Dockerfile

FROM golang:1.22 as refresh-assets
WORKDIR /app
COPY refresh-assets/go.mod refresh-assets/go.sum ./
RUN go mod download
COPY refresh-assets/*.go ./
RUN CGO_ENABLED=0 GOOS=linux go build -o /refresh-assets

FROM debian:bullseye-slim

# slim https://github.com/discourse/discourse_docker/blob/main/image/base/slim.Dockerfile#L5
ENV RUBY_ALLOCATOR=/usr/lib/libjemalloc.so.1 \
    RUSTUP_HOME=/usr/local/rustup \
    CARGO_HOME=/usr/local/cargo \
    PATH=/usr/local/cargo/bin:$PATH \
    LEFTHOOK=0
# release https://github.com/discourse/discourse_docker/blob/main/image/base/release.Dockerfile#L6
ENV RAILS_ENV=production
# web template https://github.com/discourse/discourse_docker/blob/main/templates/web.template.yml#L1
ENV DISCOURSE_SERVE_STATIC_ASSETS=true \
    SKIP_EMBER_CLI_COMPILE=1 \
    RUBY_GC_HEAP_GROWTH_MAX_SLOTS=40000 \
    RUBY_GC_HEAP_INIT_SLOTS=400000 \
    RUBY_GC_HEAP_OLDOBJECT_LIMIT_FACTOR=1.5

#LABEL maintainer="Sam Saffron \"https://twitter.com/samsaffron\""

RUN echo 'deb http://deb.debian.org/debian bullseye-backports main' > /etc/apt/sources.list.d/bullseye-backports.list
RUN echo "debconf debconf/frontend select Teletype" | debconf-set-selections
RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get -y install gnupg sudo curl

RUN DEBIAN_FRONTEND=noninteractive apt-get install -y locales locales-all
ENV LC_ALL en_US.UTF-8
ENV LANG en_US.UTF-8
ENV LANGUAGE en_US.UTF-8

RUN curl --silent --location https://deb.nodesource.com/setup_18.x | sudo bash -
RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add -
RUN echo "deb https://dl.yarnpkg.com/debian/ stable main" > /etc/apt/sources.list.d/yarn.list
RUN apt-get -y update
# install these without recommends to avoid pulling in e.g.
# X11 libraries, mailutils
RUN DEBIAN_FRONTEND=noninteractive apt-get -y install --no-install-recommends git jq
RUN DEBIAN_FRONTEND=noninteractive apt-get -y install autoconf build-essential ca-certificates \
                       libxslt-dev libcurl4-openssl-dev \
                       libssl-dev libyaml-dev libtool \
                       libpcre3 libpcre3-dev zlib1g zlib1g-dev \
                       libxml2-dev gawk \
                       libreadline-dev libpq-dev \
                       psmisc whois brotli libunwind-dev \
                       libtcmalloc-minimal4 cmake \
                       pngcrush pngquant ripgrep

RUN cd / &&\
    apt-get clean &&\
    locale-gen en_US &&\
    DEBIAN_FRONTEND=noninteractive apt-get install -y wget nodejs yarn &&\
    npm install -g terser uglify-js pnpm

ADD install-imagemagick /tmp/install-imagemagick
RUN /tmp/install-imagemagick

ADD install-jemalloc /tmp/install-jemalloc
RUN /tmp/install-jemalloc

ADD install-rust /tmp/install-rust
ADD install-ruby /tmp/install-ruby
ADD install-oxipng /tmp/install-oxipng
RUN /tmp/install-rust && /tmp/install-ruby && /tmp/install-oxipng && rustup self uninstall -y

RUN echo 'gem: --no-document' >> /usr/local/etc/gemrc &&\
    gem update --system

# This tool allows us to disable huge page support for our current process
# since the flag is preserved through forks and execs it can be used on any
# process
ADD thpoff.c /src/thpoff.c
RUN gcc -o /usr/local/sbin/thpoff /src/thpoff.c && rm /src/thpoff.c

# clean up for docker squash
RUN rm -fr /usr/share/man &&\
    rm -fr /usr/share/doc &&\
    rm -fr /usr/share/vim/vim74/doc &&\
    rm -fr /usr/share/vim/vim74/lang &&\
    rm -fr /usr/share/vim/vim74/spell/en* &&\
    rm -fr /usr/share/vim/vim74/tutor &&\
    rm -fr /usr/local/share/doc &&\
    rm -fr /usr/local/share/ri &&\
    rm -fr /usr/local/share/ruby-build &&\
    rm -fr /var/lib/apt/lists/* &&\
    rm -fr /root/.gem &&\
    rm -fr /root/.npm &&\
    rm -fr /tmp/*

# this can probably be done, but I worry that people changing PG locales will have issues
# cd /usr/share/locale && rm -fr `ls -d */ | grep -v en`

# this is required for aarch64 which uses buildx
# see https://github.com/docker/buildx/issues/150
RUN rm -f /etc/service

ARG DISCOURSE_VERSION

# Discourse specific bits
RUN useradd discourse -s /bin/bash -m -U &&\
    install -dm 0755 -o discourse -g discourse /var/www/discourse &&\ 
    sudo -u discourse curl -s -L https://github.com/discourse/discourse/archive/refs/tags/${DISCOURSE_VERSION}.tar.gz | tar xvz -C  /var/www/discourse --strip-components 1 &&\
    gem install bundler --conservative -v $(awk '/BUNDLED WITH/ { getline; gsub(/ /,""); print $0 }' /var/www/discourse/Gemfile.lock) &&\
    chown -R discourse:discourse /var/www/discourse

USER discourse
WORKDIR /var/www/discourse

RUN bundle config --local deployment true &&\
    bundle config --local path ./vendor/bundle &&\
    bundle config --local without test development &&\
    bundle config --local jobs 4 && \
    bundle install &&\
    yarn install --frozen-lockfile &&\
    yarn cache clean &&\
    find /var/www/discourse/vendor/bundle -name tmp -type d -exec rm -rf {} +

COPY install /tmp/install

RUN cd /var/www/discourse/plugins \
 && for plugin in $(cat /tmp/install/plugin-list); do \
      git clone --depth 1 $plugin; \
    done

RUN cd app/assets/javascripts/discourse && \
     /var/www/discourse/app/assets/javascripts/node_modules/.bin/ember build -prod


COPY --chown=1000:1000 app.sh .
COPY --chown=1000:1000 sidekiq.sh .
COPY --chown=1000:1000 upgrade.sh .
COPY --chown=1000:1000 --from=refresh-assets /refresh-assets .

CMD ["bundle", "exec", "rails", "server", "-b", "0.0.0.0"]