diff --git a/Dockerfile b/Dockerfile index 89b941a..52783ea 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,121 +1,4 @@ # syntax=docker/dockerfile:1.6 -#------------------------------- goture------------------------------------------------s -FROM golang:1.22.3-alpine3.20 as authbuild -ENV GO111MODULE=on -ENV CGO_ENABLED=0 -ENV GOOS=linux - -RUN apk add --no-cache make git - -WORKDIR /go/src/github.com/supabase/auth - -# Pulling dependencies -COPY auth_v2.169.0/Makefile auth_v2.169.0/go.* ./ -RUN make deps - -# Building stuff -COPY auth_v2.169.0/. ./ - -# Make sure you change the RELEASE_VERSION value before publishing an image. -RUN RELEASE_VERSION=1.22.3 make build - - -#------------------------------------------------- storage-api -------------------------------------- -# Base stage for shared environment setup -FROM node:20-alpine3.20 as s3base -RUN apk add --no-cache g++ make python3 -WORKDIR /app -COPY storage_v1.19.1/package.json storage_v1.19.1/package-lock.json ./ - -# Dependencies stage - install and cache all dependencies -FROM s3base as dependencies -RUN npm ci -# Cache the installed node_modules for later stages -RUN cp -R node_modules /node_modules_cache - -# Build stage - use cached node_modules for building the application -FROM s3base as s3build -COPY --from=dependencies /node_modules_cache ./node_modules -COPY storage_v1.19.1/. . -RUN npm run build - -# Production dependencies stage - use npm cache to install only production dependencies -FROM s3base as production-deps -COPY --from=dependencies /node_modules_cache ./node_modules -RUN npm ci --production - -#EXPOSE 5000 -#CMD ["node", "dist/start/server.js"] - - - -# Always use alpine:3 so the latest version is used. This will keep CA certs more up to date. -#FROM alpine:3 -FROM nvcr.io/nvidia/tritonserver:24.04-py3-min as base - -RUN mkdir -p /supabase/storage-api && mkdir -p /supabase/postgres && mkdir -p /supabase/kong && mkdir -p /supabase/gotrue && mkdir -p supabase/postgrest - -#RUN adduser -D -u 1000 supabase - -#RUN apk add --no-cache ca-certificates - -# 创建用户(Ubuntu方式) -RUN useradd -m -u 1000 supabase - -# 安装 ca-certificates(Ubuntu方式) -RUN apt-get update && \ - apt-get install -y --no-install-recommends ca-certificates && \ - rm -rf /var/lib/apt/lists/* - - -RUN apt-get update -y \ - && apt install -y --no-install-recommends curl ca-certificates libpq-dev zlib1g-dev jq gcc libnuma-dev gnupg supervisor \ - && curl -fsSL https://deb.nodesource.com/setup_18.x | bash - \ - && apt-get install -y nodejs \ - && npm install -g npm@10.8.2 pm2@5.4.3 \ - && apt-get clean \ - && rm -rf /var/lib/apt/lists/* - - -COPY --from=authbuild /go/src/github.com/supabase/auth/auth /usr/local/bin/auth -COPY --from=authbuild /go/src/github.com/supabase/auth/migrations /usr/local/etc/auth/migrations/ -RUN ln -s /usr/local/bin/auth /usr/local/bin/gotrue - -ENV GOTRUE_DB_MIGRATIONS_PATH /usr/local/etc/auth/migrations - -#USER supabase -#CMD ["auth"] - - -ARG VERSION -ENV VERSION=$VERSION -COPY storage_v1.19.1/migrations supabase/storage-api/migrations - -# Copy production node_modules from the production dependencies stage -COPY --from=production-deps /app/node_modules supabase/storage-api/node_modules -# Copy build artifacts from the build stage -COPY --from=s3build /app/dist supabase/storage-api/dist - - -#----------------------------------------------------------------- Postgrest -------------------------------- -RUN apt-get update -y \ - && apt install -y --no-install-recommends libpq-dev zlib1g-dev jq gcc libnuma-dev \ - && apt-get clean \ - && rm -rf /var/lib/apt/lists/* - -COPY postgrest_v12.2.8/postgrest /usr/bin/postgrest -RUN chmod +x /usr/bin/postgrest - -#EXPOSE 3000 - -#USER 1000 - -# Use the array form to avoid running the command using bash, which does not handle `SIGTERM` properly. -# See https://docs.docker.com/compose/faq/#why-do-my-services-take-10-seconds-to-recreate-or-stop -#CMD ["postgrest"] - - -#========================================================================== PostgreSQL ============================================================= ARG postgresql_major=15 ARG postgresql_release=${postgresql_major}.1 @@ -156,10 +39,7 @@ ARG index_advisor_release=0.2.0 ARG supautils_release=2.2.0 ARG wal_g_release=2.0.1 -#FROM ubuntu:focal as base -#FROM nvcr.io/nvidia/tritonserver:24.04-py3-min as base - -ENV DEBIAN_FRONTEND=noninteractive +FROM nvcr.io/nvidia/tritonserver:24.04-py3-min as base RUN apt update -y && apt install -y \ curl \ @@ -171,11 +51,6 @@ RUN apt update -y && apt install -y \ && apt clean -# 安装 dbmate(官方推荐方式) -RUN curl -fsSL https://github.com/amacneil/dbmate/releases/latest/download/dbmate-linux-amd64 \ - -o /usr/local/bin/dbmate && \ - chmod +x /usr/local/bin/dbmate - RUN adduser --system --home /var/lib/postgresql --no-create-home --shell /bin/bash --group --gecos "PostgreSQL administrator" postgres RUN adduser --system --no-create-home --shell /bin/bash --group wal-g RUN curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install linux \ @@ -186,14 +61,17 @@ RUN curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/ ENV PATH="${PATH}:/nix/var/nix/profiles/default/bin" -COPY postgres_15.8.1.044/. /nixpg +COPY . /nixpg WORKDIR /nixpg RUN nix profile install .#psql_15/bin + + WORKDIR / + RUN mkdir -p /usr/lib/postgresql/bin \ /usr/lib/postgresql/share/postgresql \ /usr/share/postgresql \ @@ -203,13 +81,13 @@ RUN mkdir -p /usr/lib/postgresql/bin \ && chown -R postgres:postgres /usr/share/postgresql # Create symbolic links -RUN ln -sf /nix/var/nix/profiles/default/bin/* /usr/lib/postgresql/bin/ \ - && ln -sf /nix/var/nix/profiles/default/bin/* /usr/bin/ \ +RUN ln -s /nix/var/nix/profiles/default/bin/* /usr/lib/postgresql/bin/ \ + && ln -s /nix/var/nix/profiles/default/bin/* /usr/bin/ \ && chown -R postgres:postgres /usr/bin # Create symbolic links for PostgreSQL shares -RUN ln -sf /nix/var/nix/profiles/default/share/postgresql/* /usr/lib/postgresql/share/postgresql/ -RUN ln -sf /nix/var/nix/profiles/default/share/postgresql/* /usr/share/postgresql/ +RUN ln -s /nix/var/nix/profiles/default/share/postgresql/* /usr/lib/postgresql/share/postgresql/ +RUN ln -s /nix/var/nix/profiles/default/share/postgresql/* /usr/share/postgresql/ RUN chown -R postgres:postgres /usr/lib/postgresql/share/postgresql/ RUN chown -R postgres:postgres /usr/share/postgresql/ # Create symbolic links for contrib directory @@ -281,17 +159,17 @@ RUN id postgres || (echo "postgres user does not exist" && exit 1) COPY --from=walg /tmp/wal-g /usr/local/bin/ # # Initialise configs -COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/postgresql.conf.j2 /etc/postgresql/postgresql.conf -COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/pg_hba.conf.j2 /etc/postgresql/pg_hba.conf -COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/pg_ident.conf.j2 /etc/postgresql/pg_ident.conf -COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/postgresql-stdout-log.conf /etc/postgresql/logging.conf -COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/supautils.conf.j2 /etc/postgresql-custom/supautils.conf -COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_extension_custom_scripts /etc/postgresql-custom/extension-custom-scripts -COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/pgsodium_getkey_urandom.sh.j2 /usr/lib/postgresql/bin/pgsodium_getkey.sh -COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/custom_read_replica.conf.j2 /etc/postgresql-custom/read-replica.conf -COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/custom_walg.conf.j2 /etc/postgresql-custom/wal-g.conf -COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/walg_helper_scripts/wal_fetch.sh /home/postgres/wal_fetch.sh -COPY postgres_15.8.1.044/ansible/files/walg_helper_scripts/wal_change_ownership.sh /root/wal_change_ownership.sh +COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql.conf.j2 /etc/postgresql/postgresql.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_hba.conf.j2 /etc/postgresql/pg_hba.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/pg_ident.conf.j2 /etc/postgresql/pg_ident.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/postgresql-stdout-log.conf /etc/postgresql/logging.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/supautils.conf.j2 /etc/postgresql-custom/supautils.conf +COPY --chown=postgres:postgres ansible/files/postgresql_extension_custom_scripts /etc/postgresql-custom/extension-custom-scripts +COPY --chown=postgres:postgres ansible/files/pgsodium_getkey_urandom.sh.j2 /usr/lib/postgresql/bin/pgsodium_getkey.sh +COPY --chown=postgres:postgres ansible/files/postgresql_config/custom_read_replica.conf.j2 /etc/postgresql-custom/read-replica.conf +COPY --chown=postgres:postgres ansible/files/postgresql_config/custom_walg.conf.j2 /etc/postgresql-custom/wal-g.conf +COPY --chown=postgres:postgres ansible/files/walg_helper_scripts/wal_fetch.sh /home/postgres/wal_fetch.sh +COPY ansible/files/walg_helper_scripts/wal_change_ownership.sh /root/wal_change_ownership.sh RUN sed -i \ -e "s|#unix_socket_directories = '/tmp'|unix_socket_directories = '/var/run/postgresql'|g" \ @@ -307,31 +185,23 @@ RUN sed -i \ chown postgres:postgres /etc/postgresql-custom # # Include schema migrations -COPY postgres_15.8.1.044/migrations/db /docker-entrypoint-initdb.d/ -COPY postgres_15.8.1.044/ansible/files/pgbouncer_config/pgbouncer_auth_schema.sql /docker-entrypoint-initdb.d/init-scripts/00-schema.sql -COPY postgres_15.8.1.044/ansible/files/stat_extension.sql /docker-entrypoint-initdb.d/migrations/00-extension.sql +COPY migrations/db /docker-entrypoint-initdb.d/ +COPY ansible/files/pgbouncer_config/pgbouncer_auth_schema.sql /docker-entrypoint-initdb.d/init-scripts/00-schema.sql +COPY ansible/files/stat_extension.sql /docker-entrypoint-initdb.d/migrations/00-extension.sql # # Add upstream entrypoint script COPY --from=gosu /usr/local/bin/gosu /usr/local/bin/gosu - -# Dockerfile 所在目录有你改过的 entrypoint -#COPY ./docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh -#RUN chmod +x /usr/local/bin/docker-entrypoint.sh - ADD --chmod=0755 \ https://github.com/docker-library/postgres/raw/master/15/bullseye/docker-entrypoint.sh \ /usr/local/bin/ RUN mkdir -p /var/run/postgresql && chown postgres:postgres /var/run/postgresql -COPY supervisord.conf ./etc/ -COPY wrapper.sh /supabase/postgres/ - ENTRYPOINT ["docker-entrypoint.sh"] HEALTHCHECK --interval=2s --timeout=2s --retries=10 CMD pg_isready -U postgres -h localhost STOPSIGNAL SIGINT -#EXPOSE 5432 +EXPOSE 5432 ENV POSTGRES_HOST=/var/run/postgresql ENV POSTGRES_USER=supabase_admin @@ -349,157 +219,3 @@ ENV LC_CTYPE=C.UTF-8 ENV LC_COLLATE=C.UTF-8 ENV LOCALE_ARCHIVE /usr/lib/locale/locale-archive CMD ["postgres", "-D", "/etc/postgresql"] - - - -#=================================================== kong ===================================================================== - -ARG ASSET=ce -ENV ASSET $ASSET - -ARG EE_PORTS - -COPY docker-kong_v2.8.1/ubuntu/kong.deb /tmp/kong.deb - -ARG KONG_VERSION=2.8.1 -ENV KONG_VERSION $KONG_VERSION - -ARG KONG_AMD64_SHA="10d12d23e5890414d666663094d51a42de41f8a9806fbc0baaf9ac4d37794361" -ARG KONG_ARM64_SHA="61c13219ef64dac9aeae5ae775411e8cfcd406f068cf3e75d463f916ae6513cb" - -# hadolint ignore=DL3015 -RUN set -ex; \ - arch=$(dpkg --print-architecture); \ - case "${arch}" in \ - amd64) KONG_SHA256=$KONG_AMD64_SHA ;; \ - arm64) KONG_SHA256=$KONG_ARM64_SHA ;; \ - esac; \ - apt-get update \ - && if [ "$ASSET" = "ce" ] ; then \ - apt-get install -y curl \ - && UBUNTU_CODENAME=focal \ - && KONG_REPO=$(echo ${KONG_VERSION%.*} | sed 's/\.//') \ - && curl -fL https://packages.konghq.com/public/gateway-$KONG_REPO/deb/ubuntu/pool/$UBUNTU_CODENAME/main/k/ko/kong_$KONG_VERSION/kong_${KONG_VERSION}_$arch.deb -o /tmp/kong.deb \ - && apt-get purge -y curl \ - && echo "$KONG_SHA256 /tmp/kong.deb" | sha256sum -c -; \ - else \ - # this needs to stay inside this "else" block so that it does not become part of the "official images" builds (https://github.com/docker-library/official-images/pull/11532#issuecomment-996219700) - apt-get upgrade -y ; \ - fi; \ - apt-get install -y --no-install-recommends unzip git \ - # Please update the ubuntu install docs if the below line is changed so that - # end users can properly install Kong along with its required dependencies - # and that our CI does not diverge from our docs. - && apt install --yes /tmp/kong.deb \ - && rm -rf /var/lib/apt/lists/* \ - && rm -rf /tmp/kong.deb \ - && chown kong:0 /usr/local/bin/kong \ - && chown -R kong:0 /usr/local/kong \ - && ln -s /usr/local/openresty/bin/resty /usr/local/bin/resty \ - && ln -s /usr/local/openresty/luajit/bin/luajit /usr/local/bin/luajit \ - && ln -s /usr/local/openresty/luajit/bin/luajit /usr/local/bin/lua \ - && ln -s /usr/local/openresty/nginx/sbin/nginx /usr/local/bin/nginx \ - && if [ "$ASSET" = "ce" ] ; then \ - kong version ; \ - fi - -COPY --chmod=0755 docker-kong_v2.8.1/ubuntu/docker-entrypoint.sh /supabase/kong/docker-entrypoint.sh - -#USER kong - -#ENTRYPOINT ["/docker-entrypoint.sh"] - -#EXPOSE 8000 8443 8001 8444 $EE_PORTS - -#STOPSIGNAL SIGQUIT - -#HEALTHCHECK --interval=10s --timeout=10s --retries=10 CMD kong health - -#CMD ["kong", "docker-start"] - - - -ARG CUDA_VERSION=12.5.1 - -#============================================= sglang ============================================ -#FROM nvcr.io/nvidia/tritonserver:24.04-py3-min - -ARG BUILD_TYPE=all -#ENV DEBIAN_FRONTEND=noninteractive - - -# 安装依赖(强制 IPv4) -RUN echo 'tzdata tzdata/Areas select Asia' | debconf-set-selections \ - && echo 'tzdata tzdata/Zones/Asia select Shanghai' | debconf-set-selections \ - && apt -o Acquire::ForceIPv4=true update -y \ - && apt -o Acquire::ForceIPv4=true install software-properties-common -y \ - && add-apt-repository ppa:deadsnakes/ppa -y \ - && apt -o Acquire::ForceIPv4=true update \ - && apt -o Acquire::ForceIPv4=true