redaction (#1)

Add the redacted source file for demo purposes

Reviewed-on: https://source.michaeldileo.org/michael_dileo/Keybard-Vagabond-Demo/pulls/1
Co-authored-by: Michael DiLeo <michael_dileo@proton.me>
Co-committed-by: Michael DiLeo <michael_dileo@proton.me>

build/piefed/piefed-base/Dockerfile

@@ -0,0 +1,95 @@
+# Multi-stage build for smaller final image
+FROM python:3.11-alpine AS builder
+
+# Use HTTP repositories to avoid SSL issues, then install dependencies
+RUN echo "http://dl-cdn.alpinelinux.org/alpine/v3.22/main" > /etc/apk/repositories \
+    && echo "http://dl-cdn.alpinelinux.org/alpine/v3.22/community" >> /etc/apk/repositories \
+    && apk update \
+    && apk add --no-cache \
+        pkgconfig \
+        gcc \
+        python3-dev \
+        musl-dev \
+        postgresql-dev \
+        linux-headers \
+        bash \
+        git \
+        curl
+
+# Set working directory
+WORKDIR /app
+
+# v1.3.x
+ARG PIEFED_VERSION=main
+RUN git clone https://codeberg.org/rimu/pyfedi.git /app \
+    && cd /app \
+    && git checkout ${PIEFED_VERSION} \
+    && rm -rf .git
+
+# Install Python dependencies to /app/venv
+RUN python -m venv /app/venv \
+    && source /app/venv/bin/activate \
+    && pip install --no-cache-dir -r requirements.txt \
+    && pip install --no-cache-dir uwsgi
+
+# Runtime stage - much smaller
+FROM python:3.11-alpine AS runtime
+
+# Set environment variables
+ENV TZ=UTC
+ENV PYTHONUNBUFFERED=1
+ENV PYTHONDONTWRITEBYTECODE=1
+ENV PATH="/app/venv/bin:$PATH"
+
+# Install only runtime dependencies
+RUN echo "http://dl-cdn.alpinelinux.org/alpine/v3.22/main" > /etc/apk/repositories \
+    && echo "http://dl-cdn.alpinelinux.org/alpine/v3.22/community" >> /etc/apk/repositories \
+    && apk update \
+    && apk add --no-cache \
+        ca-certificates \
+        curl \
+        su-exec \
+        dcron \
+        libpq \
+        jpeg \
+        freetype \
+        lcms2 \
+        openjpeg \
+        tiff \
+        nginx \
+        supervisor \
+        redis \
+        bash \
+        tesseract-ocr \
+        tesseract-ocr-data-eng
+
+# Create piefed user
+RUN addgroup -g 1000 piefed \
+    && adduser -u 1000 -G piefed -s /bin/sh -D piefed
+
+# Set working directory
+WORKDIR /app
+
+# Copy application and virtual environment from builder
+COPY --from=builder /app /app
+COPY --from=builder /app/venv /app/venv
+
+# Compile translations (matching official Dockerfile)
+RUN source /app/venv/bin/activate && \
+    (pybabel compile -d app/translations || true)
+
+# Set proper permissions - ensure logs directory is writable for dual logging
+RUN chown -R piefed:piefed /app \
+    && mkdir -p /app/logs /app/app/static/tmp /app/app/static/media \
+    && chown -R piefed:piefed /app/logs /app/app/static/tmp /app/app/static/media \
+    && chmod -R 755 /app/logs /app/app/static/tmp /app/app/static/media \
+    && chmod 777 /app/logs
+
+# Copy shared entrypoint utilities
+COPY entrypoint-common.sh /usr/local/bin/entrypoint-common.sh
+COPY entrypoint-init.sh /usr/local/bin/entrypoint-init.sh
+RUN chmod +x /usr/local/bin/entrypoint-common.sh /usr/local/bin/entrypoint-init.sh
+
+# Create directories for logs and runtime
+RUN mkdir -p /var/log/piefed /var/run/piefed \
+    && chown -R piefed:piefed /var/log/piefed /var/run/piefed