# 移除 syntax 指令以避免网络问题 # 原指令: # syntax=docker/dockerfile:1 # check=error=true # This Dockerfile is designed for Git-based deployment with Kamal # It pulls code from Git during deployment and uses external volumes for code, build artifacts, and data # Make sure RUBY_VERSION matches the Ruby version in .ruby-version ARG RUBY_VERSION=3.2.2 FROM docker.io/library/ruby:$RUBY_VERSION-slim # Rails app lives here WORKDIR /rails # Install base packages including Git for code pulling RUN apt-get update -qq && \ apt-get install --no-install-recommends -y \ curl \ libjemalloc2 \ libvips \ sqlite3 \ nodejs \ npm \ netcat-openbsd \ git \ build-essential \ pkg-config \ && rm -rf /var/lib/apt/lists /var/cache/apt/archives # Set production environment ENV RAILS_ENV="production" \ BUNDLE_DEPLOYMENT="1" \ BUNDLE_PATH="/usr/local/bundle" \ BUNDLE_WITHOUT="development" # Create directories for mounted volumes RUN mkdir -p \ /rails/code \ /rails/storage \ /rails/public/uploads \ /rails/public/assets \ /rails/public/vite \ /rails/node_modules \ /rails/tmp \ /rails/log \ /rails/tmp/pids \ /rails/tmp/cache \ /rails/tmp/sockets # Declare volumes for persistent storage VOLUME ["/rails/code", "/rails/storage", "/rails/public/uploads", "/rails/public/vite", "/rails/node_modules", "/rails/log", "/rails/tmp"] # Copy entrypoint script COPY bin/docker-entrypoint /rails/bin/ # RUN chmod +x /rails/bin/docker-entrypoint # Run and own only the runtime files as a non-root user for security RUN groupadd --system --gid 1000 rails && \ useradd rails --uid 1000 --gid 1000 --create-home --shell /bin/bash && \ chown -R rails:rails /rails USER 1000:1000 # Entrypoint pulls code, installs dependencies, and prepares the application ENTRYPOINT ["/rails/bin/docker-entrypoint"] # Start server via Thruster by default, this can be overwritten at runtime EXPOSE 80 CMD ["./bin/thrust", "./bin/rails", "server"]