install python3.10 python3.10-dev -y \ - && update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.10 1 \ - && update-alternatives --set python3 /usr/bin/python3.10 \ - && apt -o Acquire::ForceIPv4=true install python3.10-distutils -y \ - && apt -o Acquire::ForceIPv4=true install curl gnupg gnupg wget git sudo libibverbs-dev -y \ - && apt -o Acquire::ForceIPv4=true install -y rdma-core infiniband-diags openssh-server perftest ibverbs-providers libibumad3 libibverbs1 libnl-3-200 libnl-route-3-200 librdmacm1 \ - && curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py \ - && python3 get-pip.py \ - && python3 --version \ - && python3 -m pip --version \ - && rm -rf /var/lib/apt/lists/* \ - && apt clean - - -# 安装 datamodel_code_generator(用于 MiniCPM 模型) -RUN pip3 install datamodel_code_generator - -WORKDIR /sgl-workspace - -# 拷贝 sglang 源代码并构建包 -COPY ./sglang /sgl-workspace/sglang - -# 拷贝模型文件(修正方式) -#COPY ./Alibaba/QwQ-32B /root/.cradle/Alibaba/QwQ-32B - -ARG CUDA_VERSION - -# 安装依赖、安装 sglang、安装 transformers,并清理源码 -RUN python3 -m pip install --upgrade pip setuptools wheel html5lib six \ - && if [ "$CUDA_VERSION" = "12.1.1" ]; then \ - CUINDEX=121; \ - elif [ "$CUDA_VERSION" = "12.4.1" ]; then \ - CUINDEX=124; \ - elif [ "$CUDA_VERSION" = "12.5.1" ]; then \ - CUINDEX=124; \ - elif [ "$CUDA_VERSION" = "11.8.0" ]; then \ - CUINDEX=118; \ - python3 -m pip install --no-cache-dir sgl-kernel -i https://docs.sglang.ai/whl/cu118; \ - else \ - echo "Unsupported CUDA version: $CUDA_VERSION" && exit 1; \ - fi \ - && python3 -m pip install --no-cache-dir torch --index-url https://download.pytorch.org/whl/cu${CUINDEX} \ - && python3 -m pip install --no-cache-dir psutil pyzmq pynvml \ - && cd /sgl-workspace/sglang/python \ - && python3 -m pip install --no-cache-dir '.[srt,openai]' --find-links https://flashinfer.ai/whl/cu${CUINDEX}/torch2.5/flashinfer-python \ - && cd / && rm -rf /sgl-workspace/sglang \ - && python3 -m pip install --no-cache-dir transformers==4.48.3 \ - && python3 -c "import sglang; print('✅ sglang module installed successfully')" - - -#================================================== PostgreSQL ============================================================== -RUN adduser --system --home /var/lib/postgresql --no-create-home --shell /bin/bash --group --gecos "PostgreSQL administrator" postgres -RUN adduser --system --no-create-home --shell /bin/bash --group wal-g -RUN curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install linux \ ---init none \ ---no-confirm \ ---extra-conf "substituters = https://cache.nixos.org https://nix-postgres-artifacts.s3.amazonaws.com" \ ---extra-conf "trusted-public-keys = nix-postgres-artifacts:dGZlQOvKcNEjvT7QEAJbcV6b6uk7VF/hWMjhYleiaLI=% cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" - -WORKDIR / - -ENV PATH="${PATH}:/nix/var/nix/profiles/default/bin" - -EXPOSE 5432 - -# ENTRYPOINT ["/usr/bin/supervisord"] - -# CMD ["-c", "/etc/supervisord.conf"] \ No newline at end of file diff --git a/Dockerfile.tmp b/Dockerfile.tmp new file mode 100644 index 0000000..89b941a --- /dev/null +++ b/Dockerfile.tmp @@ -0,0 +1,505 @@ +# syntax=docker/dockerfile:1.6 +#------------------------------- goture------------------------------------------------s +FROM golang:1.22.3-alpine3.20 as authbuild +ENV GO111MODULE=on +ENV CGO_ENABLED=0 +ENV GOOS=linux + +RUN apk add --no-cache make git + +WORKDIR /go/src/github.com/supabase/auth + +# Pulling dependencies +COPY auth_v2.169.0/Makefile auth_v2.169.0/go.* ./ +RUN make deps + +# Building stuff +COPY auth_v2.169.0/. ./ + +# Make sure you change the RELEASE_VERSION value before publishing an image. +RUN RELEASE_VERSION=1.22.3 make build + + +#------------------------------------------------- storage-api -------------------------------------- +# Base stage for shared environment setup +FROM node:20-alpine3.20 as s3base +RUN apk add --no-cache g++ make python3 +WORKDIR /app +COPY storage_v1.19.1/package.json storage_v1.19.1/package-lock.json ./ + +# Dependencies stage - install and cache all dependencies +FROM s3base as dependencies +RUN npm ci +# Cache the installed node_modules for later stages +RUN cp -R node_modules /node_modules_cache + +# Build stage - use cached node_modules for building the application +FROM s3base as s3build +COPY --from=dependencies /node_modules_cache ./node_modules +COPY storage_v1.19.1/. . +RUN npm run build + +# Production dependencies stage - use npm cache to install only production dependencies +FROM s3base as production-deps +COPY --from=dependencies /node_modules_cache ./node_modules +RUN npm ci --production + +#EXPOSE 5000 +#CMD ["node", "dist/start/server.js"] + + + +# Always use alpine:3 so the latest version is used. This will keep CA certs more up to date. +#FROM alpine:3 +FROM nvcr.io/nvidia/tritonserver:24.04-py3-min as base + +RUN mkdir -p /supabase/storage-api && mkdir -p /supabase/postgres && mkdir -p /supabase/kong && mkdir -p /supabase/gotrue && mkdir -p supabase/postgrest + +#RUN adduser -D -u 1000 supabase + +#RUN apk add --no-cache ca-certificates + +# 创建用户(Ubuntu方式) +RUN useradd -m -u 1000 supabase + +# 安装 ca-certificates(Ubuntu方式) +RUN apt-get update && \ + apt-get install -y --no-install-recommends ca-certificates && \ + rm -rf /var/lib/apt/lists/* + + +RUN apt-get update -y \ + && apt install -y --no-install-recommends curl ca-certificates libpq-dev zlib1g-dev jq gcc libnuma-dev gnupg supervisor \ + && curl -fsSL https://deb.nodesource.com/setup_18.x | bash - \ + && apt-get install -y nodejs \ + && npm install -g npm@10.8.2 pm2@5.4.3 \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + + +COPY --from=authbuild /go/src/github.com/supabase/auth/auth /usr/local/bin/auth +COPY --from=authbuild /go/src/github.com/supabase/auth/migrations /usr/local/etc/auth/migrations/ +RUN ln -s /usr/local/bin/auth /usr/local/bin/gotrue + +ENV GOTRUE_DB_MIGRATIONS_PATH /usr/local/etc/auth/migrations + +#USER supabase +#CMD ["auth"] + + +ARG VERSION +ENV VERSION=$VERSION +COPY storage_v1.19.1/migrations supabase/storage-api/migrations + +# Copy production node_modules from the production dependencies stage +COPY --from=production-deps /app/node_modules supabase/storage-api/node_modules +# Copy build artifacts from the build stage +COPY --from=s3build /app/dist supabase/storage-api/dist + + +#----------------------------------------------------------------- Postgrest -------------------------------- +RUN apt-get update -y \ + && apt install -y --no-install-recommends libpq-dev zlib1g-dev jq gcc libnuma-dev \ + && apt-get clean \ + && rm -rf /var/lib/apt/lists/* + +COPY postgrest_v12.2.8/postgrest /usr/bin/postgrest +RUN chmod +x /usr/bin/postgrest + +#EXPOSE 3000 + +#USER 1000 + +# Use the array form to avoid running the command using bash, which does not handle `SIGTERM` properly. +# See https://docs.docker.com/compose/faq/#why-do-my-services-take-10-seconds-to-recreate-or-stop +#CMD ["postgrest"] + + +#========================================================================== PostgreSQL ============================================================= +ARG postgresql_major=15 +ARG postgresql_release=${postgresql_major}.1 + +# Bump default build arg to build a package from source +# Bump vars.yml to specify runtime package version +ARG sfcgal_release=1.3.10 +ARG postgis_release=3.3.2 +ARG pgrouting_release=3.4.1 +ARG pgtap_release=1.2.0 +ARG pg_cron_release=1.6.2 +ARG pgaudit_release=1.7.0 +ARG pgjwt_release=9742dab1b2f297ad3811120db7b21451bca2d3c9 +ARG pgsql_http_release=1.5.0 +ARG plpgsql_check_release=2.2.5 +ARG pg_safeupdate_release=1.4 +ARG timescaledb_release=2.9.1 +ARG wal2json_release=2_5 +ARG pljava_release=1.6.4 +ARG plv8_release=3.1.5 +ARG pg_plan_filter_release=5081a7b5cb890876e67d8e7486b6a64c38c9a492 +ARG pg_net_release=0.7.1 +ARG rum_release=1.3.13 +ARG pg_hashids_release=cd0e1b31d52b394a0df64079406a14a4f7387cd6 +ARG libsodium_release=1.0.18 +ARG pgsodium_release=3.1.6 +ARG pg_graphql_release=1.5.11 +ARG pg_stat_monitor_release=1.1.1 +ARG pg_jsonschema_release=0.1.4 +ARG pg_repack_release=1.4.8 +ARG vault_release=0.2.8 +ARG groonga_release=12.0.8 +ARG pgroonga_release=2.4.0 +ARG wrappers_release=0.3.0 +ARG hypopg_release=1.3.1 +ARG pgvector_release=0.4.0 +ARG pg_tle_release=1.3.2 +ARG index_advisor_release=0.2.0 +ARG supautils_release=2.2.0 +ARG wal_g_release=2.0.1 + +#FROM ubuntu:focal as base +#FROM nvcr.io/nvidia/tritonserver:24.04-py3-min as base + +ENV DEBIAN_FRONTEND=noninteractive + +RUN apt update -y && apt install -y \ + curl \ + gnupg \ + lsb-release \ + software-properties-common \ + wget \ + sudo \ + && apt clean + + +# 安装 dbmate(官方推荐方式) +RUN curl -fsSL https://github.com/amacneil/dbmate/releases/latest/download/dbmate-linux-amd64 \ + -o /usr/local/bin/dbmate && \ + chmod +x /usr/local/bin/dbmate + +RUN adduser --system --home /var/lib/postgresql --no-create-home --shell /bin/bash --group --gecos "PostgreSQL administrator" postgres +RUN adduser --system --no-create-home --shell /bin/bash --group wal-g +RUN curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install linux \ +--init none \ +--no-confirm \ +--extra-conf "substituters = https://cache.nixos.org https://nix-postgres-artifacts.s3.amazonaws.com" \ +--extra-conf "trusted-public-keys = nix-postgres-artifacts:dGZlQOvKcNEjvT7QEAJbcV6b6uk7VF/hWMjhYleiaLI=% cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + +ENV PATH="${PATH}:/nix/var/nix/profiles/default/bin" + +COPY postgres_15.8.1.044/. /nixpg + +WORKDIR /nixpg + +RUN nix profile install .