build: docker images (#2860)

2026-02-11 20:08:37 +00:00 · 2023-06-27 17:23:19 +08:00
parent 05452bb297
commit dd58b1bbf6
13 changed files with 155 additions and 288 deletions
--- a/.github/actions/build-rust/action.yml
+++ b/.github/actions/build-rust/action.yml
@@ -55,3 +55,4 @@ runs:
        options: --user 0:0 -v ${{ github.workspace }}/.cargo-cache/git/db:/usr/local/cargo/git/db -v ${{ github.workspace }}/.cargo/registry/cache:/usr/local/cargo/registry/cache -v ${{ github.workspace }}/.cargo/registry/index:/usr/local/cargo/registry/index -v ${{ github.workspace }}:/build -w /build -e NX_CLOUD_ACCESS_TOKEN=${{ inputs.nx_token }}
        run: >-
          yarn nx build @affine/native --target ${{ inputs.target }}
+          chmod -R 777 node_modules/.cache
--- a/.github/deployment/Caddyfile
+++ b/.github/deployment/Caddyfile
@@ -1,40 +0,0 @@
-:80 {
-	root /* ./dist
-
-	file_server {
-		# precompressed br
-	}
-
-	encode {
-		zstd
-		gzip 9
-	}
-
-	header {
-		# 7 days
-		Cache-Control "public, max-age=86400, must-revalidate"
-	}
-
-	handle /api/* {
-		reverse_proxy {$API_SERVER} {
-			health_uri /api/healthz
-			@error status 500 502 503 503
-			handle_response @error {
-				root * /dist
-				rewrite * /50x.html
-				file_server
-			}
-		}
-	}
-
-	@notStatic {
-		not path /_next/static/*
-	}
-
-	handle @notStatic {
-		header {
-			Cache-Control "no-cache, no-store, must-revalidate"
-		}
-		try_files {path} /index.html
-	}
-}
--- a/.github/deployment/Dockerfile
+++ b/.github/deployment/Dockerfile
@@ -1,13 +0,0 @@
-FROM node:16-alpine as relocate
-WORKDIR /app
-COPY ./apps/web/out ./dist
-COPY ./.github/deployment/Caddyfile ./Caddyfile
-
-FROM caddy:2.6.2-alpine
-ARG API_SERVER
-WORKDIR /app
-COPY --from=relocate /app .
-
-EXPOSE 80
-ENV API_SERVER=$API_SERVER
-CMD ["caddy", "run"]
--- a/.github/deployment/front/Dockerfile
+++ b/.github/deployment/front/Dockerfile
@@ -0,0 +1,11 @@
+FROM openresty/openresty:1.21.4.1-0-buster
+WORKDIR /app
+COPY ./apps/web/out ./dist
+COPY ./.github/deployment/front/nginx.conf /usr/local/openresty/nginx/conf/nginx.conf
+COPY ./.github/deployment/front/affine.nginx.conf /etc/nginx/conf.d/affine.nginx.conf
+
+RUN mkdir -p /var/log/nginx && \
+  rm /etc/nginx/conf.d/default.conf
+
+EXPOSE 8080
+CMD ["/usr/local/openresty/bin/openresty", "-g", "daemon off;"]
--- a/.github/deployment/front/affine.nginx.conf
+++ b/.github/deployment/front/affine.nginx.conf
@@ -0,0 +1,13 @@
+server {
+    listen 8080;
+    root /app/dist;
+
+    location / {
+        try_files $uri $uri/index.html $uri.html =404;;
+    }
+
+    error_page 404 /404.html;
+    location = /404.html {
+        internal;
+    }
+}
--- a/.github/deployment/front/nginx.conf
+++ b/.github/deployment/front/nginx.conf
@@ -0,0 +1,14 @@
+worker_processes  4;
+error_log /var/log/nginx/error.log warn;
+pcre_jit on;
+events {
+    worker_connections 1024;
+}
+http {
+    include       mime.types;
+    log_format    main  '$remote_addr [$time_local] "$request" '
+                        '$status $body_bytes_sent "$http_referer" '
+                        '"$http_user_agent" "$http_x_forwarded_for"';
+    access_log    /var/log/nginx/access.log  main;
+    include /etc/nginx/conf.d/*.conf;
+}
--- a/.github/deployment/node/Dockerfile
+++ b/.github/deployment/node/Dockerfile
@@ -0,0 +1,10 @@
+FROM node:18-bookworm-slim
+
+COPY ./apps/server /app
+WORKDIR /app
+
+RUN apt-get update && \
+  apt-get install -y --no-install-recommends openssl && \
+  rm -rf /var/lib/apt/lists/*
+
+CMD ["node", "--es-module-specifier-resolution=node", "./dist/index.js"]
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -400,3 +400,60 @@ jobs:
          flags: unittest
          name: affine
          fail_ci_if_error: true
+
+  build-docker:
+    if: github.ref == 'refs/heads/master'
+    name: Build Docker
+    needs:
+      - build-web-desktop
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Download next static
+        uses: actions/download-artifact@v3
+        with:
+          name: next-js-static
+          path: ./apps/web/out
+      - name: Setup Git short hash
+        run: |
+          echo "GIT_SHORT_HASH=$(git rev-parse --short HEAD)" >> "$GITHUB_ENV"
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          logout: false
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+      - name: Build front Dockerfile
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          push: true
+          pull: true
+          platforms: linux/amd64,linux/arm64
+          provenance: true
+          file: .github/deployment/front/Dockerfile
+          tags: ghcr.io/toeverything/affine-front:${{ env.GIT_SHORT_HASH }},ghcr.io/toeverything/affine-front:latest
+
+      - name: Setup Node.js
+        uses: ./.github/actions/setup-node
+        with:
+          package-install: false
+
+      - name: Install Node.js dependencies
+        run: yarn workspaces focus @affine/server --production
+
+      - name: Build graphql Dockerfile
+        uses: docker/build-push-action@v4
+        with:
+          context: .
+          push: true
+          pull: true
+          platforms: linux/amd64,linux/arm64
+          provenance: true
+          file: .github/deployment/node/Dockerfile
+          tags: ghcr.io/toeverything/affine-graphql:${{ env.GIT_SHORT_HASH }},ghcr.io/toeverything/affine-graphql:latest