fix inconsistent syntax
This commit is contained in:
Luc
parent
185823b040
commit
02b41dae0b
134
Dockerfile
134
Dockerfile
|
|
@ -43,76 +43,76 @@ WORKDIR /app
|
||||||
|
|
||||||
# Set up the app
|
# Set up the app
|
||||||
RUN set -x && \
|
RUN set -x && \
|
||||||
apt-get update && \
|
apt-get update && \
|
||||||
# Install required distro packages
|
# Install required distro packages
|
||||||
apt-get -y install nginx-light && \
|
apt-get -y install nginx-light && \
|
||||||
apt-get -y --no-install-recommends install \
|
apt-get -y --no-install-recommends install \
|
||||||
python3 \
|
python3 \
|
||||||
python3-setuptools \
|
python3-setuptools \
|
||||||
python3-pip \
|
python3-pip \
|
||||||
python3-dev \
|
python3-dev \
|
||||||
gcc \
|
gcc \
|
||||||
make \
|
make \
|
||||||
default-libmysqlclient-dev \
|
default-libmysqlclient-dev \
|
||||||
libmariadb3 \
|
libmariadb3 \
|
||||||
postgresql-common \
|
postgresql-common \
|
||||||
libpq-dev \
|
libpq-dev \
|
||||||
libpq5 \
|
libpq5 \
|
||||||
libjpeg62-turbo \
|
libjpeg62-turbo \
|
||||||
libwebp6 \
|
libwebp6 \
|
||||||
libjpeg-dev \
|
libjpeg-dev \
|
||||||
zlib1g-dev \
|
zlib1g-dev \
|
||||||
libwebp-dev \
|
libwebp-dev \
|
||||||
ffmpeg \
|
ffmpeg \
|
||||||
redis-server && \
|
redis-server && \
|
||||||
# Install pipenv
|
# Install pipenv
|
||||||
pip3 --disable-pip-version-check install wheel pipenv && \
|
pip3 --disable-pip-version-check install wheel pipenv && \
|
||||||
# Create a 'app' user which the application will run as
|
# Create a 'app' user which the application will run as
|
||||||
groupadd app && \
|
groupadd app && \
|
||||||
useradd -M -d /app -s /bin/false -g app app && \
|
useradd -M -d /app -s /bin/false -g app app && \
|
||||||
# Install non-distro packages
|
# Install non-distro packages
|
||||||
pipenv install --system && \
|
pipenv install --system && \
|
||||||
# Make absolutely sure we didn't accidentally bundle a SQLite dev database
|
# Make absolutely sure we didn't accidentally bundle a SQLite dev database
|
||||||
rm -rf /app/db.sqlite3 && \
|
rm -rf /app/db.sqlite3 && \
|
||||||
# Run any required app commands
|
# Run any required app commands
|
||||||
/usr/bin/python3 /app/manage.py compilescss && \
|
/usr/bin/python3 /app/manage.py compilescss && \
|
||||||
/usr/bin/python3 /app/manage.py collectstatic --no-input --link && \
|
/usr/bin/python3 /app/manage.py collectstatic --no-input --link && \
|
||||||
# Create config, downloads and run dirs
|
# Create config, downloads and run dirs
|
||||||
mkdir -p /run/app && \
|
mkdir -p /run/app && \
|
||||||
mkdir -p /config/media && \
|
mkdir -p /config/media && \
|
||||||
mkdir -p /downloads/audio && \
|
mkdir -p /downloads/audio && \
|
||||||
mkdir -p /downloads/video && \
|
mkdir -p /downloads/video && \
|
||||||
# Clean up
|
# Clean up
|
||||||
rm /app/Pipfile && \
|
rm /app/Pipfile && \
|
||||||
rm /app/Pipfile.lock && \
|
rm /app/Pipfile.lock && \
|
||||||
pipenv --clear && \
|
pipenv --clear && \
|
||||||
pip3 --disable-pip-version-check uninstall -y pipenv wheel virtualenv && \
|
pip3 --disable-pip-version-check uninstall -y pipenv wheel virtualenv && \
|
||||||
apt-get -y autoremove --purge \
|
apt-get -y autoremove --purge \
|
||||||
python3-pip \
|
python3-pip \
|
||||||
python3-dev \
|
python3-dev \
|
||||||
gcc \
|
gcc \
|
||||||
make \
|
make \
|
||||||
default-libmysqlclient-dev \
|
default-libmysqlclient-dev \
|
||||||
postgresql-common \
|
postgresql-common \
|
||||||
libpq-dev \
|
libpq-dev \
|
||||||
libjpeg-dev \
|
libjpeg-dev \
|
||||||
zlib1g-dev \
|
zlib1g-dev \
|
||||||
libwebp-dev && \
|
libwebp-dev && \
|
||||||
apt-get -y autoremove && \
|
apt-get -y autoremove && \
|
||||||
apt-get -y autoclean && \
|
apt-get -y autoclean && \
|
||||||
rm -rf /var/lib/apt/lists/* && \
|
rm -rf /var/lib/apt/lists/* && \
|
||||||
rm -rf /var/cache/apt/* && \
|
rm -rf /var/cache/apt/* && \
|
||||||
rm -rf /tmp/* && \
|
rm -rf /tmp/* && \
|
