From eb536043bc91d78615acbf99168b3e9dfa3ed883 Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Thu, 4 Jul 2024 18:14:05 +0000
Subject: [PATCH 01/12] chore: updated to version 4.2.10
---
Dockerfile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Dockerfile b/Dockerfile
index c63afe8..48367a5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -232,7 +232,7 @@ FROM registry.conarx.tech/containers/alpine/edge as mastodon-builder
LABEL maintainer="Nigel Kukard <nkukard@lbsd.net>"
ARG VERSION_INFO=
-ARG MASTODON_VER=4.2.8
+ARG MASTODON_VER=4.2.10
# Copy in built binaries
--
GitLab
From 1d02487fb73823696db92986e275a6f8c56e611b Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Sat, 17 Aug 2024 08:04:40 +0000
Subject: [PATCH 02/12] chore: updated to version 4.2.11
---
Dockerfile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Dockerfile b/Dockerfile
index 48367a5..7f188e0 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -232,7 +232,7 @@ FROM registry.conarx.tech/containers/alpine/edge as mastodon-builder
LABEL maintainer="Nigel Kukard <nkukard@lbsd.net>"
ARG VERSION_INFO=
-ARG MASTODON_VER=4.2.10
+ARG MASTODON_VER=4.2.11
# Copy in built binaries
--
GitLab
From f44dd15ad8302307f20917bb07b7b3a936169607 Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Mon, 19 Aug 2024 10:03:41 +0000
Subject: [PATCH 03/12] chore: updated to version 4.2.12
---
Dockerfile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Dockerfile b/Dockerfile
index 7f188e0..151492f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -232,7 +232,7 @@ FROM registry.conarx.tech/containers/alpine/edge as mastodon-builder
LABEL maintainer="Nigel Kukard <nkukard@lbsd.net>"
ARG VERSION_INFO=
-ARG MASTODON_VER=4.2.11
+ARG MASTODON_VER=4.2.12
# Copy in built binaries
--
GitLab
From e5ab328228af2c802087c5126fcafc38998daedf Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Mon, 30 Sep 2024 13:04:39 +0000
Subject: [PATCH 04/12] chore: updated to version 4.2.13
---
Dockerfile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Dockerfile b/Dockerfile
index 151492f..f8f6d75 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -232,7 +232,7 @@ FROM registry.conarx.tech/containers/alpine/edge as mastodon-builder
LABEL maintainer="Nigel Kukard <nkukard@lbsd.net>"
ARG VERSION_INFO=
-ARG MASTODON_VER=4.2.12
+ARG MASTODON_VER=4.2.13
# Copy in built binaries
--
GitLab
From 704ee5720cf19e8b4c595e20cc0c7d5b5090e0e2 Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Tue, 8 Oct 2024 15:17:28 +0000
Subject: [PATCH 05/12] chore: updated to version 4.3.0
---
Dockerfile | 36 ++++++++-----------
...s-disable-running-gyp-on-shared-deps.patch | 14 --------
tests/docker-compose.yml.tmpl | 2 --
tests/mastodon.env.tmpl | 3 ++
usr/local/sbin/start-mastodon | 2 +-
.../init.d/42-mastodon.sh | 4 +++
6 files changed, 23 insertions(+), 38 deletions(-)
delete mode 100644 patches/node-v18.15.0_nodejs-disable-running-gyp-on-shared-deps.patch
diff --git a/Dockerfile b/Dockerfile
index f8f6d75..65092eb 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -147,24 +147,8 @@ RUN set -eux; \
RUN set -eux; \
cd build; \
cd node-v${NODEJS_VER}; \
-# Remove bundled dependencies that we're not using.
-# ref: https://git.alpinelinux.org/aports/tree/main/nodejs/APKBUILD
- # openssl.cnf is required for build.
- mv deps/openssl/nodejs-openssl.cnf .; \
- \
- # Remove bundled dependencies that we're not using.
