hydrogen-web icon indicating copy to clipboard operation
hydrogen-web copied to clipboard

Published 20 hours ago verified publisher icon element-hq

Docker image improvements

Open sandhose opened this issue 3 years ago • 2 comments

The commits are individually reviewable. This includes:

  • the docker image is now multi-arch capable thanks to BuildKit. It does not rely on QEMU emulation, rather using BuildKit's TARGETPLATFORM and BUILDPLATFORM build args for doing the bundling under the host arch
  • use an unprivileged nginx base image to run as non-root. This also allows running the whole thing with a read-only root filesystem. It still needs a writable /tmp, e.g. docker run --publish 80:8080 --read-only --volume tmp:/tmp hydrogen
  • have the CI build a multi-arch image (currently building for x86_64, ARM and ARM64)
  • some updates to the documentation
  • a config.json templated from environment variables

sandhose avatar Feb 02 '22 15:02 sandhose

As mentioned elsewhere, I don't think we want to load the config file like this. Why did you need to change it?

This change is here to be able to change the config without rebuilding the app. Currently, the config lives in the bundled JS, which makes it impossible to change without rebuilding the app.

This allows to have on the filesystem a plain old config.js file that can be easily changed at runtime, and this is what is done in the Docker image: there is a config.js.tmpl which is templated by this script on the start of the container, which fills it with environement variable.

The end result, is that one can run the image with a custom default homeserver without having to build a custom one:

docker --rm -p 8080:8080 -e DEFAULT_HOMESERVER=https://my-hs.com ghcr.io/vector-im/hydrogen-web

If that is not desirable, I can move the config handling changes in another PR and merge the docker improvements first

sandhose avatar Feb 16 '22 08:02 sandhose

If that is not desirable, I can move the config handling changes in another PR and merge the docker improvements first

Thanks, that would be good.

bwindels avatar Feb 16 '22 08:02 bwindels

Closing this in preference to the following smaller PRs:

  • https://github.com/vector-im/hydrogen-web/pull/983
  • https://github.com/vector-im/hydrogen-web/pull/948
  • https://github.com/vector-im/hydrogen-web/pull/982
  • https://github.com/vector-im/hydrogen-web/pull/980

I've parked running nginx as non-root for now.

hughns avatar Jan 11 '23 19:01 hughns