chatai/Dockerfile

# syntax=docker/dockerfile:1.6
#------------------------------- goture------------------------------------------------s
FROM golang:1.22.3-alpine3.20 as authbuild
ENV GO111MODULE=on
ENV CGO_ENABLED=0
ENV GOOS=linux

RUN apk add --no-cache make git

WORKDIR /go/src/github.com/supabase/auth

# Pulling dependencies
COPY auth_v2.169.0/Makefile auth_v2.169.0/go.* ./
RUN make deps

# Building stuff
COPY auth_v2.169.0/. ./

# Make sure you change the RELEASE_VERSION value before publishing an image.
RUN RELEASE_VERSION=1.22.3 make build


#------------------------------------------------- storage-api --------------------------------------
# Base stage for shared environment setup
FROM node:20-alpine3.20 as s3base
RUN apk add --no-cache g++ make python3
WORKDIR /app
COPY storage_v1.19.1/package.json storage_v1.19.1/package-lock.json ./

# Dependencies stage - install and cache all dependencies
FROM s3base as dependencies
RUN npm ci
# Cache the installed node_modules for later stages
RUN cp -R node_modules /node_modules_cache

# Build stage - use cached node_modules for building the application
FROM s3base as s3build
COPY --from=dependencies /node_modules_cache ./node_modules
COPY storage_v1.19.1/. .
RUN npm run build

# Production dependencies stage - use npm cache to install only production dependencies
FROM s3base as production-deps
COPY --from=dependencies /node_modules_cache ./node_modules
RUN npm ci --production

#EXPOSE 5000
#CMD ["node", "dist/start/server.js"]



# Always use alpine:3 so the latest version is used. This will keep CA certs more up to date.
#FROM alpine:3
FROM nvcr.io/nvidia/tritonserver:24.04-py3-min as base

RUN mkdir -p /supabase/storage-api && mkdir -p /supabase/postgres && mkdir -p /supabase/kong && mkdir -p /supabase/gotrue && mkdir -p supabase/postgrest

#RUN adduser -D -u 1000 supabase

#RUN apk add --no-cache ca-certificates

# 创建用户（Ubuntu方式）
RUN useradd -m -u 1000 supabase

# 安装 ca-certificates（Ubuntu方式）
RUN apt-get update && \
    apt-get install -y --no-install-recommends ca-certificates && \
    rm -rf /var/lib/apt/lists/*


RUN apt-get update -y \
    && apt install -y --no-install-recommends curl ca-certificates libpq-dev zlib1g-dev jq gcc libnuma-dev gnupg supervisor \
    && curl -fsSL https://deb.nodesource.com/setup_18.x | bash - \
    && apt-get install -y nodejs \
    && npm install -g npm@10.8.2 pm2@5.4.3 \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/*


COPY --from=authbuild /go/src/github.com/supabase/auth/auth /usr/local/bin/auth
COPY --from=authbuild /go/src/github.com/supabase/auth/migrations /usr/local/etc/auth/migrations/
RUN ln -s /usr/local/bin/auth /usr/local/bin/gotrue

ENV GOTRUE_DB_MIGRATIONS_PATH /usr/local/etc/auth/migrations

#USER supabase
#CMD ["auth"]


ARG VERSION
ENV VERSION=$VERSION
COPY storage_v1.19.1/migrations supabase/storage-api/migrations

# Copy production node_modules from the production dependencies stage
COPY --from=production-deps /app/node_modules supabase/storage-api/node_modules
# Copy build artifacts from the build stage
COPY --from=s3build /app/dist supabase/storage-api/dist


#----------------------------------------------------------------- Postgrest --------------------------------
RUN apt-get update -y \
    && apt install -y --no-install-recommends libpq-dev zlib1g-dev jq gcc libnuma-dev \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/*

COPY postgrest_v12.2.8/postgrest /usr/bin/postgrest
RUN chmod +x /usr/bin/postgrest

#EXPOSE 3000

#USER 1000

# Use the array form to avoid running the command using bash, which does not handle `SIGTERM` properly. 
# See https://docs.docker.com/compose/faq/#why-do-my-services-take-10-seconds-to-recreate-or-stop 
#CMD ["postgrest"]


#========================================================================== PostgreSQL =============================================================
ARG postgresql_major=15
ARG postgresql_release=${postgresql_major}.1

# Bump default build arg to build a package from source
# Bump vars.yml to specify runtime package version
ARG sfcgal_release=1.3.10
ARG postgis_release=3.3.2
ARG pgrouting_release=3.4.1
ARG pgtap_release=1.2.0
ARG pg_cron_release=1.6.2
ARG pgaudit_release=1.7.0
ARG pgjwt_release=9742dab1b2f297ad3811120db7b21451bca2d3c9
ARG pgsql_http_release=1.5.0
ARG plpgsql_check_release=2.2.5
ARG pg_safeupdate_release=1.4
ARG timescaledb_release=2.9.1
ARG wal2json_release=2_5
ARG pljava_release=1.6.4
ARG plv8_release=3.1.5
ARG pg_plan_filter_release=5081a7b5cb890876e67d8e7486b6a64c38c9a492
ARG pg_net_release=0.7.1
ARG rum_release=1.3.13
ARG pg_hashids_release=cd0e1b31d52b394a0df64079406a14a4f7387cd6
ARG libsodium_release=1.0.18
ARG pgsodium_release=3.1.6
ARG pg_graphql_release=1.5.11
ARG pg_stat_monitor_release=1.1.1
ARG pg_jsonschema_release=0.1.4
ARG pg_repack_release=1.4.8
ARG vault_release=0.2.8
ARG groonga_release=12.0.8
ARG pgroonga_release=2.4.0
ARG wrappers_release=0.3.0
ARG hypopg_release=1.3.1
ARG pgvector_release=0.4.0
ARG pg_tle_release=1.3.2
ARG index_advisor_release=0.2.0
ARG supautils_release=2.2.0
ARG wal_g_release=2.0.1

#FROM ubuntu:focal as base
#FROM nvcr.io/nvidia/tritonserver:24.04-py3-min as base

ENV DEBIAN_FRONTEND=noninteractive

RUN apt update -y && apt install -y \
    curl \
    gnupg \
    lsb-release \
    software-properties-common \
    wget \
    sudo \
    && apt clean


# 安装 dbmate（官方推荐方式）
RUN curl -fsSL https://github.com/amacneil/dbmate/releases/latest/download/dbmate-linux-amd64 \
    -o /usr/local/bin/dbmate && \
    chmod +x /usr/local/bin/dbmate

RUN adduser --system  --home /var/lib/postgresql --no-create-home --shell /bin/bash --group --gecos "PostgreSQL administrator" postgres
RUN adduser --system  --no-create-home --shell /bin/bash --group  wal-g
RUN curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install linux \
--init none \
--no-confirm \
--extra-conf "substituters = https://cache.nixos.org https://nix-postgres-artifacts.s3.amazonaws.com" \
--extra-conf "trusted-public-keys = nix-postgres-artifacts:dGZlQOvKcNEjvT7QEAJbcV6b6uk7VF/hWMjhYleiaLI=% cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="

ENV PATH="${PATH}:/nix/var/nix/profiles/default/bin"

COPY postgres_15.8.1.044/. /nixpg

WORKDIR /nixpg

RUN nix profile install .#psql_15/bin 

WORKDIR /

RUN mkdir -p /usr/lib/postgresql/bin \
    /usr/lib/postgresql/share/postgresql \
    /usr/share/postgresql \
    /var/lib/postgresql \
    && chown -R postgres:postgres /usr/lib/postgresql \
    && chown -R postgres:postgres /var/lib/postgresql \
    && chown -R postgres:postgres /usr/share/postgresql