- rm -rf deps/brotli \
- deps/cares \
- deps/corepack \
- deps/openssl/* \
- deps/v8/third_party/jinja2 \
- deps/zlib \
- tools/inspector_protocol/jinja2; \
- \
- mv nodejs-openssl.cnf deps/openssl/; \
# Patching
patch -p1 < ../patches/nodejs-fix-build-with-system-c-ares.patch; \
-# patch -p1 < ../patches/node-v18.15.0_nodejs-disable-running-gyp-on-shared-deps.patch; \
# Compiler flags
export CFLAGS="-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"; \
export CXXFLAGS="-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"; \
@@ -232,7 +216,7 @@ FROM registry.conarx.tech/containers/alpine/edge as mastodon-builder
LABEL maintainer="Nigel Kukard <nkukard@lbsd.net>"
ARG VERSION_INFO=
-ARG MASTODON_VER=4.2.13
+ARG MASTODON_VER=4.3.0
# Copy in built binaries
@@ -253,7 +237,7 @@ RUN set -eux; \
# Mastodon
apk add --no-cache coreutils wget procps libpq imagemagick ffmpeg jemalloc icu-libs libidn yaml file tzdata readline; \
# Mastodon build reqs
- apk add --no-cache build-base git jemalloc-dev libucontext-dev libpq-dev icu-dev zlib-dev libidn-dev; \
+ apk add --no-cache build-base git jemalloc-dev libucontext-dev libpq-dev icu-dev zlib-dev libidn-dev linux-headers yaml-dev vips-dev; \
npm install --global yarn; \
true "Versioning..."; \
node --version; \
@@ -265,17 +249,27 @@ RUN set -eux; \
cd mastodon-${MASTODON_VER}; \
true "Patching Mastodon..."; \
patch -p1 < ../patches/mastodon-4.0.2_reserved-usernames.patch; \
+ true "Enable corepack..."; \
+ corepack enable; \
+ corepack prepare --activate; \
true "Build Mastodon..."; \
bundle config set --local deployment 'true'; \
bundle config set --local without 'development test'; \
bundle config set silence_root_warning true; \
bundle install -j$(nproc); \
- yarn install --pure-lockfile --network-timeout 600000; \
+ true "Install Node modules..."; \
+ yarn workspaces focus --production @mastodon/mastodon; \
true "Writing out version..."; \
echo "MASTODON_VER=$MASTODON_VER" > VERSION; \
true "Precompiling assets..."; \
- RAILS_ENV=production OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder \
+ RAILS_ENV=production \
+ ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=precompile_placeholder \
+ ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=precompile_placeholder \
+ ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=precompile_placeholder \
+ OTP_SECRET=precompile_placeholder SECRET_KEY_BASE=precompile_placeholder \
bin/rails assets:precompile; \
+ true "Install Node modules for Streaming server..."; \
+ yarn workspaces focus --production @mastodon/streaming; \
true "Cleaning up..."; \
yarn cache clean; \
true "Moving to 'mastodon'..."; \
@@ -334,7 +328,7 @@ RUN set -eux; \
# NodeJS
apk add --no-cache nghttp2-libs; \
# Mastodon
- apk add --no-cache coreutils wget procps libpq imagemagick ffmpeg jemalloc icu-libs libidn yaml file tzdata readline; \
+ apk add --no-cache coreutils wget procps libpq imagemagick ffmpeg jemalloc icu-libs libidn yaml file tzdata readline vips; \
mkdir -p /opt/mastodon/public/system; \
mkdir -p /opt/mastodon/private; \
# Link mastodon to / that everyone else uses
diff --git a/patches/node-v18.15.0_nodejs-disable-running-gyp-on-shared-deps.patch b/patches/node-v18.15.0_nodejs-disable-running-gyp-on-shared-deps.patch
deleted file mode 100644
index fcef72c..0000000
--- a/patches/node-v18.15.0_nodejs-disable-running-gyp-on-shared-deps.patch
+++ /dev/null
@@ -1,14 +0,0 @@
-diff --color -ru node-v18.15.0_vanilla/Makefile node-v18.15.0_nodejs-disable-running-gyp-on-shared-deps/Makefile
---- node-v18.15.0_vanilla/Makefile 2023-03-05 06:42:50.000000000 +0000
-+++ node-v18.15.0_nodejs-disable-running-gyp-on-shared-deps/Makefile 2023-03-17 04:27:36.053877725 +0000
-@@ -169,7 +169,7 @@
- $(warning '$@' target is a noop)
-
- out/Makefile: config.gypi common.gypi node.gyp \
-- deps/uv/uv.gyp deps/llhttp/llhttp.gyp deps/zlib/zlib.gyp \
-+ deps/uv/uv.gyp deps/llhttp/llhttp.gyp \
- deps/simdutf/simdutf.gyp \
- tools/v8_gypfiles/toolchain.gypi tools/v8_gypfiles/features.gypi \
- tools/v8_gypfiles/inspector.gypi tools/v8_gypfiles/v8.gyp
-Only in node-v18.15.0_nodejs-disable-running-gyp-on-shared-deps: Makefile.orig
