From 30fba31def4b974a84e4373ab67380972f10a085 Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Tue, 3 Dec 2024 20:20:27 +0000
Subject: [PATCH] chore: updated to 4.3.2
Signed-off-by: Nigel Kukard <nkukard@lbsd.net>
---
Dockerfile | 227 ++----------------
usr/local/sbin/mastodon-rails | 3 +-
usr/local/sbin/start-mastodon | 10 +-
usr/local/sbin/tootctl | 2 +-
.../init.d/42-mastodon.sh | 4 +-
5 files changed, 37 insertions(+), 209 deletions(-)
diff --git a/Dockerfile b/Dockerfile
index b3923ce..8844005 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -19,209 +19,16 @@
# IN THE SOFTWARE.
-#
-# Ruby builder
-#
-
-
-FROM registry.conarx.tech/containers/alpine/3.20 as ruby-builder
-
-ARG RUBY_VER=3.2.4
-
-# Copy build patches
-COPY patches build/patches
-
-
-# Install libs we need
-RUN set -eux; \
- true "Installing build dependencies"; \
-# from https://git.alpinelinux.org/aports/tree/main/ruby/APKBUILD
- apk add --no-cache \
- build-base \
- ca-certificates \
- gmp-dev libucontext-dev \
- zlib-dev openssl-dev gdbm-dev readline-dev libffi-dev coreutils yaml-dev linux-headers autoconf \
- \
- jemalloc-dev
-
-
-# Download packages
-RUN set -eux; \
- mkdir -p build; \
- cd build; \
- wget "https://cache.ruby-lang.org/pub/ruby/${RUBY_VER%.*}/ruby-$RUBY_VER.tar.gz"; \
- tar -xf "ruby-${RUBY_VER}.tar.gz"
-
-
-# Build and install Ruby
-RUN set -eux; \
- cd build; \
- cd ruby-${RUBY_VER}; \
-# Patching
-# patch -p1 < ../patches/ruby-dont-install-bundled-gems.patch; \
- patch -p1 < ../patches/ruby-fix-get_main_stack.patch; \
- patch -p1 < ../patches/ruby-test_insns-lower-recursion-depth.patch; \
-# -fomit-frame-pointer makes ruby segfault, see gentoo bug #150413
-# In many places aliasing rules are broken; play it safe
-# as it's risky with newer compilers to leave it as it is.
- export CFLAGS="-fno-omit-frame-pointer -fno-strict-aliasing"; \
- export CPPFLAGS="-fno-omit-frame-pointer -fno-strict-aliasing"; \
- \
-# Needed for coroutine stuff
- export LIBS="-lucontext"; \
-# ruby saves path to install. we want use $PATH
- export INSTALL=install; \
-# the configure script does not detect isnan/isinf as macros
- export ac_cv_func_isnan=yes; \
- export ac_cv_func_isinf=yes; \
- \
- ./configure \
- --prefix=/usr \
- --sysconfdir=/etc \
- --mandir=/usr/share/man \
- --infodir=/usr/share/info \
- --with-sitedir=/usr/local/lib/site_ruby \
- --with-search-path="/usr/lib/site_ruby/\$(ruby_ver)/x86_64-linux" \
- --enable-pthread \
- --disable-rpath \
- --enable-shared \
- --disable-install-doc; \
-# Build
- make -j$(nproc) -l 8 VERBOSE=1; \
-# Test
- make test; \
-# Install
- pkgdir="/build/ruby-root"; \
- make DESTDIR="$pkgdir" SUDO="" install; \
-# Remove cruft
- rm -rfv \
- "$pkgdir"/usr/share \
- "$pkgdir"/usr/lib/pkgconfig
-
-
-RUN set -eux; \
- cd build/ruby-root; \
- pkgdir="/build/ruby-root"; \
- scanelf --recursive --nobanner --osabi --etype "ET_DYN,ET_EXEC" . | awk '{print $3}' | xargs \
- strip \
- --remove-section=.comment \
- --remove-section=.note \
- -R .gnu.lto_* -R .gnu.debuglto_* \
- -N __gnu_lto_slim -N __gnu_lto_v1 \
- --strip-unneeded; \
- du -hs "$pkgdir"
-
-
-
-#
-# Nodejs builder
-#
-
-FROM registry.conarx.tech/containers/alpine/3.20 as nodejs-builder
-
-ARG NODEJS_VER=22.2.0
-
-# Copy build patches
-COPY patches build/patches
-
-
-# Install libs we need
-RUN set -eux; \
- true "Installing build dependencies"; \
-# from https://git.alpinelinux.org/aports/tree/main/nodejs/APKBUILD
- apk add --no-cache \
- build-base \
- ca-certificates \
- brotli-dev c-ares-dev icu-dev linux-headers nghttp2-dev openssl-dev python3 py3-jinja2 samurai zlib-dev
-
-
-# Download packages
-RUN set -eux; \
- mkdir -p build; \
- cd build; \
- wget "https://nodejs.org/dist/v$NODEJS_VER/node-v$NODEJS_VER.tar.gz"; \
- tar -xf "node-v${NODEJS_VER}.tar.gz"
-
-
-# Build and install Nodejs
-RUN set -eux; \
- cd build; \
- cd node-v${NODEJS_VER}; \
-# Patching
- patch -p1 < ../patches/nodejs-fix-build-with-system-c-ares.patch; \
-# Compiler flags
- export CFLAGS="-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"; \
- export CXXFLAGS="-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"; \
- export CPPFLAGS="-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"; \
- \
-# NOTE: We use bundled libuv because they don't care much about backward
-# compatibility and it has happened several times in past that we
-# couldn't upgrade nodejs package in stable branches to fix CVEs due to
-# libuv incompatibility.
-#
-# NOTE: We don't package the bundled npm - it's a separate project with
-# its own release cycle and version numbering, so it's better to keep
-# it in a standalone aport.
-#
-# TODO: Fix and enable corepack.
- python3 configure.py --prefix=/usr \
- --shared-brotli \
- --shared-zlib \
- --shared-openssl \
- --shared-cares \
- --shared-nghttp2 \
- --ninja \
- --openssl-use-def-ca-store \
- --with-icu-default-data-dir=$(icu-config --icudatadir) \
- --with-intl=system-icu; \
- \
-# Build, must build without -j or it will fail
- make -l 8 VERBOSE=1 BUILDTYPE=Release; \
-# Test
- ./node -e 'console.log("Hello, world!")'; \
- ./node -e "require('assert').equal(process.versions.node, '$NODEJS_VER')"; \
-# Install
- pkgdir="/build/nodejs-root"; \
- make DESTDIR="$pkgdir" install; \
- \
-# Remove cruft
- rm -rfv \
- "$pkgdir"/usr/share \
- "$pkgdir"/usr/lib/node_modules/npm/docs \
- "$pkgdir"/usr/lib/node_modules/npm/man
-
-
-RUN set -eux; \
- cd build/nodejs-root; \
- pkgdir="/build/nodejs-root"; \
- scanelf --recursive --nobanner --osabi --etype "ET_DYN,ET_EXEC" . | awk '{print $3}' | xargs \
- strip \
- --remove-section=.comment \
- --remove-section=.note \
- -R .gnu.lto_* -R .gnu.debuglto_* \
- -N __gnu_lto_slim -N __gnu_lto_v1 \
- --strip-unneeded; \
- du -hs "$pkgdir"
-
-
-
-#
-# Build Mastodon
-#
-
-
FROM registry.conarx.tech/containers/alpine/3.20 as mastodon-builder
-
LABEL maintainer="Nigel Kukard <nkukard@lbsd.net>"
ARG VERSION_INFO=
-ARG MASTODON_VER=4.3.1
+ARG MASTODON_VER=4.3.2
+COPY --from=registry.conarx.tech/containers/nodejs/3.20:22.11.0 /opt/nodejs-22.11.0 /opt/nodejs-22.11.0
+COPY --from=registry.conarx.tech/containers/ruby/3.20:3.3.6 /opt/ruby-3.3.6 /opt/ruby-3.3.6
-# Copy in built binaries
-COPY --from=ruby-builder /build/ruby-root /
-COPY --from=nodejs-builder /build/nodejs-root /
# Copy build patches
COPY patches build/patches
@@ -233,11 +40,19 @@ RUN set -eux; \
# Ruby
apk add --no-cache libucontext; \
# NodeJS
- apk add --no-cache nghttp2-libs; \
+ apk add --no-cache nghttp2-libs libuv; \
# Mastodon
apk add --no-cache coreutils wget procps libpq imagemagick ffmpeg jemalloc icu-libs libidn yaml file tzdata readline; \
# Mastodon build reqs
apk add --no-cache build-base git jemalloc-dev libucontext-dev libpq-dev icu-dev zlib-dev libidn-dev linux-headers yaml-dev vips-dev; \
+ # Setup environment
+ for i in /opt/*/ld-musl-x86_64.path; do \
+ cat "$i" >> /etc/ld-musl-x86_64.path; \
+ done; \
+ for i in /opt/*/PATH; do \
+ export PATH="$(cat "$i"):$PATH"; \
+ done; \
+# Start build
npm install --global yarn; \
true "Versioning..."; \
node --version; \
@@ -293,10 +108,15 @@ FROM registry.conarx.tech/containers/alpine/3.20
ARG VERSION_INFO=
+ARG RUBY_VER=3.3.6
+ARG NODEJS_VER=22.11.0
+
LABEL org.opencontainers.image.authors "Nigel Kukard <nkukard@conarx.tech>"
LABEL org.opencontainers.image.version "3.20"
-LABEL org.opencontainers.image.base.name "docker.io/library/alpine:edge"
+LABEL org.opencontainers.image.base.name "docker.io/library/alpine:3.20"
+COPY --from=registry.conarx.tech/containers/ruby/3.20:3.3.6 /opt/ruby-3.3.6 /opt/ruby-3.3.6
+COPY --from=registry.conarx.tech/containers/nodejs/3.20:22.11.0 /opt/nodejs-22.11.0 /opt/nodejs-22.11.0
RUN set -eux; \
@@ -305,9 +125,6 @@ RUN set -eux; \
