2025-11-07 06:38:44 -05:00
|
|
|
FROM ruby:3.4.6-slim
|
|
|
|
|
|
|
|
|
|
ARG RAILS_ENV=production
|
|
|
|
|
|
|
|
|
|
ENV APP_PATH=/var/app
|
|
|
|
|
ENV BUNDLE_VERSION=2.5.21
|
|
|
|
|
ENV BUNDLE_PATH=/usr/local/bundle/gems
|
|
|
|
|
ENV RAILS_LOG_TO_STDOUT=true
|
|
|
|
|
ENV RAILS_PORT=3000
|
|
|
|
|
|
|
|
|
|
RUN apt-get update -qq \
|
|
|
|
|
&& DEBIAN_FRONTEND=noninteractive apt-get upgrade -y -qq \
|
|
|
|
|
&& DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
|
|
|
|
|
curl \
|
|
|
|
|
wget \
|
|
|
|
|
build-essential \
|
|
|
|
|
git \
|
|
|
|
|
postgresql-client \
|
|
|
|
|
libpq-dev \
|
|
|
|
|
libxml2-dev \
|
|
|
|
|
libxslt-dev \
|
|
|
|
|
libyaml-dev \
|
|
|
|
|
libgeos-dev libgeos++-dev \
|
|
|
|
|
imagemagick \
|
|
|
|
|
tzdata \
|
|
|
|
|
less \
|
|
|
|
|
libjemalloc2 libjemalloc-dev \
|
|
|
|
|
cmake \
|
|
|
|
|
ca-certificates \
|
|
|
|
|
&& mkdir -p $APP_PATH \
|
|
|
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
|
|
2025-11-09 13:42:46 -05:00
|
|
|
# Install Node.js from Debian repositories (supports all architectures including armv7)
|
|
|
|
|
RUN apt-get update -qq \
|
|
|
|
|
&& apt-get install -y nodejs npm \
|
2025-11-07 08:05:46 -05:00
|
|
|
&& npm install -g yarn \
|
|
|
|
|
&& rm -rf /var/lib/apt/lists/*
|
2025-11-07 06:38:44 -05:00
|
|
|
|
|
|
|
|
# Use jemalloc with check for architecture
|
|
|
|
|
RUN if [ "$(uname -m)" = "x86_64" ]; then \
|
|
|
|
|
echo "/usr/lib/x86_64-linux-gnu/libjemalloc.so.2" > /etc/ld.so.preload; \
|
|
|
|
|
else \
|
|
|
|
|
echo "/usr/lib/aarch64-linux-gnu/libjemalloc.so.2" > /etc/ld.so.preload; \
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
# Enable YJIT
|
|
|
|
|
ENV RUBY_YJIT_ENABLE=1
|
|
|
|
|
|
|
|
|
|
# Update RubyGems and install Bundler
|
|
|
|
|
RUN gem update --system 3.6.9 \
|
|
|
|
|
&& gem install bundler --version "$BUNDLE_VERSION" \
|
|
|
|
|
&& rm -rf $GEM_HOME/cache/*
|
|
|
|
|
|
|
|
|
|
WORKDIR $APP_PATH
|
|
|
|
|
|
|
|
|
|
COPY ../Gemfile ../Gemfile.lock ../.ruby-version ../vendor ./
|
|
|
|
|
|
2025-11-07 08:05:46 -05:00
|
|
|
# Install production gems only
|
|
|
|
|
RUN bundle config set --local path 'vendor/bundle' \
|
|
|
|
|
&& bundle config set --local without 'development test' \
|
|
|
|
|
&& bundle install --jobs 4 --retry 3 \
|
|
|
|
|
&& rm -rf vendor/bundle/ruby/3.4.0/cache/*.gem
|
2025-11-07 06:38:44 -05:00
|
|
|
|
|
|
|
|
COPY ../. ./
|
|
|
|
|
|
2025-11-07 08:05:46 -05:00
|
|
|
# Precompile assets
|
|
|
|
|
RUN SECRET_KEY_BASE_DUMMY=1 bundle exec rake assets:precompile \
|
|
|
|
|
&& rm -rf node_modules tmp/cache
|
2025-11-07 06:38:44 -05:00
|
|
|
|
2025-12-06 14:34:49 -05:00
|
|
|
# Copy public directory to temp location for syncing with volume at runtime
|
|
|
|
|
# This allows new static files to be added to the persistent volume
|
|
|
|
|
RUN cp -r public /tmp/public_assets
|
|
|
|
|
|
2025-11-07 08:05:46 -05:00
|
|
|
# Copy entrypoint scripts and grant execution permissions
|
2025-11-07 06:38:44 -05:00
|
|
|
COPY ./docker/web-entrypoint.sh /usr/local/bin/web-entrypoint.sh
|
|
|
|
|
RUN chmod +x /usr/local/bin/web-entrypoint.sh
|
|
|
|
|
|
|
|
|
|
COPY ./docker/sidekiq-entrypoint.sh /usr/local/bin/sidekiq-entrypoint.sh
|
|
|
|
|
RUN chmod +x /usr/local/bin/sidekiq-entrypoint.sh
|
|
|
|
|
|
|
|
|
|
EXPOSE $RAILS_PORT
|
|
|
|
|
|
fix(docker): app and sidekiq containers ignore signals
Typically, when attempting to stop a container via `docker stop` or
`podman stop`, the container engine will send a stop signal (SIGTERM by
default) to the container's main process. There are two common ways this
can go wrong:
1. The main process is run as PID 1 and doesn't register a signal
handler for the stop signal and is consequently ignored
2. The main process is a shell script running a foreground process with
no `trap`s and is consequently ignored by the *shell*
In either case, because the graceful stop signal is ignored, the
container engine will then send a `SIGKILL` to the container process
after a default timeout of 10 seconds. This is why some containers can
be observed to "hang" when being stopped when they have no other reason
to do so. Unlike `SIGTERM` or `SIGINT`, `SIGKILL` is an immediate,
ungraceful stop that doesn't give the process time to clean up.
There is a fair bit of nuance in how `sh` and `bash` handle signals in
different circumstances. The behavior relevant to the second case above
and Dawarich's entrypoints in particular is that the shell ignores
signals like `SIGTERM` and `SIGINT` when waiting on a foreground job; in
this case, that would be: `bundle exec ${@}`. The reason that `SIGINT`
is not ignored after pressing `Ctrl+C` while running the docker compose
stack is because in that case the shell is **interactive** and the shell
*does* respond to `SIGINT` then (c.f. the aforementioned nuance).
Thankfully, the fix is simple: `exec` the main process, which causes the
server process to *replace* the shell process and directly receive any
signals sent. Additionally, the stop signal for the app process should
be set to `SIGINT`, as that is the expected signal for graceful
shutdown. Sidekiq is fine with either `SIGTERM` or `SIGINT`, which is
convenient.
2025-12-06 18:00:35 -05:00
|
|
|
STOPSIGNAL SIGINT
|
|
|
|
|
|
2025-11-07 08:05:46 -05:00
|
|
|
ENTRYPOINT [ "bundle", "exec" ]
|