-Only in node-v18.15.0_nodejs-disable-running-gyp-on-shared-deps: Makefile.rej
diff --git a/tests/docker-compose.yml.tmpl b/tests/docker-compose.yml.tmpl
index 203b2f8..a35ec5e 100644
--- a/tests/docker-compose.yml.tmpl
+++ b/tests/docker-compose.yml.tmpl
@@ -1,5 +1,3 @@
-version: '3.9'
-
services:
postgresql:
diff --git a/tests/mastodon.env.tmpl b/tests/mastodon.env.tmpl
index 968ac3c..3a98ec1 100644
--- a/tests/mastodon.env.tmpl
+++ b/tests/mastodon.env.tmpl
@@ -16,3 +16,6 @@ REDIS_PASSWORD=mastodontest
SECRET_KEY_BASE=testsecretkeyreplaceme
OTP_SECRET=testsecretkeyreplaceme
+ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY=testsecretkeyreplaceme
+ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT=testsecretkeyreplaceme
+ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY=testsecretkeyreplaceme
diff --git a/usr/local/sbin/start-mastodon b/usr/local/sbin/start-mastodon
index 75bb561..b3118ff 100644
--- a/usr/local/sbin/start-mastodon
+++ b/usr/local/sbin/start-mastodon
@@ -36,7 +36,7 @@ if [ "$MASTODON_MODE" = "web" ]; then
exec bundle exec rails server -p 3000 -b "$BIND"
elif [ "$MASTODON_MODE" = "streaming" ]; then
- exec node ./streaming
+ exec node ./streaming/index.js
elif [ "$MASTODON_MODE" = "sidekiq" ]; then
exec bundle exec sidekiq
diff --git a/usr/local/share/flexible-docker-containers/init.d/42-mastodon.sh b/usr/local/share/flexible-docker-containers/init.d/42-mastodon.sh
index 16c4870..69a0e28 100755
--- a/usr/local/share/flexible-docker-containers/init.d/42-mastodon.sh
+++ b/usr/local/share/flexible-docker-containers/init.d/42-mastodon.sh
@@ -247,6 +247,10 @@ if [ "$MASTODON_MODE" = "web" ]; then
fi
fi
+ # Output keys if we don't have any
+ if [ -z "$ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY" ]; then
+ mastodon-rails db:encryption:init
+ fi
else
while ! nc -z "$MASTODON_HOST" 3000; do
--
GitLab
From 7d759428ca1d491ac91865bb7b8db0b6ee42a14a Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Mon, 21 Oct 2024 11:21:07 +0000
Subject: [PATCH 06/12] fix: move output of keys when upgrading
---
.../flexible-docker-containers/init.d/42-mastodon.sh | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/usr/local/share/flexible-docker-containers/init.d/42-mastodon.sh b/usr/local/share/flexible-docker-containers/init.d/42-mastodon.sh
index 69a0e28..929a8f9 100755
--- a/usr/local/share/flexible-docker-containers/init.d/42-mastodon.sh
+++ b/usr/local/share/flexible-docker-containers/init.d/42-mastodon.sh
@@ -219,6 +219,10 @@ if [ "$MASTODON_MODE" = "web" ]; then
sleep 2
done
+ # Output keys if we don't have any
+ if [ -z "$ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY" ]; then
+ mastodon-rails db:encryption:init
+ fi
# Check if we need to initialize the database
if [ ! -f /opt/mastodon/private/VERSION ]; then
@@ -247,10 +251,6 @@ if [ "$MASTODON_MODE" = "web" ]; then
fi
fi
- # Output keys if we don't have any
- if [ -z "$ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY" ]; then
- mastodon-rails db:encryption:init
- fi
else
while ! nc -z "$MASTODON_HOST" 3000; do
--
GitLab
From 8f7fc1d248e54986b7013dc33d92ae79e6b4353c Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Mon, 21 Oct 2024 11:21:26 +0000
Subject: [PATCH 07/12] chore: updated to version 4.3.1
---
Dockerfile | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/Dockerfile b/Dockerfile
index 65092eb..da047fb 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -216,7 +216,7 @@ FROM registry.conarx.tech/containers/alpine/edge as mastodon-builder
LABEL maintainer="Nigel Kukard <nkukard@lbsd.net>"
ARG VERSION_INFO=
-ARG MASTODON_VER=4.3.0
+ARG MASTODON_VER=4.3.1
# Copy in built binaries
--
GitLab
From cb3461ec4610a251c908216865dec06023d68084 Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Tue, 3 Dec 2024 20:20:27 +0000
Subject: [PATCH 08/12] chore: updated to 4.3.2
---
Dockerfile | 225 ++----------------
usr/local/sbin/mastodon-rails | 3 +-
usr/local/sbin/start-mastodon | 10 +-
usr/local/sbin/tootctl | 2 +-
.../init.d/42-mastodon.sh | 4 +-
5 files changed, 36 insertions(+), 208 deletions(-)
diff --git a/Dockerfile b/Dockerfile
index da047fb..a4b7846 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -19,209 +19,16 @@
