Skip to content

Commit

Permalink
chore(docker): trim more the image, always run setup
Browse files Browse the repository at this point in the history
This allows to simplify the custom entrypoints command a little bit
  • Loading branch information
ferferga authored Nov 6, 2024
1 parent 303930b commit 5b502cd
Show file tree
Hide file tree
Showing 6 changed files with 36 additions and 25 deletions.
3 changes: 2 additions & 1 deletion .github/workflows/__package.yml
Original file line number Diff line number Diff line change
Expand Up @@ -239,7 +239,8 @@ jobs:
- name: Extract built client from Docker image 🗜️
run: |
docker load < docker_image.tar
docker cp $(docker create --name jf $(docker images --filter=reference='${{ env.REGISTRY_IMAGE }}' -q | head -n 1)):/usr/share/nginx/html/ ./dist
ASSETS=$(docker inspect ${{ env.REGISTRY_IMAGE }} --format='{{range .Config.Env}}{{println .}}{{end}}' | grep ^ASSETS= | cut -d '=' -f2-)
docker cp $(docker create --name jf $(docker images --filter=reference='${{ env.REGISTRY_IMAGE }}' -q | head -n 1)):$ASSETS/ ./dist
- name: Create provenance attestation 🔏
uses: actions/[email protected]
Expand Down
12 changes: 8 additions & 4 deletions packaging/docker/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -21,14 +21,18 @@ RUN npm ci --no-audit && npm run build
# Deploy built distribution to nginx
FROM nginx:stable-alpine-slim

COPY packaging/docker/contents/nginx.conf /etc/nginx/conf.d/default.conf
ENV ASSETS=/usr/share/nginx/html
ENV NGINX_DEFAULT_SITE_CONFIG=/etc/nginx/conf.d/default.conf

COPY packaging/docker/contents/nginx.conf "$NGINX_DEFAULT_SITE_CONFIG"
COPY packaging/docker/contents/*.sh /
COPY LICENSE /usr/share/licenses/jellyfin-vue.LICENSE
COPY LICENSE /usr/share/licenses/jellyfin-vue

RUN rm -rf /usr/share/nginx/html/*
COPY --from=build /app/frontend/dist/ /usr/share/nginx/html/
RUN rm -rf "$ASSETS"/*
COPY --from=build /app/frontend/dist/ "$ASSETS"
RUN chmod +x /*.sh && /postunpack.sh && rm /postunpack.sh
USER nginx
WORKDIR "$ASSETS"

EXPOSE 80

Expand Down
18 changes: 7 additions & 11 deletions packaging/docker/contents/docker-entrypoint.sh
Original file line number Diff line number Diff line change
@@ -1,14 +1,10 @@
#!/bin/sh

## If the command has not been replaced by the user (i.e docker run image /bin/sh),
## follow through the setup process
if [[ "$*" = "nginx -g daemon off;" ]]; then
echo "==== Starting Jellyfin Vue setup ===="
echo
/setup.sh
echo
echo "==== Setup finished! ===="
echo -e "\n"
fi
echo "==== Starting Jellyfin Vue setup ===="
echo
/setup.sh
echo
echo "==== Setup finished! ===="
echo

exec "$@"
exec /bin/sh -c "$@"
2 changes: 1 addition & 1 deletion packaging/docker/contents/nginx.conf
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
server {
listen 80;
root /usr/share/nginx/html;
root ${ASSETS};
location / {
# First attempt to serve request as file, then as directory, then fall back to redirecting to index.html
# This is needed for history mode in Vue router: https://router.vuejs.org/guide/essentials/history-mode.html#nginx
Expand Down
17 changes: 11 additions & 6 deletions packaging/docker/contents/postunpack.sh
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,10 @@ apk add --no-cache jq
# CONTAINER ROOTLESS SETUP
### Set correct permissions and make frontend config.json file editable for the runtime user
mkdir -p /run/nginx
chown nginx:nginx -R /run/nginx /var/cache/nginx /usr/share/nginx/html/config.json
chown nginx:nginx -R /run/nginx /var/cache/nginx "$ASSETS"/config.json
sed -i 's|/var/run|/var/run/nginx|g' $NGINX_CONFIG_FILE
## Replaces the 'root' directive with the value of $ASSETS
sed -i "s|\${ASSETS}|${ASSETS}|g" "$NGINX_DEFAULT_SITE_CONFIG"
## The 'user' config option is useless when running rootless and gives a warning
sed -i '/^user /d' $NGINX_CONFIG_FILE
## Allow to open privileged ports
Expand All @@ -19,9 +21,12 @@ setcap CAP_NET_BIND_SERVICE=+eip /usr/sbin/nginx
apk --purge del libcap

# Trim image
apk --purge del apk-tools
apk --purge del apk-tools man-db
rm -rf /docker-entrypoint.d /.dockerenv /usr/sbin/nginx-debug
rm -rf /usr/share/zoneinfo
rm -rf /sbin/apk /etc/apk /lib/apk /usr/share/apk /var/lib/apk
rm -rf /usr/lib/libcrypto* /usr/lib/libintl* /usr/lib/libssl* \
/usr/lib/engines-3 /usr/lib/modules-load.d /usr/lib/nginx /usr/lib/ossl-modules
rm -rf /usr/share/zoneinfo /usr/share/man
rm -rf /var/cache/apk
rm -rf /etc/nginx/fast* /etc/nginx/*_params /etc/nginx/modules
rm -rf /sbin/apk /etc/apk /lib/apk /usr/share/apk /var/lib/apk /lib/libapk*
rm -rf /usr/lib/libintl* /lib/libintl*
rm -rf /usr/lib/engines-3 /usr/lib/modules-load.d /usr/lib/nginx /usr/lib/ossl-modules
rm -rf /etc/ssl
9 changes: 7 additions & 2 deletions packaging/docker/contents/setup.sh
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#!/bin/sh

CONFIG_FILE_PATH="/usr/share/nginx/html/config.json"
CONFIG_FILE_PATH="$ASSETS/config.json"
echo "Writing data to $CONFIG_FILE_PATH..."

if [[ "$HISTORY_ROUTER_MODE" == "0" ]]; then
Expand All @@ -15,7 +15,12 @@ else
ALLOW_SERVER_SELECTION=true
fi

echo "DEFAULT_SERVERS value: $DEFAULT_SERVERS"
if [ -n "$DEFAULT_SERVERS" ]; then
echo "DEFAULT_SERVERS value: $DEFAULT_SERVERS"
else
echo "No DEFAULT_SERVERS value specified"
fi

echo "ALLOW_SERVER_SELECTION value: $ALLOW_SERVER_SELECTION"
echo "ROUTER_MODE value: $ROUTER_MODE"

Expand Down

0 comments on commit 5b502cd

Please sign in to comment.