# Create symbolic links
RUN ln -sf /nix/var/nix/profiles/default/bin/* /usr/lib/postgresql/bin/ \
    && ln -sf /nix/var/nix/profiles/default/bin/* /usr/bin/ \
    && chown -R postgres:postgres /usr/bin

# Create symbolic links for PostgreSQL shares
RUN ln -sf /nix/var/nix/profiles/default/share/postgresql/* /usr/lib/postgresql/share/postgresql/
RUN ln -sf /nix/var/nix/profiles/default/share/postgresql/* /usr/share/postgresql/
RUN chown -R postgres:postgres /usr/lib/postgresql/share/postgresql/
RUN chown -R postgres:postgres /usr/share/postgresql/ 
# Create symbolic links for contrib directory
RUN mkdir -p /usr/lib/postgresql/share/postgresql/contrib \
    && find /nix/var/nix/profiles/default/share/postgresql/contrib/ -mindepth 1 -type d -exec sh -c 'for dir do ln -s "$dir" "/usr/lib/postgresql/share/postgresql/contrib/$(basename "$dir")"; done' sh {} + \
    && chown -R postgres:postgres /usr/lib/postgresql/share/postgresql/contrib/

RUN chown -R postgres:postgres /usr/lib/postgresql

RUN ln -sf /usr/lib/postgresql/share/postgresql/timezonesets /usr/share/postgresql/timezonesets


RUN apt-get update && \
    apt-get install -y --no-install-recommends tzdata

RUN ln -fs /usr/share/zoneinfo/Etc/UTC /etc/localtime && \
    dpkg-reconfigure --frontend noninteractive tzdata

RUN apt-get update && \
    apt-get install -y --no-install-recommends \
    build-essential \
    checkinstall \
    cmake 

ENV PGDATA=/var/lib/postgresql/data

####################
# setup-wal-g.yml
####################
FROM base as walg
ARG wal_g_release
# ADD "https://github.com/wal-g/wal-g/releases/download/v${wal_g_release}/wal-g-pg-ubuntu-20.04-${TARGETARCH}.tar.gz" /tmp/wal-g.tar.gz
RUN arch=$([ "$TARGETARCH" = "arm64" ] && echo "aarch64" || echo "$TARGETARCH") && \
    apt-get update && apt-get install -y --no-install-recommends curl && \
    curl -kL "https://github.com/wal-g/wal-g/releases/download/v${wal_g_release}/wal-g-pg-ubuntu-20.04-aarch64.tar.gz" -o /tmp/wal-g.tar.gz && \
    tar -xvf /tmp/wal-g.tar.gz -C /tmp && \
    rm -rf /tmp/wal-g.tar.gz && \
    mv /tmp/wal-g-pg-ubuntu*20.04-aarch64 /tmp/wal-g

# ####################
# # Download gosu for easy step-down from root
# ####################
FROM base as gosu
ARG TARGETARCH
# Install dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
   gnupg \
   ca-certificates \
   && rm -rf /var/lib/apt/lists/*
# Download binary
ARG GOSU_VERSION=1.16
ARG GOSU_GPG_KEY=B42F6819007F00F88E364FD4036A9C25BF357DD4
ADD https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$TARGETARCH \
    /usr/local/bin/gosu
ADD https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$TARGETARCH.asc \
    /usr/local/bin/gosu.asc
# Verify checksum
RUN gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys $GOSU_GPG_KEY && \
    gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu && \
    gpgconf --kill all && \
    chmod +x /usr/local/bin/gosu

# ####################
# # Build final image
# ####################
FROM gosu as production
RUN id postgres || (echo "postgres user does not exist" && exit 1)
# # Setup extensions
COPY --from=walg /tmp/wal-g /usr/local/bin/

# # Initialise configs
COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/postgresql.conf.j2 /etc/postgresql/postgresql.conf
COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/pg_hba.conf.j2 /etc/postgresql/pg_hba.conf
COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/pg_ident.conf.j2 /etc/postgresql/pg_ident.conf
COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/postgresql-stdout-log.conf /etc/postgresql/logging.conf
COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/supautils.conf.j2 /etc/postgresql-custom/supautils.conf
COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_extension_custom_scripts /etc/postgresql-custom/extension-custom-scripts
COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/pgsodium_getkey_urandom.sh.j2 /usr/lib/postgresql/bin/pgsodium_getkey.sh
COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/custom_read_replica.conf.j2 /etc/postgresql-custom/read-replica.conf
COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/custom_walg.conf.j2 /etc/postgresql-custom/wal-g.conf
COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/walg_helper_scripts/wal_fetch.sh /home/postgres/wal_fetch.sh
COPY postgres_15.8.1.044/ansible/files/walg_helper_scripts/wal_change_ownership.sh /root/wal_change_ownership.sh

RUN sed -i \
    -e "s|#unix_socket_directories = '/tmp'|unix_socket_directories = '/var/run/postgresql'|g" \
    -e "s|#session_preload_libraries = ''|session_preload_libraries = 'supautils'|g" \
    -e "s|#include = '/etc/postgresql-custom/supautils.conf'|include = '/etc/postgresql-custom/supautils.conf'|g" \
    -e "s|#include = '/etc/postgresql-custom/wal-g.conf'|include = '/etc/postgresql-custom/wal-g.conf'|g" /etc/postgresql/postgresql.conf && \
    echo "cron.database_name = 'postgres'" >> /etc/postgresql/postgresql.conf && \
    #echo "pljava.libjvm_location = '/usr/lib/jvm/java-11-openjdk-${TARGETARCH}/lib/server/libjvm.so'" >> /etc/postgresql/postgresql.conf && \
    echo "pgsodium.getkey_script= '/usr/lib/postgresql/bin/pgsodium_getkey.sh'" >> /etc/postgresql/postgresql.conf && \
    echo 'auto_explain.log_min_duration = 10s' >> /etc/postgresql/postgresql.conf && \
    usermod -aG postgres wal-g && \
    mkdir -p /etc/postgresql-custom && \
    chown postgres:postgres /etc/postgresql-custom

# # Include schema migrations
COPY postgres_15.8.1.044/migrations/db /docker-entrypoint-initdb.d/
COPY postgres_15.8.1.044/ansible/files/pgbouncer_config/pgbouncer_auth_schema.sql /docker-entrypoint-initdb.d/init-scripts/00-schema.sql
COPY postgres_15.8.1.044/ansible/files/stat_extension.sql /docker-entrypoint-initdb.d/migrations/00-extension.sql

# # Add upstream entrypoint script
COPY --from=gosu /usr/local/bin/gosu /usr/local/bin/gosu

# Dockerfile 所在目录有你改过的 entrypoint
COPY ./docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
RUN chmod +x /usr/local/bin/docker-entrypoint.sh

RUN mkdir -p /var/run/postgresql && chown postgres:postgres /var/run/postgresql

COPY supervisord.conf ./etc/
COPY wrapper.sh /supabase/postgres/

#ENTRYPOINT ["docker-entrypoint.sh"]

HEALTHCHECK --interval=2s --timeout=2s --retries=10 CMD pg_isready -U postgres -h localhost
STOPSIGNAL SIGINT
#EXPOSE 5432

ENV POSTGRES_HOST=/var/run/postgresql
ENV POSTGRES_USER=supabase_admin
ENV POSTGRES_DB=postgres
RUN apt-get update && apt-get install -y --no-install-recommends \
    locales \
    && rm -rf /var/lib/apt/lists/* && \
    localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8 \
    && localedef -i C -c -f UTF-8 -A /usr/share/locale/locale.alias C.UTF-8 
RUN echo "C.UTF-8 UTF-8" > /etc/locale.gen && echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen && locale-gen
ENV LANG en_US.UTF-8
ENV LANGUAGE en_US:en
ENV LC_ALL en_US.UTF-8
ENV LC_CTYPE=C.UTF-8
ENV LC_COLLATE=C.UTF-8
ENV LOCALE_ARCHIVE /usr/lib/locale/locale-archive
#CMD ["postgres", "-D", "/etc/postgresql"]



#=================================================== kong =====================================================================

ARG ASSET=ce
ENV ASSET $ASSET

ARG EE_PORTS

COPY docker-kong_v2.8.1/ubuntu/kong.deb /tmp/kong.deb

ARG KONG_VERSION=2.8.1
ENV KONG_VERSION $KONG_VERSION

ARG KONG_AMD64_SHA="10d12d23e5890414d666663094d51a42de41f8a9806fbc0baaf9ac4d37794361"
ARG KONG_ARM64_SHA="61c13219ef64dac9aeae5ae775411e8cfcd406f068cf3e75d463f916ae6513cb"

# hadolint ignore=DL3015
RUN set -ex; \
    arch=$(dpkg --print-architecture); \
    case "${arch}" in \
      amd64) KONG_SHA256=$KONG_AMD64_SHA ;; \
      arm64) KONG_SHA256=$KONG_ARM64_SHA ;; \
    esac; \
    apt-get update \
    && if [ "$ASSET" = "ce" ] ; then \
      apt-get install -y curl \
      && UBUNTU_CODENAME=focal \
      && KONG_REPO=$(echo ${KONG_VERSION%.*} | sed 's/\.//') \
      && curl -fL https://packages.konghq.com/public/gateway-$KONG_REPO/deb/ubuntu/pool/$UBUNTU_CODENAME/main/k/ko/kong_$KONG_VERSION/kong_${KONG_VERSION}_$arch.deb -o /tmp/kong.deb \
      && apt-get purge -y curl \
      && echo "$KONG_SHA256  /tmp/kong.deb" | sha256sum -c -; \
    else \
      # this needs to stay inside this "else" block so that it does not become part of the "official images" builds (https://github.com/docker-library/official-images/pull/11532#issuecomment-996219700)
      apt-get upgrade -y ; \
    fi; \
    apt-get install -y --no-install-recommends unzip git \
    # Please update the ubuntu install docs if the below line is changed so that
    # end users can properly install Kong along with its required dependencies
    # and that our CI does not diverge from our docs.
    && apt install --yes /tmp/kong.deb \
    && rm -rf /var/lib/apt/lists/* \
    && rm -rf /tmp/kong.deb \
    && chown kong:0 /usr/local/bin/kong \
    && chown -R kong:0 /usr/local/kong \
    && ln -s /usr/local/openresty/bin/resty /usr/local/bin/resty \
    && ln -s /usr/local/openresty/luajit/bin/luajit /usr/local/bin/luajit \
    && ln -s /usr/local/openresty/luajit/bin/luajit /usr/local/bin/lua \
    && ln -s /usr/local/openresty/nginx/sbin/nginx /usr/local/bin/nginx \
    && if [ "$ASSET" = "ce" ] ; then \
      kong version ; \
    fi

COPY --chmod=0755 docker-kong_v2.8.1/ubuntu/docker-entrypoint.sh /supabase/kong/docker-entrypoint.sh

#USER kong

#ENTRYPOINT ["/docker-entrypoint.sh"]

#EXPOSE 8000 8443 8001 8444 $EE_PORTS

#STOPSIGNAL SIGQUIT

#HEALTHCHECK --interval=10s --timeout=10s --retries=10 CMD kong health

#CMD ["kong", "docker-start"]



ARG CUDA_VERSION=12.5.1

#============================================= sglang ============================================
#FROM nvcr.io/nvidia/tritonserver:24.04-py3-min

ARG BUILD_TYPE=all
#ENV DEBIAN_FRONTEND=noninteractive


# 安装依赖（强制 IPv4）
RUN echo 'tzdata tzdata/Areas select Asia' | debconf-set-selections \
    && echo 'tzdata tzdata/Zones/Asia select Shanghai' | debconf-set-selections \
    && apt -o Acquire::ForceIPv4=true update -y \
    && apt -o Acquire::ForceIPv4=true install software-properties-common -y \
    && add-apt-repository ppa:deadsnakes/ppa -y \
    && apt -o Acquire::ForceIPv4=true update \
    && apt -o Acquire::ForceIPv4=true install python3.10 python3.10-dev -y \
    && update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.10 1 \
    && update-alternatives --set python3 /usr/bin/python3.10 \
    && apt -o Acquire::ForceIPv4=true install python3.10-distutils -y \
    && apt -o Acquire::ForceIPv4=true install curl gnupg gnupg wget git sudo libibverbs-dev -y \
    && apt -o Acquire::ForceIPv4=true install -y rdma-core infiniband-diags openssh-server perftest ibverbs-providers libibumad3 libibverbs1 libnl-3-200 libnl-route-3-200 librdmacm1 \
    && curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py \
    && python3 get-pip.py \
    && python3 --version \
    && python3 -m pip --version \
    && rm -rf /var/lib/apt/lists/* \
    && apt clean


# 安装 datamodel_code_generator（用于 MiniCPM 模型）
RUN pip3 install datamodel_code_generator

WORKDIR /sgl-workspace

# 拷贝 sglang 源代码并构建包
COPY ./sglang /sgl-workspace/sglang

# 拷贝模型文件（修正方式）
#COPY ./Alibaba/QwQ-32B /root/.cradle/Alibaba/QwQ-32B

ARG CUDA_VERSION

# 安装依赖、安装 sglang、安装 transformers，并清理源码
RUN python3 -m pip install --upgrade pip setuptools wheel html5lib six \
    && if [ "$CUDA_VERSION" = "12.1.1" ]; then \
         CUINDEX=121; \
       elif [ "$CUDA_VERSION" = "12.4.1" ]; then \
         CUINDEX=124; \
       elif [ "$CUDA_VERSION" = "12.5.1" ]; then \
         CUINDEX=124; \
       elif [ "$CUDA_VERSION" = "11.8.0" ]; then \
         CUINDEX=118; \
         python3 -m pip install --no-cache-dir sgl-kernel -i https://docs.sglang.ai/whl/cu118; \
       else \
         echo "Unsupported CUDA version: $CUDA_VERSION" && exit 1; \
       fi \
    && python3 -m pip install --no-cache-dir torch --index-url https://download.pytorch.org/whl/cu${CUINDEX} \
    && python3 -m pip install --no-cache-dir psutil pyzmq pynvml \
    && cd /sgl-workspace/sglang/python \
    && python3 -m pip install --no-cache-dir '.[srt,openai]' --find-links https://flashinfer.ai/whl/cu${CUINDEX}/torch2.5/flashinfer-python \
    && cd / && rm -rf /sgl-workspace/sglang \
    && python3 -m pip install --no-cache-dir transformers==4.48.3 \
    && python3 -c "import sglang; print('✅ sglang module installed successfully')"


#================================================== PostgreSQL ==============================================================
RUN adduser --system  --home /var/lib/postgresql --no-create-home --shell /bin/bash --group --gecos "PostgreSQL administrator" postgres
RUN adduser --system  --no-create-home --shell /bin/bash --group  wal-g
RUN curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install linux \
--init none \
--no-confirm \
--extra-conf "substituters = https://cache.nixos.org https://nix-postgres-artifacts.s3.amazonaws.com" \
--extra-conf "trusted-public-keys = nix-postgres-artifacts:dGZlQOvKcNEjvT7QEAJbcV6b6uk7VF/hWMjhYleiaLI=% cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY="

WORKDIR /

ENV PATH="${PATH}:/nix/var/nix/profiles/default/bin"

EXPOSE 5432

ENTRYPOINT ["/usr/bin/supervisord"]

CMD ["-c", "/etc/supervisord.conf"]