Last active
July 14, 2021 11:46
-
-
Save MicrexIT/dfe1893d3926025c0256baea8580cf8d to your computer and use it in GitHub Desktop.
Elixir Phoenix Docker Deployment
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
FROM hexpm/elixir:1.11.2-erlang-23.1.2-alpine-3.12.1 as build | |
# install build dependencies | |
RUN apk add --no-cache build-base npm git python3 curl | |
# prepare build dir | |
WORKDIR /app | |
# install hex + rebar | |
RUN mix local.hex --force && \ | |
mix local.rebar --force | |
ARG MIX_ENV | |
# install mix dependencies | |
COPY mix.exs mix.lock ./ | |
RUN mix deps.get --only ${MIX_ENV} | |
RUN mkdir config | |
# Dependencies sometimes use compile-time configuration. Copying | |
# these compile-time config files before we compile dependencies | |
# ensures that any relevant config changes will trigger the dependencies | |
# to be re-compiled. | |
COPY config/config.exs config/runtime.exs config/$MIX_ENV.exs config/ | |
RUN mix deps.compile | |
# build assets | |
COPY assets/package.json assets/package-lock.json ./assets/ | |
# install all npm dependencies from scratch | |
RUN npm --prefix ./assets ci --progress=false --no-audit --loglevel=error | |
COPY priv priv | |
# Note: if your project uses a tool like https://purgecss.com/, | |
# which customizes asset compilation based on what it finds in | |
# your Elixir templates, you will need to move the asset compilation step | |
# down so that `lib` is available. | |
COPY assets assets | |
# use webpack to compile npm dependencies - https://www.npmjs.com/package/webpack-deploy | |
RUN npm run --prefix ./assets deploy | |
RUN mix phx.digest | |
# compile and build the release | |
COPY lib lib | |
RUN mix compile | |
# changes to config/runtime.exs don't require recompiling the code | |
COPY config/runtime.exs config/ | |
# uncomment COPY if rel/ exists | |
#COPY rel rel | |
RUN mix release | |
# Start a new build stage so that the final image will only contain | |
# the compiled release and other runtime necessities | |
FROM alpine:3.12.1 AS app | |
RUN apk add --no-cache openssl ncurses-libs | |
ENV USER="elixir" | |
ARG MIX_ENV | |
ARG DATABASE_URL | |
ARG SECRET_KEY_BASE | |
WORKDIR "/home/${USER}/app" | |
# Creates an unprivileged user to be used exclusively to run the Phoenix app | |
RUN \ | |
addgroup \ | |
-g 1000 \ | |
-S "${USER}" \ | |
&& adduser \ | |
-s /bin/sh \ | |
-u 1000 \ | |
-G "${USER}" \ | |
-h /home/elixir \ | |
-D "${USER}" \ | |
&& su "${USER}" | |
# Everything from this line onwards will run in the context of the unprivileged user. | |
USER "${USER}" | |
# REPLACE <xxx> with your otp app name | |
COPY --from=build --chown="${USER}":"${USER}" /app/_build/"${MIX_ENV}"/rel/<xxx> ./ | |
# REPLACE <xxx> with your otp app name | |
ENTRYPOINT ["bin/<xxx>"] | |
CMD ["start"] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment