-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
46 lines (36 loc) · 1.45 KB
/
Dockerfile
File metadata and controls
46 lines (36 loc) · 1.45 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
# syntax=docker/dockerfile:1.9
FROM python:3.12-alpine AS base
ENV PYTHONDONTWRITEBYTECODE=1 \
PYTHONUNBUFFERED=1 \
PIP_NO_CACHE_DIR=1 \
PIP_DISABLE_PIP_VERSION_CHECK=1 \
PORT=8000 \
WSGI_MODULE=core.wsgi:application \
WAIT_FOR_DB=true \
RUN_MIGRATIONS=false \
COLLECTSTATIC=false \
GUNICORN_LOGS_FOLDER=/var/log/gunicorn/ \
MEDIA_ROOT=/var/www/django/media \
STATIC_ROOT=/var/www/django/static
# Runtime libs only (keep this lean)
RUN apk add --no-cache bash ca-certificates tzdata postgresql-libs curl postgresql-client postgis gdal
# Common scripts (bash entrypoint + Python DB wait)
COPY scripts/wait-for-db.py /usr/local/bin/wait-for-db
COPY scripts/entrypoint.sh /usr/local/bin/entrypoint
COPY scripts/health.sh /usr/local/bin/health
RUN chmod +x /usr/local/bin/wait-for-db /usr/local/bin/entrypoint /usr/local/bin/health
# Non-root user
RUN adduser -S -u 10001 django
RUN mkdir -p "${GUNICORN_LOGS_FOLDER}" "${MEDIA_ROOT}" "${STATIC_ROOT}"
RUN chown -R django "${GUNICORN_LOGS_FOLDER}" "${MEDIA_ROOT}" "${STATIC_ROOT}"
USER django
WORKDIR /usr/src/app
ENV PATH="$PATH:/usr/local/bin:/home/django/.local/bin"
# Keep this minimal: only deps ALL services share
COPY requirements.txt base-requirements.txt
# Many libs now publish musllinux wheels; prefer binaries to avoid compiles
RUN pip install --upgrade pip
RUN pip install --prefer-binary -r base-requirements.txt
EXPOSE $PORT
ENTRYPOINT ["entrypoint"]
CMD ["run"]