FROM node:18-bookworm-slim ARG ALREADY_BUILT=0 # Install dependencies RUN apt update \ && apt install -y --no-install-recommends openssl ffmpeg python3 python3-pip ca-certificates gnupg gosu build-essential curl git \ && gosu nobody true \ && rm /var/lib/apt/lists/* -fR # Node images hardcode the node uid to 1000 so that number is not available. # The "peertube" user is created as a system account which selects a UID from # the range of SYS_UID_MIN to SYS_UID_MAX (-1 to 1000] and consistently # selects 999 given the current image build steps. The same is true for the # system group range SYS_GID_MIN and SYS_GID_MAX. It is fine to manually assign # them an ID outside of that range. DEFAULT_PEERTUBE_UID=999 DEFAULT_PEERTUBE_GID=999 # Add peertube user RUN groupadd -r -g ${PEERTUBE_GID:-${DEFAULT_PEERTUBE_GID}} peertube \ && useradd -r -u ${PEERTUBE_UID:-${DEFAULT_PEERTUBE_UID}} -g peertube -m peertube # Install PeerTube COPY --chown=peertube:peertube . /app WORKDIR /app USER peertube # Install manually client dependencies to apply our network timeout option RUN if [ "${ALREADY_BUILT}" = 0 ]; then \ cd client && yarn install --pure-lockfile --network-timeout 1200000 && cd ../ \ && yarn install --pure-lockfile --network-timeout 1200000 \ && npm run build; \ else \ echo "Do not build application inside Docker because of ALREADY_BUILT build argument"; \ fi; \ rm -rf ./node_modules ./client/node_modules ./client/.angular \ && NOCLIENT=1 yarn install --pure-lockfile --production --network-timeout 1200000 --network-concurrency 20 \ && yarn cache clean USER root RUN mkdir /data /config RUN chown -R peertube:peertube /data /config ENV NODE_ENV production ENV NODE_CONFIG_DIR /app/config:/app/support/docker/production/config:/config ENV PEERTUBE_LOCAL_CONFIG /config VOLUME /data VOLUME /config COPY ./support/docker/production/entrypoint.sh /usr/local/bin/entrypoint.sh ENTRYPOINT [ "/usr/local/bin/entrypoint.sh" ] # Expose API, RTMP and RTMPS ports EXPOSE 9000 1935 1936 # Run the application CMD [ "node", "dist/server" ]