#psql_15/bin + +WORKDIR / + +RUN mkdir -p /usr/lib/postgresql/bin \ + /usr/lib/postgresql/share/postgresql \ + /usr/share/postgresql \ + /var/lib/postgresql \ + && chown -R postgres:postgres /usr/lib/postgresql \ + && chown -R postgres:postgres /var/lib/postgresql \ + && chown -R postgres:postgres /usr/share/postgresql + +# Create symbolic links +RUN ln -sf /nix/var/nix/profiles/default/bin/* /usr/lib/postgresql/bin/ \ + && ln -sf /nix/var/nix/profiles/default/bin/* /usr/bin/ \ + && chown -R postgres:postgres /usr/bin + +# Create symbolic links for PostgreSQL shares +RUN ln -sf /nix/var/nix/profiles/default/share/postgresql/* /usr/lib/postgresql/share/postgresql/ +RUN ln -sf /nix/var/nix/profiles/default/share/postgresql/* /usr/share/postgresql/ +RUN chown -R postgres:postgres /usr/lib/postgresql/share/postgresql/ +RUN chown -R postgres:postgres /usr/share/postgresql/ +# Create symbolic links for contrib directory +RUN mkdir -p /usr/lib/postgresql/share/postgresql/contrib \ + && find /nix/var/nix/profiles/default/share/postgresql/contrib/ -mindepth 1 -type d -exec sh -c 'for dir do ln -s "$dir" "/usr/lib/postgresql/share/postgresql/contrib/$(basename "$dir")"; done' sh {} + \ + && chown -R postgres:postgres /usr/lib/postgresql/share/postgresql/contrib/ + +RUN chown -R postgres:postgres /usr/lib/postgresql + +RUN ln -sf /usr/lib/postgresql/share/postgresql/timezonesets /usr/share/postgresql/timezonesets + + +RUN apt-get update && \ + apt-get install -y --no-install-recommends tzdata + +RUN ln -fs /usr/share/zoneinfo/Etc/UTC /etc/localtime && \ + dpkg-reconfigure --frontend noninteractive tzdata + +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + build-essential \ + checkinstall \ + cmake + +ENV PGDATA=/var/lib/postgresql/data + +#################### +# setup-wal-g.yml +#################### +FROM base as walg +ARG wal_g_release +# ADD "https://github.com/wal-g/wal-g/releases/download/v${wal_g_release}/wal-g-pg-ubuntu-20.04-${TARGETARCH}.tar.gz" /tmp/wal-g.tar.gz +RUN arch=$([ "$TARGETARCH" = "arm64" ] && echo "aarch64" || echo "$TARGETARCH") && \ + apt-get update && apt-get install -y --no-install-recommends curl && \ + curl -kL "https://github.com/wal-g/wal-g/releases/download/v${wal_g_release}/wal-g-pg-ubuntu-20.04-aarch64.tar.gz" -o /tmp/wal-g.tar.gz && \ + tar -xvf /tmp/wal-g.tar.gz -C /tmp && \ + rm -rf /tmp/wal-g.tar.gz && \ + mv /tmp/wal-g-pg-ubuntu*20.04-aarch64 /tmp/wal-g + +# #################### +# # Download gosu for easy step-down from root +# #################### +FROM base as gosu +ARG TARGETARCH +# Install dependencies +RUN apt-get update && apt-get install -y --no-install-recommends \ + gnupg \ + ca-certificates \ + && rm -rf /var/lib/apt/lists/* +# Download binary +ARG GOSU_VERSION=1.16 +ARG GOSU_GPG_KEY=B42F6819007F00F88E364FD4036A9C25BF357DD4 +ADD https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$TARGETARCH \ + /usr/local/bin/gosu +ADD https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$TARGETARCH.asc \ + /usr/local/bin/gosu.asc +# Verify checksum +RUN gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys $GOSU_GPG_KEY && \ + gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu && \ + gpgconf --kill all && \ + chmod +x /usr/local/bin/gosu + +# #################### +# # Build final image +# #################### +FROM gosu as production +RUN id postgres || (echo "postgres user does not exist" && exit 1) +# # Setup extensions +COPY --from=walg /tmp/wal-g /usr/local/bin/ + +# # Initialise configs +COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/postgresql.conf.j2 /etc/postgresql/postgresql.conf +COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/pg_hba.conf.j2 /etc/postgresql/pg_hba.conf +COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/pg_ident.conf.j2 /etc/postgresql/pg_ident.conf +COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/postgresql-stdout-log.conf /etc/postgresql/logging.conf +COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/supautils.conf.j2 /etc/postgresql-custom/supautils.conf +COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_extension_custom_scripts /etc/postgresql-custom/extension-custom-scripts +COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/pgsodium_getkey_urandom.sh.j2 /usr/lib/postgresql/bin/pgsodium_getkey.sh +COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/custom_read_replica.conf.j2 /etc/postgresql-custom/read-replica.conf +COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/custom_walg.conf.j2 /etc/postgresql-custom/wal-g.conf +COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/walg_helper_scripts/wal_fetch.sh /home/postgres/wal_fetch.sh +COPY postgres_15.8.1.044/ansible/files/walg_helper_scripts/wal_change_ownership.sh /root/wal_change_ownership.sh + +RUN sed -i \ + -e "s|#unix_socket_directories = '/tmp'|unix_socket_directories = '/var/run/postgresql'|g" \ + -e "s|#session_preload_libraries = ''|session_preload_libraries = 'supautils'|g" \ + -e "s|#include = '/etc/postgresql-custom/supautils.conf'|include = '/etc/postgresql-custom/supautils.conf'|g" \ + -e "s|#include = '/etc/postgresql-custom/wal-g.conf'|include = '/etc/postgresql-custom/wal-g.conf'|g" /etc/postgresql/postgresql.conf && \ + echo "cron.database_name = 'postgres'" >> /etc/postgresql/postgresql.conf && \ + #echo "pljava.libjvm_location = '/usr/lib/jvm/java-11-openjdk-${TARGETARCH}/lib/server/libjvm.so'" >> /etc/postgresql/postgresql.conf && \ + echo "pgsodium.getkey_script= '/usr/lib/postgresql/bin/pgsodium_getkey.sh'" >> /etc/postgresql/postgresql.conf && \ + echo 'auto_explain.log_min_duration = 10s' >> /etc/postgresql/postgresql.conf && \ + usermod -aG postgres wal-g && \ + mkdir -p /etc/postgresql-custom && \ + chown postgres:postgres /etc/postgresql-custom + +# # Include schema migrations +COPY postgres_15.8.1.044/migrations/db /docker-entrypoint-initdb.d/ +COPY postgres_15.8.1.044/ansible/files/pgbouncer_config/pgbouncer_auth_schema.sql /docker-entrypoint-initdb.d/init-scripts/00-schema.sql +COPY postgres_15.8.1.044/ansible/files/stat_extension.sql /docker-entrypoint-initdb.d/migrations/00-extension.sql + +# # Add upstream entrypoint script +COPY --from=gosu /usr/local/bin/gosu /usr/local/bin/gosu + +# Dockerfile 所在目录有你改过的 entrypoint +#COPY ./docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh +#RUN chmod +x /usr/local/bin/docker-entrypoint.sh + +ADD --chmod=0755 \ + https://github.com/docker-library/postgres/raw/master/15/bullseye/docker-entrypoint.sh \ + /usr/local/bin/ + +RUN mkdir -p /var/run/postgresql && chown postgres:postgres /var/run/postgresql + +COPY supervisord.conf ./etc/ +COPY wrapper.sh /supabase/postgres/ + +ENTRYPOINT ["docker-entrypoint.sh"] + +HEALTHCHECK --interval=2s --timeout=2s --retries=10 CMD pg_isready -U postgres -h localhost +STOPSIGNAL SIGINT +#EXPOSE 5432 + +ENV POSTGRES_HOST=/var/run/postgresql +ENV POSTGRES_USER=supabase_admin +ENV POSTGRES_DB=postgres +RUN apt-get update && apt-get install -y --no-install-recommends \ + locales \ + && rm -rf /var/lib/apt/lists/* && \ + localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8 \ + && localedef -i C -c -f UTF-8 -A /usr/share/locale/locale.alias C.UTF-8 +RUN echo "C.UTF-8 UTF-8" > /etc/locale.gen && echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen && locale-gen +ENV LANG en_US.UTF-8 +ENV LANGUAGE en_US:en +ENV LC_ALL en_US.UTF-8 +ENV LC_CTYPE=C.UTF-8 +ENV LC_COLLATE=C.UTF-8 +ENV LOCALE_ARCHIVE /usr/lib/locale/locale-archive +CMD ["postgres", "-D", "/etc/postgresql"] + + + +#=================================================== kong ===================================================================== + +ARG ASSET=ce +ENV ASSET $ASSET + +ARG EE_PORTS + +COPY docker-kong_v2.8.1/ubuntu/kong.deb /tmp/kong.deb + +ARG KONG_VERSION=2.8.1 +ENV KONG_VERSION $KONG_VERSION + +ARG KONG_AMD64_SHA="10d12d23e5890414d666663094d51a42de41f8a9806fbc0baaf9ac4d37794361" +ARG KONG_ARM64_SHA="61c13219ef64dac9aeae5ae775411e8cfcd406f068cf3e75d463f916ae6513cb" + +# hadolint ignore=DL3015 +RUN set -ex; \ + arch=$(dpkg --print-architecture); \ + case "${arch}" in \ + amd64) KONG_SHA256=$KONG_AMD64_SHA ;; \ + arm64) KONG_SHA256=$KONG_ARM64_SHA ;; \ + esac; \ + apt-get update \ + && if [ "$ASSET" = "ce" ] ; then \ + apt-get install -y curl \ + && UBUNTU_CODENAME=focal \ + && KONG_REPO=$(echo ${KONG_VERSION%.*} | sed 's/\.