# IN THE SOFTWARE.
-#
-# Ruby builder
-#
-
-
-FROM registry.conarx.tech/containers/alpine/edge as ruby-builder
-
-ARG RUBY_VER=3.2.2
-
-# Copy build patches
-COPY patches build/patches
-
-
-# Install libs we need
-RUN set -eux; \
- true "Installing build dependencies"; \
-# from https://git.alpinelinux.org/aports/tree/main/ruby/APKBUILD
- apk add --no-cache \
- build-base \
- ca-certificates \
- gmp-dev libucontext-dev \
- zlib-dev openssl-dev gdbm-dev readline-dev libffi-dev coreutils yaml-dev linux-headers autoconf \
- \
- jemalloc-dev
-
-
-# Download packages
-RUN set -eux; \
- mkdir -p build; \
- cd build; \
- wget "https://cache.ruby-lang.org/pub/ruby/${RUBY_VER%.*}/ruby-$RUBY_VER.tar.gz"; \
- tar -xf "ruby-${RUBY_VER}.tar.gz"
-
-
-# Build and install Ruby
-RUN set -eux; \
- cd build; \
- cd ruby-${RUBY_VER}; \
-# Patching
-# patch -p1 < ../patches/ruby-dont-install-bundled-gems.patch; \
- patch -p1 < ../patches/ruby-fix-get_main_stack.patch; \
- patch -p1 < ../patches/ruby-test_insns-lower-recursion-depth.patch; \
-# -fomit-frame-pointer makes ruby segfault, see gentoo bug #150413
-# In many places aliasing rules are broken; play it safe
-# as it's risky with newer compilers to leave it as it is.
- export CFLAGS="-fno-omit-frame-pointer -fno-strict-aliasing"; \
- export CPPFLAGS="-fno-omit-frame-pointer -fno-strict-aliasing"; \
- \
-# Needed for coroutine stuff
- export LIBS="-lucontext"; \
-# ruby saves path to install. we want use $PATH
- export INSTALL=install; \
-# the configure script does not detect isnan/isinf as macros
- export ac_cv_func_isnan=yes; \
- export ac_cv_func_isinf=yes; \
- \
- ./configure \
- --prefix=/usr \
- --sysconfdir=/etc \
- --mandir=/usr/share/man \
- --infodir=/usr/share/info \
- --with-sitedir=/usr/local/lib/site_ruby \
- --with-search-path="/usr/lib/site_ruby/\$(ruby_ver)/x86_64-linux" \
- --enable-pthread \
- --disable-rpath \
- --enable-shared \
- --disable-install-doc; \
-# Build
- make -j$(nproc) -l 8 VERBOSE=1; \
-# Test
- make test; \
-# Install
- pkgdir="/build/ruby-root"; \
- make DESTDIR="$pkgdir" SUDO="" install; \
-# Remove cruft
- rm -rfv \
- "$pkgdir"/usr/share \
- "$pkgdir"/usr/lib/pkgconfig
-
-
-RUN set -eux; \
- cd build/ruby-root; \
- pkgdir="/build/ruby-root"; \
- scanelf --recursive --nobanner --osabi --etype "ET_DYN,ET_EXEC" . | awk '{print $3}' | xargs \
- strip \
- --remove-section=.comment \
- --remove-section=.note \
- -R .gnu.lto_* -R .gnu.debuglto_* \
- -N __gnu_lto_slim -N __gnu_lto_v1 \
- --strip-unneeded; \
- du -hs "$pkgdir"
-
-
-
-#
-# Nodejs builder
-#
-
-FROM registry.conarx.tech/containers/alpine/edge as nodejs-builder
-
-ARG NODEJS_VER=20.10.0
-
-# Copy build patches
-COPY patches build/patches
-
-
-# Install libs we need
-RUN set -eux; \
- true "Installing build dependencies"; \
-# from https://git.alpinelinux.org/aports/tree/main/nodejs/APKBUILD
- apk add --no-cache \
- build-base \
- ca-certificates \
- brotli-dev c-ares-dev icu-dev linux-headers nghttp2-dev openssl-dev python3 py3-jinja2 samurai zlib-dev
-
-
-# Download packages
-RUN set -eux; \
- mkdir -p build; \
- cd build; \
- wget "https://nodejs.org/dist/v$NODEJS_VER/node-v$NODEJS_VER.tar.gz"; \
- tar -xf "node-v${NODEJS_VER}.tar.gz"
-
-
-# Build and install Nodejs
-RUN set -eux; \
- cd build; \
- cd node-v${NODEJS_VER}; \
-# Patching
- patch -p1 < ../patches/nodejs-fix-build-with-system-c-ares.patch; \
-# Compiler flags
- export CFLAGS="-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"; \
- export CXXFLAGS="-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"; \
- export CPPFLAGS="-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"; \
- \
-# NOTE: We use bundled libuv because they don't care much about backward
-# compatibility and it has happened several times in past that we
-# couldn't upgrade nodejs package in stable branches to fix CVEs due to
-# libuv incompatibility.
-#
-# NOTE: We don't package the bundled npm - it's a separate project with
-# its own release cycle and version numbering, so it's better to keep
-# it in a standalone aport.
-#
-# TODO: Fix and enable corepack.
- python3 configure.py --prefix=/usr \
- --shared-brotli \
- --shared-zlib \
- --shared-openssl \
- --shared-cares \
- --shared-nghttp2 \
- --ninja \
- --openssl-use-def-ca-store \
- --with-icu-default-data-dir=$(icu-config --icudatadir) \
- --with-intl=system-icu; \
- \
-# Build, must build without -j or it will fail
- make -l 8 VERBOSE=1 BUILDTYPE=Release; \
-# Test
- ./node -e 'console.log("Hello, world!")'; \
- ./node -e "require('assert').equal(process.versions.node, '$NODEJS_VER')"; \
-# Install
- pkgdir="/build/nodejs-root"; \
- make DESTDIR="$pkgdir" install; \
- \
-# Remove cruft
- rm -rfv \
- "$pkgdir"/usr/share \
- "$pkgdir"/usr/lib/node_modules/npm/docs \
- "$pkgdir"/usr/lib/node_modules/npm/man
-
-
-RUN set -eux; \
- cd build/nodejs-root; \
- pkgdir="/build/nodejs-root"; \
- scanelf --recursive --nobanner --osabi --etype "ET_DYN,ET_EXEC" . | awk '{print $3}' | xargs \
- strip \
- --remove-section=.comment \
- --remove-section=.note \
- -R .gnu.lto_* -R .gnu.debuglto_* \
- -N __gnu_lto_slim -N __gnu_lto_v1 \
- --strip-unneeded; \
- du -hs "$pkgdir"
-
-
-
-#
-# Build Mastodon
-#
-
-
FROM registry.conarx.tech/containers/alpine/edge as mastodon-builder
-
LABEL maintainer="Nigel Kukard <nkukard@lbsd.net>"
ARG VERSION_INFO=
-ARG MASTODON_VER=4.3.1
+ARG MASTODON_VER=4.3.2
+COPY --from=registry.conarx.tech/containers/nodejs/edge:22.11.0 /opt/nodejs-22.11.0 /opt/nodejs-22.11.0
+COPY --from=registry.conarx.tech/containers/ruby/edge:3.3.6 /opt/ruby-3.3.6 /opt/ruby-3.3.6
-# Copy in built binaries
-COPY --from=ruby-builder /build/ruby-root /
-COPY --from=nodejs-builder /build/nodejs-root /
# Copy build patches
COPY patches build/patches
@@ -233,11 +40,19 @@ RUN set -eux; \
# Ruby
apk add --no-cache libucontext; \
# NodeJS
- apk add --no-cache nghttp2-libs; \
+ apk add --no-cache nghttp2-libs libuv; \
# Mastodon
apk add --no-cache coreutils wget procps libpq imagemagick ffmpeg jemalloc icu-libs libidn yaml file tzdata readline; \
# Mastodon build reqs
apk add --no-cache build-base git jemalloc-dev libucontext-dev libpq-dev icu-dev zlib-dev libidn-dev linux-headers yaml-dev vips-dev; \
+ # Setup environment
+ for i in /opt/*/ld-musl-x86_64.path; do \
+ cat "$i" >> /etc/ld-musl-x86_64.path; \
+ done; \
+ for i in /opt/*/PATH; do \
+ export PATH="$(cat "$i"):$PATH"; \
+ done; \
+# Start build
npm install --global yarn; \
true "Versioning..."; \
node --version; \
@@ -293,10 +108,15 @@ FROM registry.conarx.tech/containers/alpine/edge
ARG VERSION_INFO=
+ARG RUBY_VER=3.3.6
+ARG NODEJS_VER=22.11.0
+
LABEL org.opencontainers.image.authors "Nigel Kukard <nkukard@conarx.tech>"
LABEL org.opencontainers.image.version "edge"
LABEL org.opencontainers.image.base.name "docker.io/library/alpine:edge"
+COPY --from=registry.conarx.tech/containers/ruby/edge:3.3.6 /opt/ruby-3.3.6 /opt/ruby-3.3.6
+COPY --from=registry.conarx.tech/containers/nodejs/edge:22.11.0 /opt/nodejs-22.11.0 /opt/nodejs-22.11.0
RUN set -eux; \
@@ -305,9 +125,6 @@ RUN set -eux; \
adduser -S -D -h /opt/mastodon -s /sbin/nologin -G mastodon -g mastodon mastodon 2>/dev/null
-# Copy in built binaries
-COPY --from=ruby-builder /build/ruby-root /
-COPY --from=nodejs-builder /build/nodejs-root /
# Copy in Mastodon
COPY --chown=mastodon:mastodon --from=mastodon-builder /build/mastodon /opt/mastodon
# Tools
@@ -317,7 +134,7 @@ COPY --from=tools /usr/bin/pg_isready /usr/local/bin/pg_isready
# Add more PATHs to the PATH
-ENV PATH="${PATH}:/opt/mastodon/bin"
+ENV PATH="${PATH}:/opt/ruby-${RUBY_VER}/bin:/opt/nodejs-${NODEJS_VER}/bin:/opt/mastodon/bin"
RUN set -eux; \
true "Install requirements"; \
@@ -326,7 +143,7 @@ RUN set -eux; \
# Ruby
apk add --no-cache gmp libucontext; \
