Commit Graph

101 Commits

Author SHA1 Message Date
Daigo 3 Dango 3d5183e99c
Use ruby-2.7.4 (#16481)
Stop using older version of resolv gem as the bug has been fixed.
https://bugs.ruby-lang.org/issues/17781
2021-07-10 01:29:27 +02:00
Claire d95128c99d
Revert default Ruby version to 2.7.2 (#16154)
Ruby 2.7.3 introduced a new bug with Resolv::DNS, which we heavily use within
Mastodon: https://bugs.ruby-lang.org/issues/17781

Ruby 2.7.3 also included security fixes for two CVEs, but those do not seem
to apply to Mastodon:
https://github.com/tootsuite/mastodon/pull/16004#issuecomment-815125025
2021-05-04 23:06:19 +02:00
Daigo 3 Dango 3f8d0de82e
Upgrade Ruby to 2.7.3 (#16004)
* Upgrade Ruby to 2.7.3

https://www.ruby-lang.org/en/news/2021/04/05/ruby-2-7-3-released/
includes security fixes to
- CVE-2021-28965: XML round-trip vulnerability in REXML
- CVE-2021-28966: Path traversal in Tempfile on Windows

* Update rexml to 3.2.5

https://www.ruby-lang.org/en/news/2021/04/05/xml-round-trip-vulnerability-in-rexml-cve-2021-28965/
2021-04-09 02:31:36 +02:00
Mashiro e3f1107975
build: install shared-mime-info in Dockerfile (#15978) 2021-03-30 10:10:04 +02:00
Sandro 46d3d3169e
Docker: Use precompiled jemalloc, format, apply hadolint suggestions (#10823)
* Format, apply hadolint suggestions, little nitpicks

* Use pre compiled jemalloc

* Use tini from package repository
2021-03-20 21:21:57 +01:00
Shlee f56cf6e9d0
Update Dockerfile (#15869) 2021-03-12 05:33:35 +01:00
Daniel Jakots b4281f5a51
Update to Node.js-12.20.1 (#15558)
This is a security release. You can read the announce at
https://nodejs.org/en/blog/vulnerability/january-2021-security-releases/
2021-01-28 22:53:56 +01:00
kaiyou 1817f96578
Fix the Dockerfile in case of Kaniko build (#15510)
Kaniko does not support looking up binaries from $PATH, so we
specify the full path to the bash binary.

Co-authored-by: kaiyou <dev@kaiyou.fr>
2021-01-08 07:13:26 +01:00
Shlee b429d33e46
Update Dockerfile (#15232) 2020-11-29 09:20:02 +01:00
Daigo 3 Dango 541b9f8c1c
Use Ruby 2.7.2 (#15150)
thwait and e2mmap are no longer needed in Gemfile.
Gems properly require those.
2020-11-19 17:46:46 +01:00
Kairui Song | 宋恺睿 03b5f09ffc
Minor fix & improvement for the Dockerfile (#14686)
* Dockerfile: Fix building with multiarch

Tested on amd64 and arm64

* Reduce docker image size by clean up some unneeded source file
2020-08-30 16:45:49 +02:00
Shlee 9ea91bbf59
Update Dockerfile (#13582) 2020-06-25 12:17:53 +02:00
Shlee e4a1ebf721
[Security] Update Dockerfile for Ruby 2.6.6 (#13393) 2020-04-05 12:52:07 +02:00
Shlee 51a1fbaafc
[Security] Bump Node.js from 12.14.0 to 12.16.1 in Docker (#13235)
* Update Dockerfile

* Update Dockerfile
2020-03-10 12:00:55 +01:00
Sara Aimée Smiseth 250ca99cb5
Fix non-x64 architectures not being able to build Docker image because of hardcoded Node.js architecture (#13081)
* Use ARCH variable instead of hardcoded x64

* fix formating
2020-02-16 12:54:57 +01:00
Shlee 71baacb49a Update Dockerfile (#12997) 2020-01-28 20:33:09 +01:00
Shlee e7d3495874 Upgrade Node v12 in Dockerfile (#12703) 2019-12-30 07:41:40 +01:00
Shlee 6c2c2eee46 Updated NodeJS in Dockerfile (#12492) 2019-11-29 17:03:20 +01:00
David Caldwell 3b609da9bd Dockerfile: put back EXPOSE directive (#12279)
[Rkt](https://coreos.com/rkt) doesn't allow ports to be exposed to containers unless they are declared in the container manifest. Re-adding EXPOSE back in (removed in 1dbf993bce) allows the container to be used on rkt based systems.
2019-11-04 12:56:21 +01:00
Shlee f8a0c00920 Update nodejs in Dockerfile (#12052) 2019-10-02 17:28:31 +02:00
Shlee ea8c781ec7 Update Ruby in Dockerfile (#12050) 2019-10-02 15:20:43 +02:00
Yamagishi Kazutoshi d7ed697030 Use prebuilt node.js on Docker image (#11768) 2019-09-07 05:12:20 +02:00
Shlee 59b013df5f Update NodeJS source for Docker Image (#11707)
* Update Ruby/Node/jemalloc source for Docker Image

* Update Dockerfile

* Update Dockerfile
2019-08-31 20:07:29 +02:00
Shlee 33f4b6e1eb Update Dockerfile (#11710) 2019-08-31 20:06:49 +02:00
Eugen Rochko 15c7478c55
Change Dockerfile to bind to 0.0.0.0 instead of docker-compose.yml (#11351) 2019-07-18 20:28:05 +02:00
Sandro Jäckel 1e6a1ea075 Docker: Remove dist-upgrade (#10822) 2019-05-26 22:26:45 +02:00
Sandro Jäckel c90f3b9865 Docker: Keep /var/lib/apt/ to keep apt working (#10830) 2019-05-25 23:20:28 +02:00
Alfie John 0852e643b7 Expand abbreviation to minimise confusion (#10826) 2019-05-25 23:20:18 +02:00
Ben Lubar d36fcb54c4 Re-organize Dockerfile to improve incremental builds. (#10212)
- Always run apt update before any other apt command. (This fixes
  incremental builds failing if a remote package is updated.)
- Only copy dependency lists before installing dependencies. (This means
  editing code doesn't force all dependencies to be re-downloaded.)
- Delete cache in the same layer that it is created. (Otherwise,
  deleting cache *increases* the size of the image on non-squashed
  builds.)
- Move the installation of some static dependencies to *before* Mastodon
  code is imported to Docker.
2019-03-08 16:12:48 +01:00
mohemohe 16fb39cffc Fix fail health check due to missing wget (#10110) 2019-02-25 04:06:24 +01:00
Sir-Boops 1dbf993bce Switch to Ubuntu for docker (#10100) 2019-02-24 16:32:40 +01:00
J0WI 26c1aba658 Do not use apk cache and upgrade (#9966) 2019-02-05 15:13:19 +01:00
J0WI 11d1502853 Replace LibreSSL by OpenSSL (#9975) 2019-02-05 15:12:45 +01:00
ashleyhull-versent 5c873a4ed7 Update Dockerfile (#9965) 2019-02-05 05:11:51 +01:00
ashleyhull-versent 8ec539fef1 Update Dockerfile (#9796) 2019-01-17 16:18:40 +01:00
Yamagishi Kazutoshi ea03faa167 Installing libxml2 and libxslt on Docker (#9680) 2019-01-01 04:03:54 +01:00
Isatis 5f0d3e8bad Dockerfile: Nodejs 8.12 -> 8.14 (#9532) 2018-12-16 05:50:09 +01:00
ashleyhull-versent 51677ff070 Update Dockerfile (#9026) 2018-10-23 05:21:28 +02:00
Isatis 49b182cd51 Dockerfile: update Node to 8.12.0 and put Ruby on Alpine 3.7 for build system memory help (#8842) 2018-10-04 15:37:31 +02:00
ashleyhull-versent 94f9cb0855 Revert "Updated ruby/node images" (#8712)
* Revert "update vagrant configs (#8706)"

This reverts commit 8971bb8cf2.

* Revert "Updated ruby/node images (#8700)"

This reverts commit 5aae71cf60.
2018-09-17 14:55:48 +02:00
ashleyhull-versent 5aae71cf60 Updated ruby/node images (#8700) 2018-09-15 22:30:02 +02:00
Kevin Liu 68cccb00ef Dockerfile: run asset precompilation as a build step (#7780)
* Dockerfile: run asset precompilation as a build step

* Replace OTP_SECRET and SECRET_KEY_BASE with placeholders
2018-07-15 01:19:09 +02:00
Yamagishi Kazutoshi 0eacf2b419 Upgrade Node.js to v8.x on Docker image (#8019) 2018-07-14 15:12:27 +02:00
Yamagishi Kazutoshi e9b322d0a6 Upgrade webpack to version v4.x (#6655) 2018-07-14 03:56:41 +02:00
Yamagishi Kazutoshi 523d8f20e3 Add symbolic link for yarnpkg (#7894) 2018-06-26 20:34:01 +02:00
Yamagishi Kazutoshi 097fd44978 Add /mastodon/bin to $PATH (#7889) 2018-06-25 13:30:25 +02:00
Yamagishi Kazutoshi f464f98fd3 Update Ruby to version 2.4.4 (#6964)
https://www.ruby-lang.org/en/news/2018/03/28/ruby-2-4-4-released/

> This release includes some bug fixes and some security fixes.
>
> - CVE-2017-17742: HTTP response splitting in WEBrick
> - CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
> - CVE-2018-8777: DoS by large request in WEBrick
> - CVE-2018-8778: Buffer under-read in String#unpack
> - CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
> - CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
> - Multiple vulnerabilities in RubyGems
2018-04-01 23:43:08 +02:00
Eugen Rochko 844616e950
Re-add git and nodejs-npm to Dockerfile (#6810)
Fix #6809

I don't know why, either
2018-03-17 15:28:09 +01:00
Eugen Rochko 0074cad44f
Downgrade Dockerfile to Ruby 2.4.3 on Alpine 3.6 (#6806)
Fix 6734
2018-03-17 14:06:25 +01:00
Akihiko Odaki 36579bac88 Use Alpine Linux yarn package in Docker (#6725)
Yarn was manually installed to meet the Yarn version requirement of
webpacker. Today, Alpine Linux 3.7 provides Yarn new enough.
2018-03-10 11:49:04 +01:00