update with latest build versions, includes custom build for postgres and migrating from v16 to v18

2026-01-14 22:33:45 +02:00
parent 8ff8126d41
commit 9f7fa24931
27 changed files with 1371 additions and 309 deletions
--- a/build/pixelfed/README.md
+++ b/build/pixelfed/README.md
@@ -32,18 +32,18 @@ This will:
 1. Build the base image with all Pixelfed dependencies
 2. Build the web container with Nginx + PHP-FPM
 3. Build the worker container with Horizon + Scheduler
-4. Push to your Harbor registry: `<YOUR_REGISTRY_URL>`
+4. Push to your Harbor registry: `registry.keyboardvagabond.com`

 ### **Individual Container Builds**

 ```bash
 # Build just web container
 cd pixelfed-web && docker build --platform linux/arm64 \
-  -t <YOUR_REGISTRY_URL>/pixelfed/web:v6 .
+  -t registry.keyboardvagabond.com/pixelfed/web:v6 .

 # Build just worker container  
 cd pixelfed-worker && docker build --platform linux/arm64 \
-  -t <YOUR_REGISTRY_URL>/pixelfed/worker:v0.12.6 .
+  -t registry.keyboardvagabond.com/pixelfed/worker:v0.12.6 .
 ```

 ## 📦 **Container Details**
@@ -84,14 +84,14 @@ APP_DOMAIN=pixelfed.keyboardvagabond.com
 DB_HOST=postgresql-shared-rw.postgresql-system.svc.cluster.local
 DB_DATABASE=pixelfed
 DB_USERNAME=pixelfed
-DB_PASSWORD=<REPLACE_WITH_DATABASE_PASSWORD>
+DB_PASSWORD=secure_password_here
 ```

 #### **Redis Configuration**
 ```bash
 REDIS_HOST=redis-ha-haproxy.redis-system.svc.cluster.local
 REDIS_PORT=6379
-REDIS_PASSWORD=<REPLACE_WITH_REDIS_PASSWORD>
+REDIS_PASSWORD=redis_password_if_needed
 ```

 #### **S3 Media Storage (Backblaze B2)**
@@ -104,12 +104,12 @@ FILESYSTEM_CLOUD=s3
 FILESYSTEM_DISK=s3

 # Backblaze B2 S3-compatible configuration  
-AWS_ACCESS_KEY_ID=<REPLACE_WITH_S3_ACCESS_KEY>
-AWS_SECRET_ACCESS_KEY=<REPLACE_WITH_S3_SECRET_KEY>
+AWS_ACCESS_KEY_ID=your_b2_key_id
+AWS_SECRET_ACCESS_KEY=your_b2_secret_key
 AWS_DEFAULT_REGION=eu-central-003
 AWS_BUCKET=pixelfed-bucket
 AWS_URL=https://pm.keyboardvagabond.com/
-AWS_ENDPOINT=<REPLACE_WITH_S3_ENDPOINT>
+AWS_ENDPOINT=https://s3.eu-central-003.backblazeb2.com
 AWS_USE_PATH_STYLE_ENDPOINT=false
 AWS_ROOT=
 AWS_VISIBILITY=public
@@ -118,13 +118,13 @@ AWS_VISIBILITY=public
 CDN_DOMAIN=pm.keyboardvagabond.com
 ```

-#### **Email (SMTP)**
+#### **Email (Mailgun)**
 ```bash
 MAIL_MAILER=smtp
-MAIL_HOST=<YOUR_SMTP_SERVER>
+MAIL_HOST=smtp.eu.mailgun.org
 MAIL_PORT=587
 MAIL_USERNAME=pixelfed@mail.keyboardvagabond.com
-MAIL_PASSWORD=<REPLACE_WITH_EMAIL_PASSWORD>
+MAIL_PASSWORD=<mail password>
 MAIL_ENCRYPTION=tls
 MAIL_FROM_ADDRESS=pixelfed@mail.keyboardvagabond.com
 MAIL_FROM_NAME="Pixelfed at Keyboard Vagabond"
--- a/build/pixelfed/build-all.sh
+++ b/build/pixelfed/build-all.sh
@@ -2,7 +2,7 @@
 set -e

 # Configuration
-REGISTRY="<YOUR_REGISTRY_URL>"
+REGISTRY="registry.keyboardvagabond.com"
 VERSION="v0.12.6"
 PLATFORM="linux/arm64"

@@ -64,6 +64,11 @@ echo -e "${BLUE}Built containers:${NC}"
 echo -e "  • ${GREEN}$REGISTRY/library/pixelfed-web:$VERSION${NC}"
 echo -e "  • ${GREEN}$REGISTRY/library/pixelfed-worker:$VERSION${NC}"

+# Show image sizes
+echo
+echo -e "${BLUE}📊 Built image sizes:${NC}"
+docker images --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}" | grep -E "(pixelfed-base|pixelfed-web|pixelfed-worker)" | head -10
+
 # Ask about pushing to registry
 echo
 read -p "Push all containers to Harbor registry? (y/N): " -n 1 -r
--- a/build/pixelfed/pixelfed-base/Dockerfile
+++ b/build/pixelfed/pixelfed-base/Dockerfile
@@ -1,17 +1,19 @@
 # Multi-stage build for Pixelfed - optimized base image
 FROM php:8.3-fpm-alpine AS builder

+LABEL org.opencontainers.image.title="Pixelfed Base" \
+      org.opencontainers.image.description="Shared base image for Pixelfed photo sharing platform" \
+      org.opencontainers.image.source="https://github.com/pixelfed/pixelfed" \
+      org.opencontainers.image.vendor="Keyboard Vagabond"
+
 # Set environment variables
 ENV PIXELFED_VERSION=v0.12.6