# NodeJS
- apk add --no-cache nghttp2-libs; \
+ apk add --no-cache libuv nghttp2-libs; \
# Mastodon
apk add --no-cache coreutils wget procps libpq imagemagick ffmpeg jemalloc icu-libs libidn yaml file tzdata readline vips; \
mkdir -p /opt/mastodon/public/system; \
@@ -334,6 +151,10 @@ RUN set -eux; \
# Link mastodon to / that everyone else uses
ln -s /opt/mastodon /mastodon; \
mkdir /etc/mastodon; \
+# Setup environment
+ for i in /opt/*/ld-musl-x86_64.path; do \
+ cat "$i" >> /etc/ld-musl-x86_64.path; \
+ done; \
# Other
true "Cleanup"; \
rm -rf \
diff --git a/usr/local/sbin/mastodon-rails b/usr/local/sbin/mastodon-rails
index 6e0eb5b..6ffe24a 100644
--- a/usr/local/sbin/mastodon-rails
+++ b/usr/local/sbin/mastodon-rails
@@ -35,4 +35,5 @@ set +a
set -e
-sudo -E -u mastodon -- bundle exec rails "$@"
+_bundle=$(which bundle)
+exec sudo -E --preserve-env=PATH -u mastodon -- "$_bundle" exec rails "$@"
\ No newline at end of file
diff --git a/usr/local/sbin/start-mastodon b/usr/local/sbin/start-mastodon
index b3118ff..1e5d6a9 100644
--- a/usr/local/sbin/start-mastodon
+++ b/usr/local/sbin/start-mastodon
@@ -32,12 +32,16 @@ set +a
# shellcheck disable=SC1091
. .mode.env
+
if [ "$MASTODON_MODE" = "web" ]; then
- exec bundle exec rails server -p 3000 -b "$BIND"
+ _bundle=$(which bundle)
+ exec "$_bundle" exec rails server -p 3000 -b "$BIND"
elif [ "$MASTODON_MODE" = "streaming" ]; then
- exec node ./streaming/index.js
+ _node=$(which node)
+ exec "$_node" ./streaming/index.js
elif [ "$MASTODON_MODE" = "sidekiq" ]; then
- exec bundle exec sidekiq
+ _bundle=$(which bundle)
+ exec "$_bundle" exec sidekiq
fi
diff --git a/usr/local/sbin/tootctl b/usr/local/sbin/tootctl
index 766af53..526ee98 100644
--- a/usr/local/sbin/tootctl
+++ b/usr/local/sbin/tootctl
@@ -35,4 +35,4 @@ set +a
set -e
-sudo -E -u mastodon -- bin/tootctl "$@"
+sudo -E -preserve-env=PATH -u mastodon -- bin/tootctl "$@"
\ No newline at end of file
diff --git a/usr/local/share/flexible-docker-containers/init.d/42-mastodon.sh b/usr/local/share/flexible-docker-containers/init.d/42-mastodon.sh
index 929a8f9..49ef9e1 100755
--- a/usr/local/share/flexible-docker-containers/init.d/42-mastodon.sh
+++ b/usr/local/share/flexible-docker-containers/init.d/42-mastodon.sh
@@ -31,10 +31,12 @@ if [ ! -f /etc/mastodon/mastodon.env ]; then
fdc_error "This can be specified using: --volume /home/user/test/mastodon.env:/etc/mastodon/mastodon.env"
false
fi
+
+
# Setup environment variables
cat <<EOF > /opt/mastodon/mastodon.env
# Defaults
-PATH="$PATH:/opt/mastodon/bin"
+PATH="$PATH"
RAILS_ENV="production"
NODE_ENV="production"
RAILS_SERVE_STATIC_FILES="true"
--
GitLab
From 434f78d9e1911ca27de025cf93f3cf3fc5690d1a Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Mon, 6 Jan 2025 14:26:07 +0000
Subject: [PATCH 09/12] chore: updated copyright to 20251
---
.gitlab-ci.yml | 2 +-
Dockerfile | 2 +-
docker_release_version.sh | 2 +-
usr/local/sbin/mastodon-rails | 2 +-
usr/local/sbin/start-mastodon | 2 +-
usr/local/sbin/tootctl | 2 +-
.../flexible-docker-containers/healthcheck.d/42-mastodon.sh | 2 +-
.../share/flexible-docker-containers/init.d/42-mastodon.sh | 2 +-
.../share/flexible-docker-containers/tests.d/42-mastodon.sh | 2 +-
9 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index f9697d3..566040c 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,4 +1,4 @@
-# Copyright (c) 2022-2023, AllWorldIT.
+# Copyright (c) 2022-2025, AllWorldIT.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
diff --git a/Dockerfile b/Dockerfile
index a4b7846..86f00a6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-# Copyright (c) 2022-2023, AllWorldIT.