//') \ + && curl -fL https://packages.konghq.com/public/gateway-$KONG_REPO/deb/ubuntu/pool/$UBUNTU_CODENAME/main/k/ko/kong_$KONG_VERSION/kong_${KONG_VERSION}_$arch.deb -o /tmp/kong.deb \ + && apt-get purge -y curl \ + && echo "$KONG_SHA256 /tmp/kong.deb" | sha256sum -c -; \ + else \ + # this needs to stay inside this "else" block so that it does not become part of the "official images" builds (https://github.com/docker-library/official-images/pull/11532#issuecomment-996219700) + apt-get upgrade -y ; \ + fi; \ + apt-get install -y --no-install-recommends unzip git \ + # Please update the ubuntu install docs if the below line is changed so that + # end users can properly install Kong along with its required dependencies + # and that our CI does not diverge from our docs. + && apt install --yes /tmp/kong.deb \ + && rm -rf /var/lib/apt/lists/* \ + && rm -rf /tmp/kong.deb \ + && chown kong:0 /usr/local/bin/kong \ + && chown -R kong:0 /usr/local/kong \ + && ln -s /usr/local/openresty/bin/resty /usr/local/bin/resty \ + && ln -s /usr/local/openresty/luajit/bin/luajit /usr/local/bin/luajit \ + && ln -s /usr/local/openresty/luajit/bin/luajit /usr/local/bin/lua \ + && ln -s /usr/local/openresty/nginx/sbin/nginx /usr/local/bin/nginx \ + && if [ "$ASSET" = "ce" ] ; then \ + kong version ; \ + fi + +COPY --chmod=0755 docker-kong_v2.8.1/ubuntu/docker-entrypoint.sh /supabase/kong/docker-entrypoint.sh + +#USER kong + +#ENTRYPOINT ["/docker-entrypoint.sh"] + +#EXPOSE 8000 8443 8001 8444 $EE_PORTS + +#STOPSIGNAL SIGQUIT + +#HEALTHCHECK --interval=10s --timeout=10s --retries=10 CMD kong health + +#CMD ["kong", "docker-start"] + + + +ARG CUDA_VERSION=12.5.1 + +#============================================= sglang ============================================ +#FROM nvcr.io/nvidia/tritonserver:24.04-py3-min + +ARG BUILD_TYPE=all +#ENV DEBIAN_FRONTEND=noninteractive + + +# 安装依赖(强制 IPv4) +RUN echo 'tzdata tzdata/Areas select Asia' | debconf-set-selections \ + && echo 'tzdata tzdata/Zones/Asia select Shanghai' | debconf-set-selections \ + && apt -o Acquire::ForceIPv4=true update -y \ + && apt -o Acquire::ForceIPv4=true install software-properties-common -y \ + && add-apt-repository ppa:deadsnakes/ppa -y \ + && apt -o Acquire::ForceIPv4=true update \ + && apt -o Acquire::ForceIPv4=true install python3.10 python3.10-dev -y \ + && update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.10 1 \ + && update-alternatives --set python3 /usr/bin/python3.10 \ + && apt -o Acquire::ForceIPv4=true install python3.10-distutils -y \ + && apt -o Acquire::ForceIPv4=true install curl gnupg gnupg wget git sudo libibverbs-dev -y \ + && apt -o Acquire::ForceIPv4=true install -y rdma-core infiniband-diags openssh-server perftest ibverbs-providers libibumad3 libibverbs1 libnl-3-200 libnl-route-3-200 librdmacm1 \ + && curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py \ + && python3 get-pip.py \ + && python3 --version \ + && python3 -m pip --version \ + && rm -rf /var/lib/apt/lists/* \ + && apt clean + + +# 安装 datamodel_code_generator(用于 MiniCPM 模型) +RUN pip3 install datamodel_code_generator + +WORKDIR /sgl-workspace + +# 拷贝 sglang 源代码并构建包 +COPY ./sglang /sgl-workspace/sglang + +# 拷贝模型文件(修正方式) +#COPY ./Alibaba/QwQ-32B /root/.cradle/Alibaba/QwQ-32B + +ARG CUDA_VERSION + +# 安装依赖、安装 sglang、安装 transformers,并清理源码 +RUN python3 -m pip install --upgrade pip setuptools wheel html5lib six \ + && if [ "$CUDA_VERSION" = "12.1.1" ]; then \ + CUINDEX=121; \ + elif [ "$CUDA_VERSION" = "12.4.1" ]; then \ + CUINDEX=124; \ + elif [ "$CUDA_VERSION" = "12.5.1" ]; then \ + CUINDEX=124; \ + elif [ "$CUDA_VERSION" = "11.8.0" ]; then \ + CUINDEX=118; \ + python3 -m pip install --no-cache-dir sgl-kernel -i https://docs.sglang.ai/whl/cu118; \ + else \ + echo "Unsupported CUDA version: $CUDA_VERSION" && exit 1; \ + fi \ + && python3 -m pip install --no-cache-dir torch --index-url https://download.pytorch.org/whl/cu${CUINDEX} \ + && python3 -m pip install --no-cache-dir psutil pyzmq pynvml \ + && cd /sgl-workspace/sglang/python \ + && python3 -m pip install --no-cache-dir '.[srt,openai]' --find-links https://flashinfer.ai/whl/cu${CUINDEX}/torch2.5/flashinfer-python \ + && cd / && rm -rf /sgl-workspace/sglang \ + && python3 -m pip install --no-cache-dir transformers==4.48.3 \ + && python3 -c "import sglang; print('✅ sglang module installed successfully')" + + +#================================================== PostgreSQL ============================================================== +RUN adduser --system --home /var/lib/postgresql --no-create-home --shell /bin/bash --group --gecos "PostgreSQL administrator" postgres +RUN adduser --system --no-create-home --shell /bin/bash --group wal-g +RUN curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install linux \ +--init none \ +--no-confirm \ +--extra-conf "substituters = https://cache.nixos.org https://nix-postgres-artifacts.s3.amazonaws.com" \ +--extra-conf "trusted-public-keys = nix-postgres-artifacts:dGZlQOvKcNEjvT7QEAJbcV6b6uk7VF/hWMjhYleiaLI=% cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" + +WORKDIR / + +ENV PATH="${PATH}:/nix/var/nix/profiles/default/bin" + +EXPOSE 5432 + +# ENTRYPOINT ["/usr/bin/supervisord"] + +# CMD ["-c", "/etc/supervisord.conf"] \ No newline at end of file