 ENV TZ=UTC
 ENV APP_ENV=production
 ENV APP_DEBUG=false

-# Use HTTP repositories and install build dependencies
-RUN echo "http://dl-cdn.alpinelinux.org/alpine/v3.22/main" > /etc/apk/repositories \
-    && echo "http://dl-cdn.alpinelinux.org/alpine/v3.22/community" >> /etc/apk/repositories \
-    && apk update \
-    && apk add --no-cache \
+# Install build dependencies in a single layer
+RUN apk add --no-cache \
        ca-certificates \
        git \
        curl \
@@ -28,19 +30,16 @@ RUN echo "http://dl-cdn.alpinelinux.org/alpine/v3.22/main" > /etc/apk/repositori
        icu-dev \
        gettext-dev \
        imagemagick-dev \
-        # Node.js and build tools for asset compilation
+        # Node.js for asset compilation
        nodejs \
        npm \
-        # Compilation tools for native modules
+        # Build tools
        build-base \
-        python3 \
-        make \
-        # Additional build tools for PECL extensions
        autoconf \
        pkgconfig \
        $PHPIZE_DEPS

-# Install PHP extensions
+# Install PHP extensions (done ONCE - will be copied to runtime stage)
 RUN docker-php-ext-configure gd --with-freetype --with-jpeg \
    && docker-php-ext-install -j$(nproc) \
        pdo_pgsql \
@@ -52,9 +51,15 @@ RUN docker-php-ext-configure gd --with-freetype --with-jpeg \
        exif \
        pcntl \
        opcache \
-    # Install ImageMagick PHP extension via PECL
-    && pecl install imagick \
-    && docker-php-ext-enable imagick
+    # Build imagick from source for PHP 8.3 compatibility
+    && git clone https://github.com/Imagick/imagick.git --depth 1 -b master /tmp/imagick \
+    && cd /tmp/imagick \
+    && phpize \
+    && ./configure \
+    && make \
+    && make install \
+    && docker-php-ext-enable imagick \
+    && rm -rf /tmp/imagick

 # Install Composer
 COPY --from=composer:2 /usr/bin/composer /usr/bin/composer
@@ -82,10 +87,7 @@ RUN composer install --no-dev --optimize-autoloader --no-interaction \
    && rm -f bootstrap/cache/packages.php bootstrap/cache/services.php || true \
    && php artisan package:discover --ansi || true

-# Install Node.js and build assets (skip post-install scripts to avoid node-datachannel compilation)
-USER root
-RUN apk add --no-cache nodejs npm
-USER pixelfed
+# Build frontend assets (skip post-install scripts to avoid node-datachannel compilation)
 RUN echo "ignore-scripts=true" > .npmrc \
    && npm ci \
    && npm run production \
@@ -99,21 +101,23 @@ USER root
 # ================================
 FROM php:8.3-fpm-alpine AS pixelfed-base

+LABEL org.opencontainers.image.title="Pixelfed Base" \
+      org.opencontainers.image.description="Shared base image for Pixelfed photo sharing platform" \
+      org.opencontainers.image.source="https://github.com/pixelfed/pixelfed" \
+      org.opencontainers.image.vendor="Keyboard Vagabond"
+
 # Set environment variables
 ENV TZ=UTC
 ENV APP_ENV=production
 ENV APP_DEBUG=false

 # Install only runtime dependencies (no -dev packages, no build tools)
-RUN echo "http://dl-cdn.alpinelinux.org/alpine/v3.22/main" > /etc/apk/repositories \
-    && echo "http://dl-cdn.alpinelinux.org/alpine/v3.22/community" >> /etc/apk/repositories \
-    && apk update \
-    && apk add --no-cache \
+RUN apk add --no-cache \
        ca-certificates \
        curl \
        su-exec \
        dcron \
-        # Runtime libraries for PHP extensions (no -dev versions)
+        # Runtime libraries for PHP extensions
        libpng \
        oniguruma \
        libxml2 \
@@ -121,58 +125,23 @@ RUN echo "http://dl-cdn.alpinelinux.org/alpine/v3.22/main" > /etc/apk/repositori
        libjpeg-turbo \
        libzip \
        libpq \
-        icu \
+        icu-libs \
        gettext \
-        # Image optimization tools (runtime only)
+        # ImageMagick runtime libraries
+        imagemagick \
+        imagemagick-libs \
+        # Image optimization tools (required by Pixelfed)