+# Copyright (c) 2022-2025, AllWorldIT.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
diff --git a/docker_release_version.sh b/docker_release_version.sh
index a54bca9..dea065e 100644
--- a/docker_release_version.sh
+++ b/docker_release_version.sh
@@ -1,5 +1,5 @@
#!/bin/sh
-# Copyright (c) 2022-2023, AllWorldIT.
+# Copyright (c) 2022-2025, AllWorldIT.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
diff --git a/usr/local/sbin/mastodon-rails b/usr/local/sbin/mastodon-rails
index 6ffe24a..7da8037 100644
--- a/usr/local/sbin/mastodon-rails
+++ b/usr/local/sbin/mastodon-rails
@@ -1,5 +1,5 @@
#!/bin/sh
-# Copyright (c) 2022-2023, AllWorldIT.
+# Copyright (c) 2022-2025, AllWorldIT.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
diff --git a/usr/local/sbin/start-mastodon b/usr/local/sbin/start-mastodon
index 1e5d6a9..07f673e 100644
--- a/usr/local/sbin/start-mastodon
+++ b/usr/local/sbin/start-mastodon
@@ -1,5 +1,5 @@
#!/bin/sh
-# Copyright (c) 2022-2023, AllWorldIT.
+# Copyright (c) 2022-2025, AllWorldIT.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
diff --git a/usr/local/sbin/tootctl b/usr/local/sbin/tootctl
index 526ee98..d6dd0e6 100644
--- a/usr/local/sbin/tootctl
+++ b/usr/local/sbin/tootctl
@@ -1,5 +1,5 @@
#!/bin/sh
-# Copyright (c) 2022-2023, AllWorldIT.
+# Copyright (c) 2022-2025, AllWorldIT.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
diff --git a/usr/local/share/flexible-docker-containers/healthcheck.d/42-mastodon.sh b/usr/local/share/flexible-docker-containers/healthcheck.d/42-mastodon.sh
index 08b7598..d245f25 100644
--- a/usr/local/share/flexible-docker-containers/healthcheck.d/42-mastodon.sh
+++ b/usr/local/share/flexible-docker-containers/healthcheck.d/42-mastodon.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# Copyright (c) 2022-2023, AllWorldIT.
+# Copyright (c) 2022-2025, AllWorldIT.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
diff --git a/usr/local/share/flexible-docker-containers/init.d/42-mastodon.sh b/usr/local/share/flexible-docker-containers/init.d/42-mastodon.sh
index 49ef9e1..50b55ac 100755
--- a/usr/local/share/flexible-docker-containers/init.d/42-mastodon.sh
+++ b/usr/local/share/flexible-docker-containers/init.d/42-mastodon.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# Copyright (c) 2022-2023, AllWorldIT.
+# Copyright (c) 2022-2025, AllWorldIT.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
diff --git a/usr/local/share/flexible-docker-containers/tests.d/42-mastodon.sh b/usr/local/share/flexible-docker-containers/tests.d/42-mastodon.sh
index 76306e4..0b7f0b4 100644
--- a/usr/local/share/flexible-docker-containers/tests.d/42-mastodon.sh
+++ b/usr/local/share/flexible-docker-containers/tests.d/42-mastodon.sh
@@ -1,5 +1,5 @@
#!/bin/bash
-# Copyright (c) 2022-2023, AllWorldIT.
+# Copyright (c) 2022-2025, AllWorldIT.
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
--
GitLab
From eedcb7aed9f048135828a3c825202a8abd023fe0 Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Mon, 6 Jan 2025 15:01:48 +0000
Subject: [PATCH 10/12] fix: fixed LABEL syntax
---
Dockerfile | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/Dockerfile b/Dockerfile
index 86f00a6..ec21d9b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -111,9 +111,9 @@ ARG VERSION_INFO=
ARG RUBY_VER=3.3.6
ARG NODEJS_VER=22.11.0
-LABEL org.opencontainers.image.authors "Nigel Kukard <nkukard@conarx.tech>"
-LABEL org.opencontainers.image.version "edge"
-LABEL org.opencontainers.image.base.name "docker.io/library/alpine:edge"
+LABEL org.opencontainers.image.authors = "Nigel Kukard <nkukard@conarx.tech>"
+LABEL org.opencontainers.image.version = "edge"
+LABEL org.opencontainers.image.base.name = "docker.io/library/alpine:edge"
COPY --from=registry.conarx.tech/containers/ruby/edge:3.3.6 /opt/ruby-3.3.6 /opt/ruby-3.3.6
