# syntax=docker/dockerfile:1.6 #============================================ storage-api ====================================================== # Base stage for shared environment setup FROM ubuntu:22.04 as s3base ENV DEBIAN_FRONTEND=noninteractive # 安装 node18 + 构建依赖 + xattr RUN apt-get update && apt-get install -y \ curl ca-certificates gnupg lsb-release \ g++ make python3 libattr1 \ && curl -fsSL https://deb.nodesource.com/setup_18.x | bash - \ && apt-get install -y nodejs \ && npm install -g npm@10.8.2 pnpm@10.9.0 WORKDIR /app COPY storage_v1.19.1/package.json storage_v1.19.1/package-lock.json ./ # Dependencies stage - install and cache all dependencies FROM s3base as dependencies RUN npm ci # Cache the installed node_modules for later stages RUN cp -R node_modules /node_modules_cache # Build stage - use cached node_modules for building the application FROM s3base as s3build COPY --from=dependencies /node_modules_cache ./node_modules COPY storage_v1.19.1/. . RUN npm run build # Production dependencies stage - use npm cache to install only production dependencies FROM s3base as production-deps COPY --from=dependencies /node_modules_cache ./node_modules RUN npm ci --production # Final stage - for the production build FROM s3base as s3final # ARG VERSION # ENV VERSION=$VERSION COPY storage_v1.19.1/migrations /migrations # Copy production node_modules from the production dependencies stage COPY --from=production-deps /app/node_modules /node_modules # Copy build artifacts from the build stage COPY --from=s3build /app/dist /dist #EXPOSE 5000 #CMD ["node", "dist/start/server.js"] #============================================ chatdesk-ui ======================================================== FROM nvcr.io/nvidia/tritonserver:24.04-py3-min AS chataibuilder RUN curl -fsSL https://deb.nodesource.com/setup_18.x | bash - && \ apt-get update && \ apt-get install -y nodejs && \ npm install -g npm@10.8.2 pnpm@10.9.0 WORKDIR /app # 拷贝依赖文件并安装生产依赖 COPY chatdesk-ui/package.json chatdesk-ui/package-lock.json ./ RUN npm ci # 拷贝全部源码 COPY chatdesk-ui/. . # 构建项目 RUN npm run build #============================================ gotrue build====================================================== FROM golang:1.22.3-alpine3.20 as authbuild RUN apk add --no-cache make git WORKDIR /go/src/github.com/supabase/auth # Pulling dependencies COPY auth_v2.169.0/Makefile auth_v2.169.0/go.* ./ RUN make deps # Building stuff COPY auth_v2.169.0/. /go/src/github.com/supabase/auth # Make sure you change the RELEASE_VERSION value before publishing an image. RUN GO111MODULE=on CGO_ENABLED=0 GOOS=linux RELEASE_VERSION=2.169.0 make build #============================================ postgres ==================================================== FROM nvcr.io/nvidia/tritonserver:24.04-py3-min as base #=========================================== kong ========================================================= ARG ASSET=ce ENV ASSET $ASSET ARG EE_PORTS COPY docker-kong_v2.8.1/ubuntu/kong.deb /tmp/kong.deb ARG KONG_VERSION=2.8.1 ENV KONG_VERSION $KONG_VERSION ARG KONG_AMD64_SHA="10d12d23e5890414d666663094d51a42de41f8a9806fbc0baaf9ac4d37794361" ARG KONG_ARM64_SHA="61c13219ef64dac9aeae5ae775411e8cfcd406f068cf3e75d463f916ae6513cb" # hadolint ignore=DL3015 RUN set -ex; \ arch=$(dpkg --print-architecture); \ case "${arch}" in \ amd64) KONG_SHA256=$KONG_AMD64_SHA ;; \ arm64) KONG_SHA256=$KONG_ARM64_SHA ;; \ esac; \ apt-get update \ && if [ "$ASSET" = "ce" ] ; then \ apt-get install -y curl \ && UBUNTU_CODENAME=focal \ && KONG_REPO=$(echo ${KONG_VERSION%.*} | sed 's/\.//') \ && curl -fL https://packages.konghq.com/public/gateway-$KONG_REPO/deb/ubuntu/pool/$UBUNTU_CODENAME/main/k/ko/kong_$KONG_VERSION/kong_${KONG_VERSION}_$arch.deb -o /tmp/kong.deb \ && apt-get purge -y curl \ && echo "$KONG_SHA256 /tmp/kong.deb" | sha256sum -c -; \ else \ # this needs to stay inside this "else" block so that it does not become part of the "official images" builds (https://github.com/docker-library/official-images/pull/11532#issuecomment-996219700) apt-get upgrade -y ; \ fi; \ apt-get install -y --no-install-recommends unzip git \ # Please update the ubuntu install docs if the below line is changed so that # end users can properly install Kong along with its required dependencies # and that our CI does not diverge from our docs. && apt install --yes /tmp/kong.deb \ && rm -rf /var/lib/apt/lists/* \ && rm -rf /tmp/kong.deb \ && chown kong:0 /usr/local/bin/kong \ && chown -R kong:0 /usr/local/kong \ && ln -s /usr/local/openresty/bin/resty /usr/local/bin/resty \ && ln -s /usr/local/openresty/luajit/bin/luajit /usr/local/bin/luajit \ && ln -s /usr/local/openresty/luajit/bin/luajit /usr/local/bin/lua \ && ln -s /usr/local/openresty/nginx/sbin/nginx /usr/local/bin/nginx \ && if [ "$ASSET" = "ce" ] ; then \ kong version ; \ fi COPY --chmod=0755 docker-kong_v2.8.1/ubuntu/docker-entrypoint.sh /supabase/kong/docker-entrypoint.sh ARG postgresql_major=15 ARG postgresql_release=${postgresql_major}.1 # Bump default build arg to build a package from source # Bump vars.yml to specify runtime package version ARG sfcgal_release=1.3.10 ARG postgis_release=3.3.2 ARG pgrouting_release=3.4.1 ARG pgtap_release=1.2.0 ARG pg_cron_release=1.6.2 ARG pgaudit_release=1.7.0 ARG pgjwt_release=9742dab1b2f297ad3811120db7b21451bca2d3c9 ARG pgsql_http_release=1.5.0 ARG plpgsql_check_release=2.2.5 ARG pg_safeupdate_release=1.4 ARG timescaledb_release=2.9.1 ARG wal2json_release=2_5 ARG pljava_release=1.6.4 ARG plv8_release=3.1.5 ARG pg_plan_filter_release=5081a7b5cb890876e67d8e7486b6a64c38c9a492 ARG pg_net_release=0.7.1 ARG rum_release=1.3.13 ARG pg_hashids_release=cd0e1b31d52b394a0df64079406a14a4f7387cd6 ARG libsodium_release=1.0.18 ARG pgsodium_release=3.1.6 ARG pg_graphql_release=1.5.11 ARG pg_stat_monitor_release=1.1.1 ARG pg_jsonschema_release=0.1.4 ARG pg_repack_release=1.4.8 ARG vault_release=0.2.8 ARG groonga_release=12.0.8 ARG pgroonga_release=2.4.0 ARG wrappers_release=0.3.0 ARG hypopg_release=1.3.1 ARG pgvector_release=0.4.0 ARG pg_tle_release=1.3.2 ARG index_advisor_release=0.2.0 ARG supautils_release=2.2.0 ARG wal_g_release=2.0.1 #FROM nvcr.io/nvidia/tritonserver:24.04-py3-min as base RUN apt update -y && apt install -y \ curl \ gnupg \ lsb-release \ software-properties-common \ wget \ sudo \ && apt clean RUN adduser --system --home /var/lib/postgresql --no-create-home --shell /bin/bash --group --gecos "PostgreSQL administrator" postgres RUN adduser --system --no-create-home --shell /bin/bash --group wal-g RUN curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install linux \ --init none \ --no-confirm \ --extra-conf "substituters = https://cache.nixos.org https://nix-postgres-artifacts.s3.amazonaws.com" \ --extra-conf "trusted-public-keys = nix-postgres-artifacts:dGZlQOvKcNEjvT7QEAJbcV6b6uk7VF/hWMjhYleiaLI=% cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=" ENV PATH="${PATH}:/nix/var/nix/profiles/default/bin" COPY postgres_15.8.1.044/. /nixpg WORKDIR /nixpg RUN nix profile install .#psql_15/bin WORKDIR / RUN mkdir -p /usr/lib/postgresql/bin \ /usr/lib/postgresql/share/postgresql \ /usr/share/postgresql \ /var/lib/postgresql \ && chown -R postgres:postgres /usr/lib/postgresql \ && chown -R postgres:postgres /var/lib/postgresql \ && chown -R postgres:postgres /usr/share/postgresql # Create symbolic links RUN ln -s /nix/var/nix/profiles/default/bin/* /usr/lib/postgresql/bin/ \ && ln -s /nix/var/nix/profiles/default/bin/* /usr/bin/ \ && chown -R postgres:postgres /usr/bin # Create symbolic links for PostgreSQL shares RUN ln -s /nix/var/nix/profiles/default/share/postgresql/* /usr/lib/postgresql/share/postgresql/ RUN ln -s /nix/var/nix/profiles/default/share/postgresql/* /usr/share/postgresql/ RUN chown -R postgres:postgres /usr/lib/postgresql/share/postgresql/ RUN chown -R postgres:postgres /usr/share/postgresql/ # Create symbolic links for contrib directory RUN mkdir -p /usr/lib/postgresql/share/postgresql/contrib \ && find /nix/var/nix/profiles/default/share/postgresql/contrib/ -mindepth 1 -type d -exec sh -c 'for dir do ln -s "$dir" "/usr/lib/postgresql/share/postgresql/contrib/$(basename "$dir")"; done' sh {} + \ && chown -R postgres:postgres /usr/lib/postgresql/share/postgresql/contrib/ RUN chown -R postgres:postgres /usr/lib/postgresql RUN ln -sf /usr/lib/postgresql/share/postgresql/timezonesets /usr/share/postgresql/timezonesets # 设置非交互模式,避免tzdata需要交互输入 ENV DEBIAN_FRONTEND=noninteractive RUN apt-get update && \ apt-get install -y --no-install-recommends tzdata RUN ln -fs /usr/share/zoneinfo/Etc/UTC /etc/localtime && \ dpkg-reconfigure --frontend noninteractive tzdata # 设置回默认交互模式 ENV DEBIAN_FRONTEND=interactive RUN apt-get update && \ apt-get install -y --no-install-recommends \ build-essential \ checkinstall \ cmake ENV PGDATA=/var/lib/postgresql/data #################### # setup-wal-g.yml #################### FROM base as walg ARG wal_g_release # ADD "https://github.com/wal-g/wal-g/releases/download/v${wal_g_release}/wal-g-pg-ubuntu-20.04-${TARGETARCH}.tar.gz" /tmp/wal-g.tar.gz RUN arch=$([ "$TARGETARCH" = "arm64" ] && echo "aarch64" || echo "$TARGETARCH") && \ apt-get update && apt-get install -y --no-install-recommends curl && \ curl -kL "https://github.com/wal-g/wal-g/releases/download/v${wal_g_release}/wal-g-pg-ubuntu-20.04-aarch64.tar.gz" -o /tmp/wal-g.tar.gz && \ tar -xvf /tmp/wal-g.tar.gz -C /tmp && \ rm -rf /tmp/wal-g.tar.gz && \ mv /tmp/wal-g-pg-ubuntu*20.04-aarch64 /tmp/wal-g # #################### # # Download gosu for easy step-down from root # #################### FROM base as gosu ARG TARGETARCH # Install dependencies RUN apt-get update && apt-get install -y --no-install-recommends supervisor \ gnupg \ ca-certificates \ && rm -rf /var/lib/apt/lists/* # Download binary ARG GOSU_VERSION=1.16 ARG GOSU_GPG_KEY=B42F6819007F00F88E364FD4036A9C25BF357DD4 ADD https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$TARGETARCH \ /usr/local/bin/gosu ADD https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$TARGETARCH.asc \ /usr/local/bin/gosu.asc # Verify checksum RUN gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys $GOSU_GPG_KEY && \ gpg --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu && \ gpgconf --kill all && \ chmod +x /usr/local/bin/gosu # #################### # # Build final image # #################### FROM gosu as production RUN id postgres || (echo "postgres user does not exist" && exit 1) # # Setup extensions COPY --from=walg /tmp/wal-g /usr/local/bin/ # # Initialise configs COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/postgresql.conf.j2 /etc/postgresql/postgresql.conf COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/pg_hba.conf.j2 /etc/postgresql/pg_hba.conf COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/pg_ident.conf.j2 /etc/postgresql/pg_ident.conf COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/postgresql-stdout-log.conf /etc/postgresql/logging.conf COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/supautils.conf.j2 /etc/postgresql-custom/supautils.conf COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_extension_custom_scripts /etc/postgresql-custom/extension-custom-scripts COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/pgsodium_getkey_urandom.sh.j2 /usr/lib/postgresql/bin/pgsodium_getkey.sh COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/custom_read_replica.conf.j2 /etc/postgresql-custom/read-replica.conf COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/postgresql_config/custom_walg.conf.j2 /etc/postgresql-custom/wal-g.conf COPY --chown=postgres:postgres postgres_15.8.1.044/ansible/files/walg_helper_scripts/wal_fetch.sh /home/postgres/wal_fetch.sh COPY postgres_15.8.1.044/ansible/files/walg_helper_scripts/wal_change_ownership.sh /root/wal_change_ownership.sh RUN sed -i \ -e "s|#unix_socket_directories = '/tmp'|unix_socket_directories = '/var/run/postgresql'|g" \ -e "s|#session_preload_libraries = ''|session_preload_libraries = 'supautils'|g" \ -e "s|#include = '/etc/postgresql-custom/supautils.conf'|include = '/etc/postgresql-custom/supautils.conf'|g" \ -e "s|#include = '/etc/postgresql-custom/wal-g.conf'|include = '/etc/postgresql-custom/wal-g.conf'|g" /etc/postgresql/postgresql.conf && \ echo "cron.database_name = 'postgres'" >> /etc/postgresql/postgresql.conf && \ #echo "pljava.libjvm_location = '/usr/lib/jvm/java-11-openjdk-${TARGETARCH}/lib/server/libjvm.so'" >> /etc/postgresql/postgresql.conf && \ echo "pgsodium.getkey_script= '/usr/lib/postgresql/bin/pgsodium_getkey.sh'" >> /etc/postgresql/postgresql.conf && \ echo 'auto_explain.log_min_duration = 10s' >> /etc/postgresql/postgresql.conf && \ usermod -aG postgres wal-g && \ mkdir -p /etc/postgresql-custom && \ chown postgres:postgres /etc/postgresql-custom # # Include schema migrations COPY postgres_15.8.1.044/migrations/db /docker-entrypoint-initdb.d/ COPY postgres_15.8.1.044/ansible/files/pgbouncer_config/pgbouncer_auth_schema.sql /docker-entrypoint-initdb.d/init-scripts/00-schema.sql COPY postgres_15.8.1.044/ansible/files/stat_extension.sql /docker-entrypoint-initdb.d/migrations/00-extension.sql # # Add upstream entrypoint script COPY --from=gosu /usr/local/bin/gosu /usr/local/bin/gosu ADD --chmod=0755 \ https://github.com/docker-library/postgres/raw/master/15/bullseye/docker-entrypoint.sh \ /usr/local/bin/ RUN mkdir -p /var/run/postgresql && chown postgres:postgres /var/run/postgresql COPY ./supabase ./supabase RUN chmod +x /supabase/postgres/wrapper.sh /supabase/postgrest/wrapper.sh /supabase/gotrue/wrapper.sh /supabase/storage-api/wrapper.sh /supabase/kong/wrapper.sh #ENTRYPOINT ["docker-entrypoint.sh"] ENTRYPOINT ["supervisord"] HEALTHCHECK --interval=2s --timeout=2s --retries=10 CMD pg_isready -U postgres -h localhost STOPSIGNAL SIGINT #EXPOSE 5432 ENV POSTGRES_HOST=/var/run/postgresql ENV POSTGRES_USER=supabase_admin ENV POSTGRES_DB=postgres RUN apt-get update && apt-get install -y --no-install-recommends \ locales \ && rm -rf /var/lib/apt/lists/* && \ localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8 \ && localedef -i C -c -f UTF-8 -A /usr/share/locale/locale.alias C.UTF-8 RUN echo "C.UTF-8 UTF-8" > /etc/locale.gen && echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen && locale-gen ENV LANG en_US.UTF-8 ENV LANGUAGE en_US:en ENV LC_ALL en_US.UTF-8 ENV LC_CTYPE=C.UTF-8 ENV LC_COLLATE=C.UTF-8 ENV LOCALE_ARCHIVE /usr/lib/locale/locale-archive CMD ["-c", "supabase/postgres/supervisord.conf"] #CMD ["postgres", "-D", "/etc/postgresql"] #============================================ postgrest =========================================== RUN apt-get update -y \ && apt install -y --no-install-recommends libpq-dev zlib1g-dev jq gcc libnuma-dev \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* COPY postgrest_v12.2.8/postgrest /usr/bin/postgrest RUN chmod +x /usr/bin/postgrest #=========================================== goture include============================================== #RUN useradd -m -u 1000 supabase RUN apt-get update && apt-get install -y --no-install-recommends ca-certificates && rm -rf /var/lib/apt/lists/* COPY --from=authbuild /go/src/github.com/supabase/auth/auth /usr/local/bin/auth COPY --from=authbuild /go/src/github.com/supabase/auth/migrations /usr/local/etc/auth/migrations/ RUN ln -s /usr/local/bin/auth /usr/local/bin/gotrue ENV GOTRUE_DB_MIGRATIONS_PATH=/usr/local/etc/auth/migrations #========================================== storage-api ==================================================== ARG VERSION ENV VERSION=$VERSION RUN curl -fsSL https://deb.nodesource.com/setup_18.x | bash - && \ apt-get update && \ apt-get install -y nodejs && \ npm install -g npm@10.8.2 pnpm@10.9.0 COPY --from=s3final node_modules /supabase/storage-api/node_modules COPY --from=s3final dist /supabase/storage-api/dist COPY --from=s3final migrations /supabase/storage-api/migrations #========================================= chatdesk-ui ======================================================== # # 拷贝依赖声明并安装仅生产依赖 COPY chatdesk-ui/package.json chatdesk-ui/package-lock.json supabase/chatdesk/ WORKDIR /supabase/chatdesk RUN npm ci # 拷贝构建产物和依赖 COPY --from=chataibuilder /app/.next ./.next COPY --from=chataibuilder /app/public ./public COPY --from=chataibuilder /app/next.config.js ./next.config.js COPY .env.local ./.env.local COPY chatdesk-ui/supabase ./supabase WORKDIR / ENV NODE_ENV=production EXPOSE 3030