mirror of
https://github.com/matrix-org/dendrite.git
synced 2024-11-30 10:11:56 -06:00
95a509757a
This PR does the following: - adds a `keysize` parameter to `generate-keys`, so we can use lower sized keys when running in CI - updates the Complement docker files to use BuildKit (requires Docker >18.09) - uses `exec` when executing `dendrite-monotlith-server`, making it PID 1 inside docker, which results in Dendrite actually receiving the `SIGTERM` signal send by Docker. (Making it faster when running tests with Complement, as we don't take 10 seconds to timeout)
33 lines
1.4 KiB
Docker
33 lines
1.4 KiB
Docker
#syntax=docker/dockerfile:1.2
|
|
|
|
FROM golang:1.18-stretch as build
|
|
RUN apt-get update && apt-get install -y sqlite3
|
|
WORKDIR /build
|
|
|
|
# we will dump the binaries and config file to this location to ensure any local untracked files
|
|
# that come from the COPY . . file don't contaminate the build
|
|
RUN mkdir /dendrite
|
|
|
|
# Utilise Docker caching when downloading dependencies, this stops us needlessly
|
|
# downloading dependencies every time.
|
|
RUN --mount=target=. \
|
|
--mount=type=cache,target=/go/pkg/mod \
|
|
--mount=type=cache,target=/root/.cache/go-build \
|
|
go build -o /dendrite ./cmd/generate-config && \
|
|
go build -o /dendrite ./cmd/generate-keys && \
|
|
go build -o /dendrite ./cmd/dendrite-monolith-server
|
|
|
|
WORKDIR /dendrite
|
|
RUN ./generate-keys --private-key matrix_key.pem
|
|
|
|
ENV SERVER_NAME=localhost
|
|
ENV API=0
|
|
EXPOSE 8008 8448
|
|
|
|
# At runtime, generate TLS cert based on the CA now mounted at /ca
|
|
# At runtime, replace the SERVER_NAME with what we are told
|
|
CMD ./generate-keys -keysize 1024 --server $SERVER_NAME --tls-cert server.crt --tls-key server.key --tls-authority-cert /complement/ca/ca.crt --tls-authority-key /complement/ca/ca.key && \
|
|
./generate-config -server $SERVER_NAME --ci > dendrite.yaml && \
|
|
cp /complement/ca/ca.crt /usr/local/share/ca-certificates/ && update-ca-certificates && \
|
|
exec ./dendrite-monolith-server --really-enable-open-registration --tls-cert server.crt --tls-key server.key --config dendrite.yaml -api=${API:-0}
|