COPY --from=registry.conarx.tech/containers/nodejs/edge:22.11.0 /opt/nodejs-22.11.0 /opt/nodejs-22.11.0
--
GitLab
From 17a355c2e5b97d28c89c5f26174dcb96f4ffc199 Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Tue, 7 Jan 2025 05:01:07 +0000
Subject: [PATCH 11/12] chore: updated nodejs to 22.12.0
---
Dockerfile | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/Dockerfile b/Dockerfile
index ec21d9b..853572d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -26,7 +26,7 @@ ARG VERSION_INFO=
ARG MASTODON_VER=4.3.2
-COPY --from=registry.conarx.tech/containers/nodejs/edge:22.11.0 /opt/nodejs-22.11.0 /opt/nodejs-22.11.0
+COPY --from=registry.conarx.tech/containers/nodejs/edge:22.12.0 /opt/nodejs-22.12.0 /opt/nodejs-22.12.0
COPY --from=registry.conarx.tech/containers/ruby/edge:3.3.6 /opt/ruby-3.3.6 /opt/ruby-3.3.6
@@ -109,14 +109,14 @@ FROM registry.conarx.tech/containers/alpine/edge
ARG VERSION_INFO=
ARG RUBY_VER=3.3.6
-ARG NODEJS_VER=22.11.0
+ARG NODEJS_VER=22.12.0
LABEL org.opencontainers.image.authors = "Nigel Kukard <nkukard@conarx.tech>"
LABEL org.opencontainers.image.version = "edge"
LABEL org.opencontainers.image.base.name = "docker.io/library/alpine:edge"
COPY --from=registry.conarx.tech/containers/ruby/edge:3.3.6 /opt/ruby-3.3.6 /opt/ruby-3.3.6
-COPY --from=registry.conarx.tech/containers/nodejs/edge:22.11.0 /opt/nodejs-22.11.0 /opt/nodejs-22.11.0
+COPY --from=registry.conarx.tech/containers/nodejs/edge:22.12.0 /opt/nodejs-22.12.0 /opt/nodejs-22.12.0
RUN set -eux; \
--
GitLab
From d7d791c830abf16c5f5f3b964b5caeb0afe4521a Mon Sep 17 00:00:00 2001
From: Nigel Kukard <nkukard@lbsd.net>
Date: Tue, 7 Jan 2025 05:54:33 +0000
Subject: [PATCH 12/12] chore: updated to Alpine 3.21
---
Dockerfile | 20 ++++++++++----------
1 file changed, 10 insertions(+), 10 deletions(-)
diff --git a/Dockerfile b/Dockerfile
index 7cbaa69..2285f70 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -19,15 +19,15 @@
# IN THE SOFTWARE.
-FROM registry.conarx.tech/containers/alpine/3.20 as mastodon-builder
+FROM registry.conarx.tech/containers/alpine/3.21 as mastodon-builder
LABEL maintainer="Nigel Kukard <nkukard@lbsd.net>"
ARG VERSION_INFO=
ARG MASTODON_VER=4.3.2
-COPY --from=registry.conarx.tech/containers/nodejs/3.20:22.11.0 /opt/nodejs-22.11.0 /opt/nodejs-22.11.0
-COPY --from=registry.conarx.tech/containers/ruby/3.20:3.3.6 /opt/ruby-3.3.6 /opt/ruby-3.3.6
+COPY --from=registry.conarx.tech/containers/nodejs/3.21:22.12.0 /opt/nodejs-22.12.0 /opt/nodejs-22.12.0
+COPY --from=registry.conarx.tech/containers/ruby/3.21:3.3.6 /opt/ruby-3.3.6 /opt/ruby-3.3.6
# Copy build patches
@@ -93,7 +93,7 @@ RUN set -eux; \
-FROM registry.conarx.tech/containers/alpine/3.20 as tools
+FROM registry.conarx.tech/containers/alpine/3.21 as tools
RUN set -eux; \
true "Install tools"; \
@@ -103,20 +103,20 @@ RUN set -eux; \
-FROM registry.conarx.tech/containers/alpine/3.20
+FROM registry.conarx.tech/containers/alpine/3.21
ARG VERSION_INFO=
ARG RUBY_VER=3.3.6
-ARG NODEJS_VER=22.11.0
+ARG NODEJS_VER=22.12.0
LABEL org.opencontainers.image.authors "Nigel Kukard <nkukard@conarx.tech>"
-LABEL org.opencontainers.image.version "3.20"
-LABEL org.opencontainers.image.base.name "docker.io/library/alpine:3.20"
+LABEL org.opencontainers.image.version "3.21"
+LABEL org.opencontainers.image.base.name "docker.io/library/alpine:3.21"
-COPY --from=registry.conarx.tech/containers/ruby/3.20:3.3.6 /opt/ruby-3.3.6 /opt/ruby-3.3.6
-COPY --from=registry.conarx.tech/containers/nodejs/3.20:22.11.0 /opt/nodejs-22.11.0 /opt/nodejs-22.11.0
+COPY --from=registry.conarx.tech/containers/ruby/3.21:3.3.6 /opt/ruby-3.3.6 /opt/ruby-3.3.6
+COPY --from=registry.conarx.tech/containers/nodejs/3.21:22.12.0 /opt/nodejs-22.12.0 /opt/nodejs-22.12.0
RUN set -eux; \
--
GitLab