icedream
/
livestream-tools
1
0
Fork 0
Code Releases Activity
livestream-tools/icedreammusic/ndi-feeder/Dockerfile

308 lines
9.3 KiB
Docker
Raw Blame History

# syntax=docker/dockerfile:1.14.0
FROM alpine AS rootfs
RUN apk add --no-cache gnupg
RUN wget -O- https://raw.githubusercontent.com/archlinuxarm/archlinuxarm-keyring/master/archlinuxarm.gpg | gpg --import
WORKDIR /target/
ARG ALARM_ROOTFS_URL=http://os.archlinuxarm.org/os/ArchLinuxARM-rpi-2-latest.tar.gz
RUN wget "${ALARM_ROOTFS_URL}" -O/tmp/rootfs.tar.gz
RUN wget "${ALARM_ROOTFS_URL}.sig" -O/tmp/rootfs.tar.gz.sig
RUN gpg --verify /tmp/rootfs.tar.gz.sig
RUN tar -xvpzf /tmp/rootfs.tar.gz
###
# PREPARE LAYER FOR UPDATES AND GENERAL PACKAGE INSTALLATION
# FROM scratch AS image-base
# COPY --from=rootfs /target/ /
FROM archlinux AS image-base
# Make powerpill not act up later, placing this early for validation consistency
RUN sed -i 's,SigLevel\s\+=\s\+Required,SigLevel = PackageRequired,' /etc/pacman.conf
RUN pacman -Sy --noconfirm
RUN pacman-key --init
# Install core keyring (https://archlinuxarm.org/about/package-signing)
# RUN pacman -S --needed --noconfirm archlinuxarm-keyring
# RUN pacman-key --populate archlinuxarm
RUN pacman-key --populate archlinux
RUN pacman -S --needed --noconfirm archlinux-keyring
RUN pacman-key --populate archlinux
# ###
# # INSTALL FILESYSTEM PACKAGE UPDATES
# # We have to do this with an alternative root since /etc/{hosts,resolv.conf}
# # are mounted read-only by Docker.
# FROM image-base AS updated-filesystem-base
# COPY --from=image-base / /target/
FROM image-base AS updated-filesystem-base
# RUN \
# --mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
# --mount=type=cache,target=/tmp/build/.cache \
# pacman -r /target/ -S --noconfirm --needed filesystem
# ###
# # LAYER USED FOR INSTALLING UPDATES AND ADDITIONAL PACKAGES USED IN FINAL IMAGE
# FROM scratch AS base
# COPY --from=updated-filesystem-base /target/ /
FROM updated-filesystem-base AS base
# # Install updates
# # NOTE - we install fsck helpers for fat and ext4 in this stage to save on time spent on /boot updates
# RUN \
# --mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
# --mount=type=cache,target=/tmp/build/.cache \
# pacman -Suu --noconfirm --needed dosfstools e2fsprogs
###
# LAYER USED TO COMPILE STUFF
FROM image-base AS base-devel
RUN pacman -S --noconfirm base-devel git
#RUN pacman -S --noconfirm --needed sudo
RUN (echo "" && echo "%wheel ALL=(ALL) NOPASSWD: ALL") >> /etc/sudoers
RUN useradd -r -N -m -G wheel -d /tmp/build -k /var/empty build
RUN sed -i \
-e 's,#MAKEFLAGS=.*,MAKEFLAGS="-j$(getconf _NPROCESSORS_ONLN)",g' \
/etc/makepkg.conf
RUN \
--mount=type=cache,target=/tmp/build/.cache \
chown -Rv build /tmp/build /tmp/build/.cache
RUN echo "ParallelDownloads = 5" >>/etc/pacman.conf
USER build
# Needed for anything commits
RUN git config --global user.email "$(whoami)@localhost"
RUN git config --global user.name "Build"
###
# FAKESILENCE
FROM golang:1 AS fakesilence
WORKDIR /usr/src/fakesilence
ARG FAKESILENCE_VERSION=5d8d79af09df5c195908e004a4a3971942180901
RUN go install -v -ldflags "-s -w" github.com/icedream/fakesilence@"${FAKESILENCE_VERSION}"
RUN cp -v "$GOPATH"/bin/* /usr/local/bin
###
# YAY
FROM base-devel AS yay
# NOTE - for why we do `ulimit -n 1024` see https://github.com/moby/moby/issues/27195#issuecomment-1410745778
WORKDIR /usr/src/yay
RUN git clone --recursive https://aur.archlinux.org/yay.git .
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
ulimit -n 1024 && makepkg -sr --noconfirm --nocheck
###
# BASE DEVEL (YAY)
FROM base-devel AS base-devel-yay
USER root
COPY --from=yay /usr/src/yay/*.pkg.* /tmp/
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
pacman --noconfirm -U /tmp/*.pkg.* && rm /tmp/*.pkg.*
USER build
###
# POD2MAN
FROM base-devel-yay AS pod2man
WORKDIR /usr/src/pod2man
RUN git clone --recursive https://aur.archlinux.org/pod2man.git .
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
(. ./PKGBUILD && yay -S --noconfirm --asdeps --provides --needed $(yay -T "${depends[@]}") && (mv -v ~/.cache/yay/*/*.pkg.* . || true))
RUN ulimit -n 1024 && makepkg -sr --noconfirm
###
# NDI-SDK-EMBEDDED
FROM base-devel-yay AS ndi-sdk-embedded
WORKDIR /usr/src/ndi-sdk-embedded
RUN git clone --recursive https://aur.archlinux.org/ndi-sdk-embedded.git .
