87 lines
2.8 KiB
Docker
87 lines
2.8 KiB
Docker
|
# =============================================================================
|
||
|
|
# Multi-Stage: builder → dev → runtime
|
||
|
|
# Dev-Image enthält zusätzlich debugpy, ipython, django-debug-toolbar.
|
||
|
|
# =============================================================================
|
||
|
|
|
||
|
|
# ---------- Stage 1: Build ----------------------------------------------------
|
||
|
|
FROM python:3.12-slim-bookworm AS builder
|
||
|
|
|
||
|
|
ENV PYTHONDONTWRITEBYTECODE=1 \
|
||
|
|
PYTHONUNBUFFERED=1 \
|
||
|
|
PIP_NO_CACHE_DIR=1 \
|
||
|
|
PIP_DISABLE_PIP_VERSION_CHECK=1
|
||
|
|
|
||
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||
|
|
build-essential libpq-dev gcc \
|
||
|
|
&& rm -rf /var/lib/apt/lists/*
|
||
|
|
|
||
|
|
WORKDIR /build
|
||
|
|
COPY requirements.txt requirements-dev.txt ./
|
||
|
|
RUN pip wheel --wheel-dir=/wheels -r requirements.txt -r requirements-dev.txt
|
||
|
|
|
||
|
|
|
||
|
|
# ---------- Common Runtime Base ----------------------------------------------
|
||
|
|
FROM python:3.12-slim-bookworm AS runtime-base
|
||
|
|
|
||
|
|
ARG APP_UID=10001
|
||
|
|
ARG APP_GID=10001
|
||
|
|
|
||
|
|
ENV PYTHONDONTWRITEBYTECODE=1 \
|
||
|
|
PYTHONUNBUFFERED=1 \
|
||
|
|
PIP_NO_CACHE_DIR=1 \
|
||
|
|
PYTHONPATH=/app
|
||
|
|
|
||
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||
|
|
libpq5 \
|
||
|
|
libreoffice libreoffice-writer \
|
||
|
|
fonts-liberation fonts-dejavu \
|
||
|
|
tini curl \
|
||
|
|
&& apt-get clean \
|
||
|
|
&& rm -rf /var/lib/apt/lists/* /var/cache/apt/* /tmp/*
|
||
|
|
|
||
|
|
RUN groupadd -g ${APP_GID} app && \
|
||
|
|
useradd -u ${APP_UID} -g ${APP_GID} -m -s /bin/bash app
|
||
|
|
|
||
|
|
WORKDIR /app
|
||
|
|
COPY --from=builder /wheels /wheels
|
||
|
|
|
||
|
|
|
||
|
|
# ---------- Stage 2a: Runtime (Production) ------------------------------------
|
||
|
|
FROM runtime-base AS runtime
|
||
|
|
|
||
|
|
COPY requirements.txt .
|
||
|
|
RUN pip install --no-index --find-links=/wheels -r requirements.txt && \
|
||
|
|
rm -rf /wheels
|
||
|
|
|
||
|
|
COPY --chown=app:app . /app/
|
||
|
|
RUN mkdir -p /app/staticfiles /app/media && chown -R app:app /app
|
||
|
|
USER app
|
||
|
|
EXPOSE 8000
|
||
|
|
ENTRYPOINT ["/usr/bin/tini", "--", "/app/entrypoint.sh"]
|
||
|
|
CMD ["gunicorn", "config.wsgi:application", \
|
||
|
|
"--bind", "0.0.0.0:8000", \
|
||
|
|
"--workers", "3", "--threads", "2", \
|
||
|
|
"--worker-class", "gthread", "--worker-tmp-dir", "/tmp", \
|
||
|
|
"--access-logfile", "-", "--error-logfile", "-", \
|
||
|
|
"--timeout", "120"]
|
||
|
|
|
||
|
|
|
||
|
|
# ---------- Stage 2b: Dev -----------------------------------------------------
|
||
|
|
FROM runtime-base AS dev
|
||
|
|
|
||
|
|
# Dev-Tools für Container & VS Code
|
||
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||
|
|
git bash-completion vim less procps iputils-ping \
|
||
|
|
&& apt-get clean && rm -rf /var/lib/apt/lists/*
|
||
|
|
|
||
|
|
COPY requirements.txt requirements-dev.txt ./
|
||
|
|
RUN pip install --no-index --find-links=/wheels -r requirements.txt -r requirements-dev.txt && \
|
||
|
|
rm -rf /wheels
|
||
|
|
|
||
|
|
# Code wird im Dev via Volume gemountet; nichts kopieren.
|
||
|
|
RUN mkdir -p /app/staticfiles /app/media && chown -R app:app /app
|
||
|
|
USER app
|
||
|
|
EXPOSE 8000 5678
|
||
|
|
ENTRYPOINT ["/usr/bin/tini", "--", "/app/entrypoint.sh"]
|
||
|
|
CMD ["python", "manage.py", "runserver", "0.0.0.0:8000"]
|