adduser -S -D -h /opt/mastodon -s /sbin/nologin -G mastodon -g mastodon mastodon 2>/dev/null
-# Copy in built binaries
-COPY --from=ruby-builder /build/ruby-root /
-COPY --from=nodejs-builder /build/nodejs-root /
# Copy in Mastodon
COPY --chown=mastodon:mastodon --from=mastodon-builder /build/mastodon /opt/mastodon
# Tools
@@ -317,7 +134,7 @@ COPY --from=tools /usr/bin/pg_isready /usr/local/bin/pg_isready
# Add more PATHs to the PATH
-ENV PATH="${PATH}:/opt/mastodon/bin"
+ENV PATH="${PATH}:/opt/ruby-${RUBY_VER}/bin:/opt/nodejs-${NODEJS_VER}/bin:/opt/mastodon/bin"
RUN set -eux; \
true "Install requirements"; \
@@ -326,7 +143,7 @@ RUN set -eux; \
# Ruby
apk add --no-cache gmp libucontext; \
# NodeJS
- apk add --no-cache nghttp2-libs; \
+ apk add --no-cache libuv nghttp2-libs; \
# Mastodon
apk add --no-cache coreutils wget procps libpq imagemagick ffmpeg jemalloc icu-libs libidn yaml file tzdata readline vips; \
mkdir -p /opt/mastodon/public/system; \
@@ -334,6 +151,10 @@ RUN set -eux; \
# Link mastodon to / that everyone else uses
ln -s /opt/mastodon /mastodon; \
mkdir /etc/mastodon; \
+# Setup environment
+ for i in /opt/*/ld-musl-x86_64.path; do \
+ cat "$i" >> /etc/ld-musl-x86_64.path; \
+ done; \
# Other
true "Cleanup"; \
rm -rf \
diff --git a/usr/local/sbin/mastodon-rails b/usr/local/sbin/mastodon-rails
index 6e0eb5b..6ffe24a 100644
--- a/usr/local/sbin/mastodon-rails
+++ b/usr/local/sbin/mastodon-rails
@@ -35,4 +35,5 @@ set +a
set -e
-sudo -E -u mastodon -- bundle exec rails "$@"
+_bundle=$(which bundle)
+exec sudo -E --preserve-env=PATH -u mastodon -- "$_bundle" exec rails "$@"
\ No newline at end of file
diff --git a/usr/local/sbin/start-mastodon b/usr/local/sbin/start-mastodon
index b3118ff..1e5d6a9 100644
--- a/usr/local/sbin/start-mastodon
+++ b/usr/local/sbin/start-mastodon
@@ -32,12 +32,16 @@ set +a
# shellcheck disable=SC1091
. .mode.env
+
if [ "$MASTODON_MODE" = "web" ]; then
- exec bundle exec rails server -p 3000 -b "$BIND"
+ _bundle=$(which bundle)
+ exec "$_bundle" exec rails server -p 3000 -b "$BIND"
elif [ "$MASTODON_MODE" = "streaming" ]; then
- exec node ./streaming/index.js
+ _node=$(which node)
+ exec "$_node" ./streaming/index.js
elif [ "$MASTODON_MODE" = "sidekiq" ]; then
- exec bundle exec sidekiq
+ _bundle=$(which bundle)
+ exec "$_bundle" exec sidekiq
fi
diff --git a/usr/local/sbin/tootctl b/usr/local/sbin/tootctl
index 766af53..526ee98 100644
--- a/usr/local/sbin/tootctl
+++ b/usr/local/sbin/tootctl
@@ -35,4 +35,4 @@ set +a
set -e
-sudo -E -u mastodon -- bin/tootctl "$@"
+sudo -E -preserve-env=PATH -u mastodon -- bin/tootctl "$@"
\ No newline at end of file
diff --git a/usr/local/share/flexible-docker-containers/init.d/42-mastodon.sh b/usr/local/share/flexible-docker-containers/init.d/42-mastodon.sh
index 69a0e28..16a04c7 100755
--- a/usr/local/share/flexible-docker-containers/init.d/42-mastodon.sh
+++ b/usr/local/share/flexible-docker-containers/init.d/42-mastodon.sh
@@ -31,10 +31,12 @@ if [ ! -f /etc/mastodon/mastodon.env ]; then
fdc_error "This can be specified using: --volume /home/user/test/mastodon.env:/etc/mastodon/mastodon.env"
false
fi
+
+
# Setup environment variables
cat <<EOF > /opt/mastodon/mastodon.env
# Defaults
-PATH="$PATH:/opt/mastodon/bin"
+PATH="$PATH"
RAILS_ENV="production"
NODE_ENV="production"
RAILS_SERVE_STATIC_FILES="true"
--
GitLab