Initial Docker Image Setup for Notesium #70
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Related to #61 |
Continuous Integration and WorkflowsIf it aligns with the team's vision, we would be more than willing to contribute workflows for building Docker images as part of the project’s continuous integration setup. This could ensure that each Docker image build is consistent and tested, with any issues identified early in the pipeline. Please let us know if this addition would be helpful, and we’d be glad to assist with implementing it in line with the team’s requirements. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR introduces a comprehensive Docker setup for the Notesium application, enabling easy deployment and consistent environment configuration. The setup includes multi-stage builds to optimise the final image size, security measures, and configuration scripts to handle user permissions and directory ownership dynamically.
Key Changes
Dockerfile Creation:
app-builderstage, we install Go and Tailwind CSS, build the frontend, and compile the Go application.gosuandtini, enhancing security and enabling better process handling.Installation of Gosu and Tini:
Custom Entry Script:
start-docker.shnotesiumuser based on environment variables (UID,GID,USERNAME). It adjusts existing users and groups where necessary to avoid conflicts and to ensure the specified user owns the required directories.NOTESIUM_DIRdata directory, checking if it exists and creating it if necessary. Ownership is set to match the specified user to ensure correct file permissions.Configuration of Persistent Data Storage:
/notesium/dataas a volume, making it easy to persist data outside of the container lifecycle.Default Entrypoint and Command:
ENTRYPOINTis set totini, usingstart-docker.shto configure permissions before switching to the non-root user.0.0.0.0:8080.Considerations
gosu, the application can drop root privileges post-initialisation, improving security. Additionally,tiniensures proper process handling, preventing zombie processes.0.0.0.0, making it accessible externally for testing or production use, and the port is dynamically set through environment variables.Test Plan
Coding Style Considerations
We’d like to acknowledge any potential deviations from the team’s coding conventions within this Docker setup and accompanying scripts. While aiming for a modular, readable, and secure configuration, we have prioritised clarity and maintainability throughout. However, we recognise that certain approaches, such as the handling of user permissions and ownership, may differ from the established house style.
Please feel free to highlight areas that may benefit from alignment with the team’s conventions. We’ll be happy to adjust any parts to better adhere to the team's stylistic preferences and ensure consistency across the project.