Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(docker): trim more the image, always run setup #2491

Merged
merged 1 commit into from
Nov 6, 2024
Merged

chore(docker): trim more the image, always run setup #2491

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion .github/workflows/__package.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -239,7 +239,8 @@ jobs:
- name: Extract built client from Docker image 🗜️
run: |
docker load < docker_image.tar
docker cp $(docker create --name jf $(docker images --filter=reference='${{ env.REGISTRY_IMAGE }}' -q | head -n 1)):/usr/share/nginx/html/ ./dist
ASSETS=$(docker inspect ${{ env.REGISTRY_IMAGE }} --format='{{range .Config.Env}}{{println .}}{{end}}' | grep ^ASSETS= | cut -d '=' -f2-)
docker cp $(docker create --name jf $(docker images --filter=reference='${{ env.REGISTRY_IMAGE }}' -q | head -n 1)):$ASSETS/ ./dist

- name: Create provenance attestation 🔏
uses: actions/[email protected]
Expand Down
12 changes: 8 additions & 4 deletions packaging/docker/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,14 +21,18 @@ RUN npm ci --no-audit && npm run build
# Deploy built distribution to nginx
FROM nginx:stable-alpine-slim

COPY packaging/docker/contents/nginx.conf /etc/nginx/conf.d/default.conf
ENV ASSETS=/usr/share/nginx/html
ENV NGINX_DEFAULT_SITE_CONFIG=/etc/nginx/conf.d/default.conf

COPY packaging/docker/contents/nginx.conf "$NGINX_DEFAULT_SITE_CONFIG"
COPY packaging/docker/contents/*.sh /
COPY LICENSE /usr/share/licenses/jellyfin-vue.LICENSE
COPY LICENSE /usr/share/licenses/jellyfin-vue

RUN rm -rf /usr/share/nginx/html/*
COPY --from=build /app/frontend/dist/ /usr/share/nginx/html/
RUN rm -rf "$ASSETS"/*
COPY --from=build /app/frontend/dist/ "$ASSETS"
RUN chmod +x /*.sh && /postunpack.sh && rm /postunpack.sh
USER nginx
WORKDIR "$ASSETS"

EXPOSE 80

Expand Down
16 changes: 6 additions & 10 deletions packaging/docker/contents/docker-entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,14 +1,10 @@
#!/bin/sh

## If the command has not been replaced by the user (i.e docker run image /bin/sh),
## follow through the setup process
if [[ "$*" = "nginx -g daemon off;" ]]; then
echo "==== Starting Jellyfin Vue setup ===="
echo
/setup.sh
echo
echo "==== Setup finished! ===="
echo -e "\n"
fi
echo "==== Starting Jellyfin Vue setup ===="
echo
/setup.sh
echo
echo "==== Setup finished! ===="
echo

exec "$@"
2 changes: 1 addition & 1 deletion packaging/docker/contents/nginx.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
server {
listen 80;
root /usr/share/nginx/html;
root ${ASSETS};
location / {
# First attempt to serve request as file, then as directory, then fall back to redirecting to index.html
# This is needed for history mode in Vue router: https://router.vuejs.org/guide/essentials/history-mode.html#nginx
Expand Down
15 changes: 10 additions & 5 deletions packaging/docker/contents/postunpack.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,10 @@ apk add --no-cache jq
# CONTAINER ROOTLESS SETUP
### Set correct permissions and make frontend config.json file editable for the runtime user
mkdir -p /run/nginx
chown nginx:nginx -R /run/nginx /var/cache/nginx /usr/share/nginx/html/config.json
chown nginx:nginx -R /run/nginx /var/cache/nginx "$ASSETS"/config.json
sed -i 's|/var/run|/var/run/nginx|g' $NGINX_CONFIG_FILE
## Replaces the 'root' directive with the value of $ASSETS
sed -i "s|\${ASSETS}|${ASSETS}|g" "$NGINX_DEFAULT_SITE_CONFIG"
## The 'user' config option is useless when running rootless and gives a warning
sed -i '/^user /d' $NGINX_CONFIG_FILE
## Allow to open privileged ports
Expand All @@ -21,7 +23,10 @@ apk --purge del libcap
# Trim image
apk --purge del apk-tools
rm -rf /docker-entrypoint.d /.dockerenv /usr/sbin/nginx-debug
rm -rf /usr/share/zoneinfo
rm -rf /sbin/apk /etc/apk /lib/apk /usr/share/apk /var/lib/apk
rm -rf /usr/lib/libcrypto* /usr/lib/libintl* /usr/lib/libssl* \
/usr/lib/engines-3 /usr/lib/modules-load.d /usr/lib/nginx /usr/lib/ossl-modules
rm -rf /usr/share/zoneinfo /usr/share/man
rm -rf /var/cache/apk
rm -rf /etc/nginx/fast* /etc/nginx/*_params /etc/nginx/modules
rm -rf /sbin/apk /etc/apk /lib/apk /usr/share/apk /var/lib/apk /lib/libapk*
rm -rf /usr/lib/libintl* /lib/libintl*
rm -rf /usr/lib/engines-3 /usr/lib/modules-load.d /usr/lib/nginx /usr/lib/ossl-modules
rm -rf /etc/ssl
9 changes: 7 additions & 2 deletions packaging/docker/contents/setup.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#!/bin/sh

CONFIG_FILE_PATH="/usr/share/nginx/html/config.json"
CONFIG_FILE_PATH="$ASSETS/config.json"
echo "Writing data to $CONFIG_FILE_PATH..."

if [[ "$HISTORY_ROUTER_MODE" == "0" ]]; then
Expand All @@ -15,7 +15,12 @@ else
ALLOW_SERVER_SELECTION=true
fi

echo "DEFAULT_SERVERS value: $DEFAULT_SERVERS"
if [ -n "$DEFAULT_SERVERS" ]; then
echo "DEFAULT_SERVERS value: $DEFAULT_SERVERS"
else
echo "No DEFAULT_SERVERS value specified"
fi

echo "ALLOW_SERVER_SELECTION value: $ALLOW_SERVER_SELECTION"
echo "ROUTER_MODE value: $ROUTER_MODE"

Expand Down
Loading