||||||
# Pipenv leaves a bunch of stuff in /root, as we're not using it recreate it
|
# Pipenv leaves a bunch of stuff in /root, as we're not using it recreate it
|
||||||
rm -rf /root && \
|
rm -rf /root && \
|
||||||
mkdir -p /root && \
|
mkdir -p /root && \
|
||||||
chown root:root /root && \
|
chown root:root /root && \
|
||||||
chmod 0700 /root
|
chmod 0700 /root
|
||||||
|
|
||||||
# Append software versions
|
# Append software versions
|
||||||
RUN set -x && \
|
RUN set -x && \
|
||||||
FFMPEG_VERSION=$(/usr/bin/ffmpeg -version | head -n 1 | awk '{ print $3 }') && \
|
FFMPEG_VERSION=$(/usr/bin/ffmpeg -version | head -n 1 | awk '{ print $3 }') && \
|
||||||
echo "ffmpeg_version = '${FFMPEG_VERSION}'" >> /app/common/third_party_versions.py
|
echo "ffmpeg_version = '${FFMPEG_VERSION}'" >> /app/common/third_party_versions.py
|
||||||
|
|
||||||
# Copy root
|
# Copy root
|
||||||
COPY config/root /
|
COPY config/root /
|
||||||
|
|
|
||||||
|
|
@ -9,49 +9,47 @@ events {
|
||||||
}
|
}
|
||||||
|
|
||||||
http {
|
http {
|
||||||
|
# Basic settings
|
||||||
|
sendfile on;
|
||||||
|
tcp_nopush on;
|
||||||
|
tcp_nodelay on;
|
||||||
|
keepalive_timeout 300;
|
||||||
|
types_hash_max_size 2048;
|
||||||
|
server_tokens off;
|
||||||
|
server_names_hash_bucket_size 64;
|
||||||
|
server_name_in_redirect off;
|
||||||
|
client_body_in_file_only clean;
|
||||||
|
client_body_buffer_size 32K;
|
||||||
|
client_max_body_size 100M;
|
||||||
|
send_timeout 300s;
|
||||||
|
large_client_header_buffers 4 8k;
|
||||||
|
|
||||||
# Basic settings
|
# Mime type handling
|
||||||
sendfile on;
|
include /etc/nginx/mime.types;
|
||||||
tcp_nopush on;
|
default_type application/octet-stream;
|
||||||
tcp_nodelay on;
|
|
||||||
keepalive_timeout 300;
|
|
||||||
types_hash_max_size 2048;
|
|
||||||
server_tokens off;
|
|
||||||
server_names_hash_bucket_size 64;
|
|
||||||
server_name_in_redirect off;
|
|
||||||
client_body_in_file_only clean;
|
|
||||||
client_body_buffer_size 32K;
|
|
||||||
client_max_body_size 100M;
|
|
||||||
send_timeout 300s;
|
|
||||||
large_client_header_buffers 4 8k;
|
|
||||||
|
|
||||||
# Mime type handling
|
# Default security headers
|
||||||
include /etc/nginx/mime.types;
|
add_header X-Frame-Options SAMEORIGIN;
|
||||||
default_type application/octet-stream;
|
add_header X-Content-Type-Options nosniff;
|
||||||
|
add_header X-XSS-Protection "1; mode=block";
|
||||||
|
|
||||||
# Default security headers
|
# Logging
|
||||||
add_header X-Frame-Options SAMEORIGIN;
|
log_format host '$remote_addr - $remote_user [$time_local] "[$host] $request" $status $bytes_sent "$http_referer" "$http_user_agent" "$gzip_ratio"';
|
||||||
add_header X-Content-Type-Options nosniff;
|
access_log /dev/stdout;
|
||||||
add_header X-XSS-Protection "1; mode=block";
|
error_log stderr;
|
||||||
|
|
||||||
# Logging
|
# GZIP
|
||||||
log_format host '$remote_addr - $remote_user [$time_local] "[$host] $request" $status $bytes_sent "$http_referer" "$http_user_agent" "$gzip_ratio"';
|
gzip on;
|
||||||
access_log /dev/stdout;
|
gzip_disable "msie6";
|
||||||
error_log stderr;
|
gzip_vary on;
|
||||||
|
gzip_proxied any;
|
||||||
# GZIP
|
gzip_comp_level 6;
|
||||||
gzip on;
|
gzip_buffers 16 8k;
|
||||||
gzip_disable "msie6";
|
gzip_http_version 1.1;
|
||||||
gzip_vary on;
|
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
|
||||||
gzip_proxied any;
|
|
||||||
gzip_comp_level 6;
|
|
||||||
gzip_buffers 16 8k;
|
|
||||||
gzip_http_version 1.1;
|
|
||||||
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
|
|
||||||
|
|
||||||
# Site
|
# Site
|
||||||
server {
|
server {
|
||||||
|
|
||||||
# Ports
|
# Ports
|
||||||
listen 4848;
|
listen 4848;
|
||||||
listen [::]:4848;
|
listen [::]:4848;
|
||||||
|
|
@ -78,7 +76,5 @@ http {
|
||||||
proxy_read_timeout 59;
|
proxy_read_timeout 59;
|
||||||
proxy_connect_timeout 10;
|
proxy_connect_timeout 10;
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue