blob: 9caf9a6646fc595ba899dd082e864f648a113c97 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
|
# syntax=docker/dockerfile:1
ARG SYNAPSE_VERSION=latest
ARG SYNAPSE_IMAGE=docker.io/matrixdotorg/synapse:$SYNAPSE_VERSION
ARG MAS_VERSION=latest
ARG MAS_IMAGE=ghcr.io/matrix-org/matrix-authentication-service:$MAS_VERSION
ARG REDIS_VERSION=7.4.0
ARG REDIS_IMAGE=docker.io/library/redis:$REDIS_VERSION-bookworm
ARG NGINX_VERSION=1.26.1
ARG NGINX_IMAGE=docker.io/library/nginx:$NGINX_VERSION-bookworm
FROM $NGINX_IMAGE AS nginx
FROM $REDIS_IMAGE AS redis
FROM $MAS_IMAGE AS mas
# now build the final image, based on the the regular Synapse docker image
FROM $SYNAPSE_IMAGE
# Install supervisord with pip instead of apt, to avoid installing a second
# copy of python.
RUN --mount=type=cache,target=/root/.cache/pip \
pip install supervisor~=4.2
RUN mkdir -p /etc/supervisor/conf.d
# Copy over redis, nginx and matrix-authentication-service
COPY --from=redis /usr/local/bin/redis-server /usr/local/bin
COPY --from=nginx /usr/sbin/nginx /usr/sbin
COPY --from=nginx /usr/share/nginx /usr/share/nginx
COPY --from=nginx /usr/lib/nginx /usr/lib/nginx
COPY --from=nginx /etc/nginx /etc/nginx
RUN mkdir /var/log/nginx /var/lib/nginx
RUN chown www-data /var/lib/nginx
# have nginx log to stderr/out
RUN ln -sf /dev/stdout /var/log/nginx/access.log
RUN ln -sf /dev/stderr /var/log/nginx/error.log
COPY --from=mas /usr/local/bin/mas-cli /usr/local/bin
COPY --from=mas /usr/local/share/mas-cli /usr/local/share
# Copy Synapse worker, nginx and supervisord configuration template files
COPY ./docker/conf-workers/* /conf/
# Copy a script to prefix log lines with the supervisor program name
COPY ./docker/prefix-log /usr/local/bin/
# Expose nginx listener port
EXPOSE 8080/tcp
# A script to read environment variables and create the necessary
# files to run the desired worker configuration. Will start supervisord.
COPY ./docker/configure_workers_and_start.py /configure_workers_and_start.py
ENTRYPOINT ["/configure_workers_and_start.py"]
# Replace the healthcheck with one which checks *all* the workers. The script
# is generated by configure_workers_and_start.py.
HEALTHCHECK --start-period=5s --interval=15s --timeout=5s \
CMD /bin/sh /healthcheck.sh
|
