tmp /app/app/static/media \
    && chown -R piefed:piefed /app/logs /app/app/static/tmp /app/app/static/media \
    && chmod -R 755 /app/logs /app/app/static/tmp /app/app/static/media \
    && chmod 777 /app/logs

# Copy shared entrypoint utilities
COPY entrypoint-common.sh /usr/local/bin/entrypoint-common.sh
COPY entrypoint-init.sh /usr/local/bin/entrypoint-init.sh
RUN chmod +x /usr/local/bin/entrypoint-common.sh /usr/local/bin/entrypoint-init.sh

# Create directories for logs and runtime
RUN mkdir -p /var/log/piefed /var/run/piefed \
    && chown -R piefed:piefed /var/log/piefed /var/run/piefed
add source code and readme 2025-12-24 14:35:17 +01:00			`# Multi-stage build for smaller final image`
			`FROM python:3.11-alpine AS builder`

			`# Use HTTP repositories to avoid SSL issues, then install dependencies`
			`RUN echo "http://dl-cdn.alpinelinux.org/alpine/v3.22/main" > /etc/apk/repositories \`
			`&& echo "http://dl-cdn.alpinelinux.org/alpine/v3.22/community" >> /etc/apk/repositories \`
			`&& apk update \`
			`&& apk add --no-cache \`
			`pkgconfig \`
			`gcc \`
			`python3-dev \`
			`musl-dev \`
			`postgresql-dev \`
			`linux-headers \`
			`bash \`
			`git \`
			`curl`

			`# Set working directory`
			`WORKDIR /app`

			`# v1.3.x`
			`ARG PIEFED_VERSION=main`
			`RUN git clone https://codeberg.org/rimu/pyfedi.git /app \`
			`&& cd /app \`
			`&& git checkout ${PIEFED_VERSION} \`
			`&& rm -rf .git`

			`# Install Python dependencies to /app/venv`
			`RUN python -m venv /app/venv \`
			`&& source /app/venv/bin/activate \`
			`&& pip install --no-cache-dir -r requirements.txt \`
			`&& pip install --no-cache-dir uwsgi`

			`# Runtime stage - much smaller`
			`FROM python:3.11-alpine AS runtime`

			`# Set environment variables`
			`ENV TZ=UTC`
			`ENV PYTHONUNBUFFERED=1`
			`ENV PYTHONDONTWRITEBYTECODE=1`
			`ENV PATH="/app/venv/bin:$PATH"`

			`# Install only runtime dependencies`
			`RUN echo "http://dl-cdn.alpinelinux.org/alpine/v3.22/main" > /etc/apk/repositories \`
			`&& echo "http://dl-cdn.alpinelinux.org/alpine/v3.22/community" >> /etc/apk/repositories \`
			`&& apk update \`
			`&& apk add --no-cache \`
			`ca-certificates \`
			`curl \`
			`su-exec \`
			`dcron \`
			`libpq \`
			`jpeg \`
			`freetype \`
			`lcms2 \`
			`openjpeg \`
			`tiff \`
			`nginx \`
			`supervisor \`
			`redis \`
			`bash \`
			`tesseract-ocr \`
			`tesseract-ocr-data-eng`

			`# Create piefed user`
			`RUN addgroup -g 1000 piefed \`
			`&& adduser -u 1000 -G piefed -s /bin/sh -D piefed`

			`# Set working directory`
			`WORKDIR /app`

			`# Copy application and virtual environment from builder`
			`COPY --from=builder /app /app`
			`COPY --from=builder /app/venv /app/venv`

			`# Compile translations (matching official Dockerfile)`
			`RUN source /app/venv/bin/activate && \`
			`(pybabel compile -d app/translations \|\| true)`

			`# Set proper permissions - ensure logs directory is writable for dual logging`
			`RUN chown -R piefed:piefed /app \`
			`&& mkdir -p /app/logs /app/app/static/tmp /app/app/static/media \`
			`&& chown -R piefed:piefed /app/logs /app/app/static/tmp /app/app/static/media \`
			`&& chmod -R 755 /app/logs /app/app/static/tmp /app/app/static/media \`
			`&& chmod 777 /app/logs`

			`# Copy shared entrypoint utilities`
			`COPY entrypoint-common.sh /usr/local/bin/entrypoint-common.sh`
			`COPY entrypoint-init.sh /usr/local/bin/entrypoint-init.sh`
			`RUN chmod +x /usr/local/bin/entrypoint-common.sh /usr/local/bin/entrypoint-init.sh`

			`# Create directories for logs and runtime`
			`RUN mkdir -p /var/log/piefed /var/run/piefed \`
			`&& chown -R piefed:piefed /var/log/piefed /var/run/piefed`