        jpegoptim \
        optipng \
        pngquant \
        gifsicle \
-        imagemagick \
+        # FFmpeg for video thumbnails (required by Pixelfed)
        ffmpeg \
    && rm -rf /var/cache/apk/*

-# Re-install PHP extensions in runtime stage (this ensures compatibility)
-RUN apk add --no-cache --virtual .build-deps \
-        libpng-dev \
-        oniguruma-dev \
-        libxml2-dev \
-        freetype-dev \
-        libjpeg-turbo-dev \
-        libzip-dev \
-        postgresql-dev \
-        icu-dev \
-        gettext-dev \
-        imagemagick-dev \
-        # Additional build tools for PECL extensions
-        autoconf \
-        pkgconfig \
-        git \
-        $PHPIZE_DEPS \
-    && docker-php-ext-configure gd --with-freetype --with-jpeg \
-    && docker-php-ext-install -j$(nproc) \
-        pdo_pgsql \
-        pgsql \
-        gd \
-        zip \
-        intl \
-        bcmath \
-        exif \
-        pcntl \
-        opcache \
-    # Install ImageMagick PHP extension from source (PHP 8.3 compatibility)
-    && git clone https://github.com/Imagick/imagick.git --depth 1 /tmp/imagick \
-    && cd /tmp/imagick \
-    && git fetch origin master \
-    && git switch master \
-    && phpize \
-    && ./configure \
-    && make \
-    && make install \
-    && docker-php-ext-enable imagick \
-    && rm -rf /tmp/imagick \
-    && apk del .build-deps \
-    && rm -rf /var/cache/apk/*
+# Copy PHP extensions from builder (KEY OPTIMIZATION - no recompilation!)
+COPY --from=builder /usr/local/lib/php/extensions/ /usr/local/lib/php/extensions/
+COPY --from=builder /usr/local/etc/php/conf.d/ /usr/local/etc/php/conf.d/

 # Create pixelfed user
 RUN addgroup -g 1000 pixelfed \
@@ -184,7 +153,7 @@ WORKDIR /var/www/pixelfed
 # Copy application from builder (source + compiled assets + vendor dependencies)
 COPY --from=builder --chown=pixelfed:pixelfed /var/www/pixelfed /var/www/pixelfed

-# Copy custom assets (logo, banners, etc.) to override defaults. Doesn't override the png versions.
+# Copy custom assets (logo, banners, etc.) to override defaults
 COPY --chown=pixelfed:pixelfed custom-assets/img/*.svg /var/www/pixelfed/public/img/

 # Clear any cached configuration files and set proper permissions
@@ -193,15 +162,17 @@ RUN rm -rf /var/www/pixelfed/bootstrap/cache/*.php || true \
    && chmod -R 755 /var/www/pixelfed/bootstrap/cache \
    && chown -R pixelfed:pixelfed /var/www/pixelfed/bootstrap/cache

-# Configure PHP for better performance
-RUN echo "opcache.enable=1" >> /usr/local/etc/php/conf.d/docker-php-ext-opcache.ini \
-    && echo "opcache.revalidate_freq=0" >> /usr/local/etc/php/conf.d/docker-php-ext-opcache.ini \
-    && echo "opcache.validate_timestamps=0" >> /usr/local/etc/php/conf.d/docker-php-ext-opcache.ini \
-    && echo "opcache.max_accelerated_files=10000" >> /usr/local/etc/php/conf.d/docker-php-ext-opcache.ini \
-    && echo "opcache.memory_consumption=192" >> /usr/local/etc/php/conf.d/docker-php-ext-opcache.ini \
-    && echo "opcache.max_wasted_percentage=10" >> /usr/local/etc/php/conf.d/docker-php-ext-opcache.ini \
-    && echo "opcache.interned_strings_buffer=16" >> /usr/local/etc/php/conf.d/docker-php-ext-opcache.ini \
-    && echo "opcache.fast_shutdown=1" >> /usr/local/etc/php/conf.d/docker-php-ext-opcache.ini
+# Configure PHP OPcache for production performance
+RUN { \
+        echo "opcache.enable=1"; \
+        echo "opcache.revalidate_freq=0"; \
+        echo "opcache.validate_timestamps=0"; \
+        echo "opcache.max_accelerated_files=10000"; \
+        echo "opcache.memory_consumption=192"; \
+        echo "opcache.max_wasted_percentage=10"; \
+        echo "opcache.interned_strings_buffer=16"; \
+        echo "opcache.fast_shutdown=1"; \
+    } >> /usr/local/etc/php/conf.d/docker-php-ext-opcache.ini

 # Copy shared entrypoint utilities
 COPY entrypoint-common.sh /usr/local/bin/entrypoint-common.sh