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
(. ./PKGBUILD && yay -S --noconfirm --asdeps --provides --needed $(yay -T "${depends[@]}") && (mv -v ~/.cache/yay/*/*.pkg.* . || true))
RUN ulimit -n 1024 && makepkg -sr --noconfirm
###
# NDI-SDK
FROM base-devel-yay AS ndi-sdk
WORKDIR /usr/src/ndi-sdk
RUN git clone --recursive https://aur.archlinux.org/ndi-sdk.git .
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
(. ./PKGBUILD && yay -S --noconfirm --asdeps --provides --needed $(yay -T "${depends[@]}") && (mv -v ~/.cache/yay/*/*.pkg.* . || true))
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
(. ./PKGBUILD && yay -S --noconfirm --asdeps --provides --needed $(yay -T "${makedepends[@]}"))
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
ulimit -n 1024 && makepkg -sr --noconfirm
###
# NDI-ADVANCED-SDK
FROM base-devel-yay AS ndi-advanced-sdk
WORKDIR /usr/src/ndi-advanced-sdk
RUN git clone --recursive https://aur.archlinux.org/ndi-advanced-sdk.git .
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
(. ./PKGBUILD && yay -S --noconfirm --asdeps --provides --needed $(yay -T "${depends[@]}") && (mv -v ~/.cache/yay/*/*.pkg.* . || true))
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
(. ./PKGBUILD && yay -S --noconfirm --asdeps --provides --needed $(yay -T "${makedepends[@]}"))
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
ulimit -n 1024 && makepkg -sr --noconfirm
###
# FFMPEG-NDI
FROM base-devel-yay AS ffmpeg-ndi
WORKDIR /usr/src/ffmpeg-ndi
USER root
# COPY --from=ndi-sdk-embedded /usr/src/ndi-sdk-embedded/*.pkg.* /tmp/
COPY --from=ndi-sdk /usr/src/ndi-sdk/*.pkg.* /tmp/
COPY --from=pod2man /usr/src/pod2man/*.pkg.* /tmp/
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
yay --noconfirm -U /tmp/*.pkg.* && rm /tmp/*.pkg.*
USER build
# ffmpeg-ndi AUR package is no longer maintained, use our own modified copy
COPY ./packages/ffmpeg-ndi/ .
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
(\
. ./PKGBUILD &&\
if [ "${#depends[@]}" -eq 0 ]; then exit; fi &&\
packages=$(yay -T "${depends[@]}" 2>/dev/null|| true) &&\
if [ -z "$packages" ]; then exit; fi &&\
yay -S --noconfirm --asdeps --provides --needed $packages &&\
find ~/.cache/yay/ -mindepth 2 -maxdepth 2 -name \*.pkg.\* -exec mv {} . \;\
)
# RUN (. ./PKGBUILD && yay -S --noconfirm --asdeps --provides --needed $(yay -T "${optdepends[@]}") && (mv -v ~/.cache/yay/*/*.pkg.* . || true))
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
(\
. ./PKGBUILD &&\
if [ "${#makedepends[@]}" -eq 0 ]; then exit; fi &&\
packages=$(yay -T "${makedepends[@]}" 2>/dev/null|| true) &&\
if [ -z "$packages" ]; then exit; fi &&\
yay -S --noconfirm --asdeps --provides --needed $packages \
)
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
ulimit -n 1024 && makepkg -sr --noconfirm --nocheck
###
# PERMISSIONS FOR FINAL IMAGE FILES
FROM busybox AS files
WORKDIR /target/usr/local/bin/
COPY *.sh .
RUN dos2unix *.sh
RUN chmod -v +x *.sh
###
# PACKAGES
FROM scratch as packages
COPY --from=ndi-sdk /usr/src/ndi-sdk/*.pkg.* /packages/
COPY --from=ffmpeg-ndi /usr/src/ffmpeg-ndi/*.pkg.* /packages/
COPY --from=fakesilence /usr/local/bin/fakesilence /target/usr/local/bin/
###
# FINAL IMAGE
FROM base AS final-image
USER root
# COPY --from=powerpill /usr/src/powerpill/*.pkg.* /tmp/
# RUN \
# --mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
# --mount=type=cache,target=/tmp/build/.cache \
# pacman --noconfirm -U /tmp/*.pkg.*; rm /tmp/*.pkg.*
#COPY --from=yay /usr/src/yay/*.pkg.* /tmp/
COPY --from=ndi-sdk /usr/src/ndi-sdk/*.pkg.* /tmp/
COPY --from=ffmpeg-ndi /usr/src/ffmpeg-ndi/*.pkg.* /tmp/
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
rm -f /var/cache/pacman/pkg/cache.lck; pacman --noconfirm -U /tmp/*.pkg.*; rm /tmp/*.pkg.*
RUN \
--mount=type=cache,target=/var/cache/pacman/pkg,sharing=locked \
--mount=type=cache,target=/tmp/build/.cache \
rm -f /var/cache/pacman/pkg/cache.lck; pacman -S --noconfirm --needed sudo realtime-privileges
COPY --from=fakesilence /usr/local/bin/fakesilence /usr/local/bin/
COPY --from=files /target/ /
RUN useradd -m -u 1000 -G wheel,realtime,audio,video ndi-feeder
RUN echo "ndi-feeder:ndi-feeder" | chpasswd
USER ndi-feeder
CMD ["ndi-feeder.sh"]
STOPSIGNAL SIGTERM
View Git Blame Copy Permalink