Docker support

This commit is contained in:
Andrew Ferrazzutti 2022-04-29 09:54:43 -04:00
parent 4c0f2346d8
commit e1a03797d8
7 changed files with 151 additions and 2 deletions

49
Dockerfile Normal file
View File

@ -0,0 +1,49 @@
FROM docker.io/alpine:3.15
ARG TARGETARCH=amd64
RUN apk add --no-cache \
python3 py3-pip py3-setuptools py3-wheel \
py3-pillow \
py3-aiohttp \
py3-magic \
py3-ruamel.yaml \
py3-commonmark \
py3-prometheus-client \
# encryption
py3-olm \
py3-cffi \
py3-pycryptodome \
py3-unpaddedbase64 \
py3-future \
# proxy support
py3-aiohttp-socks \
py3-pysocks \
# Other dependencies
ffmpeg \
ca-certificates \
su-exec \
netcat-openbsd \
bash \
curl \
jq \
yq
WORKDIR /opt/matrix-appservice-kakaotalk
COPY requirements.txt optional-requirements.txt ./
RUN apk add --virtual .build-deps python3-dev libffi-dev build-base \
&& pip3 install -r requirements.txt -r optional-requirements.txt \
&& apk del .build-deps
# Copy specific files & directories to avoid copying the node directory
COPY LICENSE setup.py docker-run.sh ./
COPY matrix_appservice_kakaotalk matrix_appservice_kakaotalk
RUN apk add --no-cache git && pip3 install .[e2be] && apk del git \
# This doesn't make the image smaller, but it's needed so that the `version` command works properly
&& cp matrix_appservice_kakaotalk/example-config.yaml . && rm -rf matrix_appservice_kakaotalk
ENV UID=1337 GID=1337
VOLUME /data
CMD ["./docker-run.sh"]

View File

@ -67,4 +67,32 @@ To use them as-is, follow these steps after [initial setup](#initial-setup):
Simply `git pull` or `git rebase` the latest changes and rerun any installation commands (`npm install`, `pip install -Ur ...`).
# Docker
Coming soon!
These instructions describe how to run the bridge with Docker containers.
## Notes
* Any `docker` commands mentioned below need to be run with `sudo` unless you have configured your system otherwise. See [Docker docs](https://docs.docker.com/engine/install/linux-postinstall/) for details.
* All configuration files created by the Docker containers will be `chown`ed to UID/GID 1337. Use `sudo` access on the host to edit them.
* The `docker` commands below mount the working directory as `/data`, so make sure you always run them in the correct directory.
## Limitations
* Images must be built manually for now. It is planned for there to be prebuilt images available to pull.
## Initial setup
1. `cd` to the directory where you cloned this repository
1. Ensure that the repository root and `node` directories are writable by UID/GID 1337. A coarse way to achieve this is with `chmod o+w . node`
1. `cd` to the `node` directory, and build the image for the Node module with `docker build . -t matrix-appservice-kakaotalk-node`
1. Run a container for the Node module for the first time, so it can create a config file for you: `docker run --rm -v $(pwd):/data:z matrix-appservice-kakaotalk-node`
1. Update the generated config file `config.json` to your liking
1. Run the Node module with `docker run --restart unless-stopped -v $(pwd):/data:z matrix-appservice-kakaotalk-node`
1. Open a new shell, since the prior `docker run` command runs in the foreground (unless `-d` is used)
1. `cd` to the repository root, and build the image for the bridge module with `docker build . -t matrix-appservice-kakaotalk`
1. Run a container for the bridge module for the first time, so it can create a config file for you: `docker run --rm -v $(pwd):/data:z matrix-appservice-kakaotalk`
1. Update the generated config file `config.yaml` to your liking. You'll at least need to change the homeserver settings, appservice address and permissions, and the rpc connection to the Node module
* Note that the Node module container's `/data/` directory is accessible in the bridge module's container at `/data/node/`
* Thus, if the Node module is configured to use a unix socket at `/data/<sock_name>`, the bridge module's config must set `rpc.connection.path: /data/node/<sockname>`
1. Generate the appservice registration by running the container again, and update your homeserver configuration to accept it
1. Run the bridge module with `docker run --restart unless-stopped -v $(pwd):/data:z matrix-appservice-kakaotalk`
* Additionally, you should either add the bridge to the same Docker network as your homeserver and database with `--network=<name>` (when they are running in Docker), or expose the correct port(s) with `-p <port>:<port>` or `--network=host` (when they are running outside Docker).
## Upgrading
Simply `git pull` or `git rebase` the latest changes, rerun all `docker build` commands, then run new containers for the freshly-built images.

36
docker-run.sh Executable file
View File

@ -0,0 +1,36 @@
#!/bin/sh
# Define functions.
function fixperms {
chown -R $UID:$GID /data
# /opt/matrix-appservice-kakaotalk is read-only, so disable file logging if it's pointing there.
if [[ "$(yq e '.logging.handlers.file.filename' /data/config.yaml)" == "./matrix-appservice-kakaotalk.log" ]]; then
yq -I4 e -i 'del(.logging.root.handlers[] | select(. == "file"))' /data/config.yaml
yq -I4 e -i 'del(.logging.handlers.file)' /data/config.yaml
fi
}
cd /opt/matrix-appservice-kakaotalk
if [ ! -f /data/config.yaml ]; then
cp example-config.yaml /data/config.yaml
echo "Didn't find a config file."
echo "Copied default config file to /data/config.yaml"
echo "Modify that config file to your liking."
echo "Start the container again after that to generate the registration file."
fixperms
exit
fi
if [ ! -f /data/registration.yaml ]; then
python3 -m matrix_appservice_kakaotalk -g -c /data/config.yaml -r /data/registration.yaml || exit $?
echo "Didn't find a registration file."
echo "Generated one for you."
echo "See https://docs.mau.fi/bridges/general/registering-appservices.html on how to use it."
fixperms
exit
fi
fixperms
exec su-exec $UID:$GID python3 -m matrix_appservice_kakaotalk -c /data/config.yaml

13
node/Dockerfile Normal file
View File

@ -0,0 +1,13 @@
FROM docker.io/node:16-alpine3.15
ARG TARGETARCH=amd64
WORKDIR /opt/matrix-appservice-kakaotalk/node
COPY . ./
RUN npm i
ENV UID=1337 GID=1337
VOLUME /data
CMD ["./docker-run.sh"]

16
node/docker-run.sh Executable file
View File

@ -0,0 +1,16 @@
#!/bin/sh
if [ ! -w . ]; then
echo "Please ensure the /data volume of this container is writable for user:group $UID:$GID." >&2
exit
fi
if [ ! -f /data/config.json ]; then
cp example-config-docker.json /data/config.json
echo "Didn't find a config file."
echo "Copied default config file to /data/config.json"
echo "Modify that config file to your liking, then restart the container."
exit
fi
node src/main.js --config /data/config.json

View File

@ -0,0 +1,7 @@
{
"listen": {
"type": "unix",
"path": "/data/puppet.sock",
"force": false
}
}