overmind
/
matrix-docker-ansible-deploy
зеркало из https://github.com/spantaleev/matrix-docker-ansible-deploy
1
0
Форкнуть 0
Код Задачи 0 Релизы 0 Вики Активность
Matrix Docker Ansible eploy
Вы не можете выбрать более 25 тем Темы должны начинаться с буквы или цифры, могут содержать дефисы(-) и должны содержать не более 35 символов.
11379 коммитов
12 Ветки
855 MiB
 
 
Дерево: e00ab3fc55
Ветки Теги
${ item.name }
Создать ветку ${ searchTerm }
из 'e00ab3fc55'
${ noResults }
matrix-docker-ansible-deploy/roles/custom/matrix-bridge-rustpush/templates/Dockerfile.j2

110 строки
4.5 KiB
Исходник Вина История 

  1. {#

  2. SPDX-FileCopyrightText: 2025 MDAD project contributors

  3. 

  4. SPDX-License-Identifier: AGPL-3.0-or-later

  5. #}

  6. 

  7. # ── Stage 1: builder ─────────────────────────────────────────────────────────

  8. FROM ubuntu:24.04 AS builder

  9. 

  10. ENV DEBIAN_FRONTEND=noninteractive

  11. 

  12. RUN apt-get update && apt-get install -y --no-install-recommends \

  13.     cmake protobuf-compiler build-essential pkg-config \

  14.     git curl ca-certificates \

  15.     libolm-dev libclang-dev libssl-dev libunicorn-dev libheif-dev zlib1g-dev \

  16.     && rm -rf /var/lib/apt/lists/*

  17. 

  18. # Rust — install to default ~/.cargo so the Makefile's $(HOME)/.cargo/bin path resolves

  19. RUN curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs \

  20.     | sh -s -- -y --default-toolchain stable

  21. ENV PATH=/root/.cargo/bin:$PATH

  22. 

  23. # Go — arch-aware, fetches latest stable with fallback

  24. ARG TARGETARCH

  25. RUN set -e; \

  26.     GOARCH="${TARGETARCH:-amd64}"; \

  27.     GO_VERSION=$(curl -fsSL 'https://go.dev/dl/?mode=json' \

  28.         | grep -o '"version":"go[0-9.]*"' | head -1 \

  29.         | sed 's/"version":"//;s/"//'); \

  30.     : "${GO_VERSION:=go1.25.0}"; \

  31.     curl -fsSL "https://go.dev/dl/${GO_VERSION}.linux-${GOARCH}.tar.gz" \

  32.         | tar -C /usr/local -xz

  33. ENV PATH=/usr/local/go/bin:$PATH \

  34.     GOTOOLCHAIN=local

  35. 

  36. WORKDIR /build

  37. 

  38. # ── Rust build layers ─────────────────────────────────────────────────────────

  39. # Copy files that determine whether the clone+patch layer is valid.

  40. # Changing the SHA pin, Makefile, or open-absinthe overlay invalidates this layer.

  41. COPY third_party/rustpush-upstream.sha third_party/

  42. COPY rustpush/ rustpush/

  43. COPY Makefile .

  44. 

  45. # Clone upstream rustpush at the pinned SHA, apply all patches, overlay open-absinthe.

  46. RUN make ensure-rustpush-source

  47. 

  48. # Copy Rust crate sources. Changing these invalidates only the Rust build layer,

  49. # not the clone layer above.

  50. COPY pkg/rustpushgo/ pkg/rustpushgo/

  51. COPY nac-validation/ nac-validation/

  52. 

  53. # Build the Rust static library (~3 min; cached when Rust source is unchanged).

  54. # hardware-key enables the unicorn-based x86 NAC emulator required on Linux

  55. # (both amd64 and arm64 — unicorn supports cross-arch x86 emulation).

  56. RUN cd pkg/rustpushgo && \

  57.     cargo build --release --features hardware-key && \

  58.     cp target/release/librustpushgo.a /build/librustpushgo.a

  59. 

  60. # ── Go build layers ───────────────────────────────────────────────────────────

  61. # Download modules first so this layer is cached by go.mod/go.sum.

  62. COPY go.mod go.sum ./

  63. RUN go mod download

  64. 

  65. # Copy Go source.

  66. COPY cmd/ cmd/

  67. COPY pkg/connector/ pkg/connector/

  68. COPY imessage/ imessage/

  69. COPY ipc/ ipc/

  70. 

  71. # Build the bridge binary.

  72. ARG BUILD_VERSION=dev

  73. ARG BUILD_COMMIT=unknown

  74. RUN BUILD_TIME=$(date -u +%Y-%m-%dT%H:%M:%SZ) && \

  75.     CGO_LDFLAGS="-L/build" \

  76.     go build \

  77.     -ldflags "-X main.Tag=${BUILD_VERSION} -X main.Commit=${BUILD_COMMIT} -X main.BuildTime=${BUILD_TIME}" \

  78.     -o /build/matrix-rustpush \

  79.     ./cmd/matrix-rustpush/

  80. 

  81. # ── Stage 2: runtime ─────────────────────────────────────────────────────────

  82. FROM ubuntu:24.04

  83. 

  84. ENV DEBIAN_FRONTEND=noninteractive

  85. 

  86. # Runtime shared libraries the bridge binary needs at startup.

  87. # libunicorn2  — unicorn-engine x86 NAC emulator (hardware-key feature)

  88. # libheif1     — HEIC/HEIF conversion (linked at compile time even when disabled)

  89. # libolm3      — Matrix OLM encryption (mautrix bridgev2 framework)

  90. # libssl3      — OpenSSL (rustpush openssl crate dynamic link)

  91. # ffmpeg       — video transcoding

  92. RUN apt-get update && apt-get install -y --no-install-recommends \

  93.     libunicorn2 libheif1 libolm3 libssl3 ffmpeg \

  94.     ca-certificates openssl curl \

  95.     && curl -fsSL 'https://www.apple.com/appleca/AppleIncRootCertificate.cer' \

  96.         -o /tmp/AppleRootCA.cer \

  97.     && openssl x509 -inform DER -in /tmp/AppleRootCA.cer \

  98.         -out /usr/local/share/ca-certificates/AppleRootCA.crt \

  99.     && update-ca-certificates \

  100.     && rm /tmp/AppleRootCA.cer \

  101.     && rm -rf /var/lib/apt/lists/*

  102. 

  103. COPY --from=builder /build/matrix-rustpush /usr/local/bin/matrix-rustpush

  104. 

  105. WORKDIR /data

  106. VOLUME /data

  107. EXPOSE 29332

  108. 

  109. ENTRYPOINT ["matrix-rustpush", "-c", "/data/config.yaml"]