[ENH](/[REFAC]) Docker Image Building and Usage refactor.

.github/workflows/docker.yml

@@ -1,10 +1,10 @@
-name: Docker
+name: Docker-Builder
 on:
   push:
     branches:
       - master
   release:
-    types: [published]
+    types: [ published ]
 
 env:
   REGISTRY: ghcr.io
@@ -22,7 +22,7 @@ jobs:
           MY_TOKEN: ${{ secrets.MY_TOKEN }}
         if: "${{ env.MY_TOKEN != '' }}"
         run: echo "token_defined=true" >> "$GITHUB_OUTPUT"
-        
+
   build:
     name: Release
     runs-on: ubuntu-latest
@@ -36,6 +36,8 @@ jobs:
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
+        with:
+          platforms: linux/amd64,linux/arm64,linux/arm/v6,linux/arm/v7
 
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
@@ -54,14 +56,25 @@ jobs:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
 
       - name: Build and push Docker image
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           file: docker/Dockerfile
-          platforms: linux/amd64,linux/arm64
+          platforms: linux/amd64,linux/arm64,linux/arm/v6,linux/arm/v7
           push: true
           tags: ${{ steps.meta.outputs.tags }}
           labels: ${{ steps.meta.outputs.labels }}
           build-args: |
-            INCLUDE_MONGODBTOOLS=true
+            INCLUDE_MONGODB_TOOLS=true
+            INCLUDE_POSTGRESQL_TOOLS=true
+            INCLUDE_MARIADB_TOOLS=true
             PREINSTALL_LIBS=true
+
+      #- name: Docker Scout
+      #  id: docker-scout
+      #  uses: docker/scout-action@v1
+      #  with:
+      #    command: quickview,cves
+      #    image: image://
+      #    summary: true
+      #    only-severities: critical,high,medium,low,unspecified

.gitignore

@@ -310,4 +310,5 @@ __pycache__/
 
 # When running mkdocs locally as dev
 docs/__pycache__/
-docs/env/
+docs/env/
+docker-compose.yaml

docker/Dockerfile

@@ -1,103 +1,181 @@
-FROM --platform=$BUILDPLATFORM node:22-alpine AS builder
+### STAGE 1 BUILDING.
+FROM node:lts-alpine3.21 AS builder
+
+# Any value inside one of the disable ARGs will be accepted.
+ARG DISABLE_MINIFY="yes" \
+    DISABLE_TRANSLATE="yes"
 
 RUN mkdir -p /opt/meshcentral/meshcentral
-COPY ./ /opt/meshcentral/meshcentral/
 WORKDIR /opt/meshcentral
+COPY ./ /opt/meshcentral/meshcentral/
 
-ARG DISABLE_MINIFY=""
-ARG DISABLE_TRANSLATE=""
-
-
-RUN if ! [ -z "$DISABLE_MINIFY" ] && [ "$DISABLE_MINIFY" != "yes" ] && [ "$DISABLE_MINIFY" != "YES" ] \
-    && [ "$DISABLE_MINIFY" != "true" ] && [ "$DISABLE_MINIFY" != "TRUE" ]; then \
-    echo -e "\e[0;31;49mInvalid value for build argument DISABLE_MINIFY, possible values: yes/true\e[;0m"; exit 1; \
+# Check the Docker build arguments and if they are empty do the task.
+RUN if [ -z "$DISABLE_MINIFY" ] || [ -z "$DISABLE_TRANSLATE" ]; then \
+        cd meshcentral && \
+        npm install [email protected] [email protected] [email protected] && \
+        cd translate && \
+        node translate.js extractall && \
+        case "$DISABLE_MINIFY" in \
+            false|no|FALSE|NO) \
+                node translate.js minifyall;; \
+            *) \
+                echo "Setting MINIFY as disabled.";; \
+        esac && \
+        case "$DISABLE_TRANSLATE" in \
+            false|no|FALSE|NO) \
+                node translate.js translateall;; \
+            *) \
+                echo "Setting TRANSLATE as disabled.";; \
+        esac \
     fi
-RUN if ! [ -z "$DISABLE_TRANSLATE" ] && [ "$DISABLE_TRANSLATE" != "yes" ] && [ "$DISABLE_TRANSLATE" != "YES" ] \
-    && [ "$DISABLE_TRANSLATE" != "true" ] && [ "$DISABLE_TRANSLATE" != "TRUE" ]; then \
-    echo -e "\e[0;31;49mInvalid value for build argument DISABLE_TRANSLATE, possible values: yes/true\e[;0m"; exit 1; \
-    fi
-
-# install translate/minify modules if need too
-RUN if [ -z "$DISABLE_MINIFY" ] || [ -z "$DISABLE_TRANSLATE" ]; then cd meshcentral && npm install [email protected] [email protected] [email protected]; fi
-
-# first extractall if need too
-RUN if [ -z "$DISABLE_MINIFY" ] || [ -z "$DISABLE_TRANSLATE" ]; then cd meshcentral/translate && node translate.js extractall; fi
+# Possible more updated alternative? @minify-html/[email protected] -> https://www.npmjs.com/package/@minify-html/node
 
-# minify files
-RUN if [ -z "$DISABLE_MINIFY" ]; then cd meshcentral/translate && node translate.js minifyall; fi
+RUN cd meshcentral \
+    && npm uninstall html-minifier jsdom esprima
 
-# translate
-RUN if [ -z "$DISABLE_TRANSLATE" ]; then cd meshcentral/translate && node translate.js translateall; fi
+# cleanup for inter-container copying.
 
-# cleanup
-RUN if [ -z "$DISABLE_MINIFY" ] || [ -z "$DISABLE_TRANSLATE" ]; then cd meshcentral && npm remove html-minifier jsdom esprima; fi
 RUN rm -rf /opt/meshcentral/meshcentral/docker
 RUN rm -rf /opt/meshcentral/meshcentral/node_modules
 
+### STAGE 2 BUILDING.
 
-FROM --platform=$TARGETPLATFORM alpine:3.21
+FROM alpine:3.21
 
-#Add non-root user, add installation directories and assign proper permissions
-RUN mkdir -p /opt/meshcentral/meshcentral
+# environment variables
+ENV NODE_ENV="production" \
+    CONFIG_FILE="/opt/meshcentral/meshcentral-data/config.json" \
+    DYNAMIC_CONFIG="false"
+
+# environment variables for the above defined MeshCentral Config.json
+ENV ALLOW_PLUGINS="false" \
+    ALLOW_NEW_ACCOUNTS="false" \
+    ALLOWED_ORIGIN="false" \
+    IFRAME="false" \
+    REGEN_SESSIONKEY="false" \
+    WEBRTC="false" \
+    LOCAL_SESSION_RECORDING="true" \
+    MINIFY="true" \
+    HOSTNAME="localhost" \
+    REVERSE_PROXY="" \
+    REVERSE_PROXY_TLS_PORT="443" \
+    TRUSTED_PROXY="" \
+    ARGS=""
+
+# Database
+# Multi-variable declaration to reduce layers.
+ENV USE_MONGODB="false" \
+    USE_POSTGRESQL="false" \
+    USE_MARIADB="false"
+
+# Preinstallation args
+ARG PREINSTALL_LIBS="false" \
+    INCLUDE_MONGODB_TOOLS="false" \
+    INCLUDE_POSTGRESQL_TOOLS="false" \
+    INCLUDE_MARIADB_TOOLS="false"
+
+# MongoDB Variables
+# The following MONGO_URL variable overwrites most other mongoDb related varialbes.
+ENV MONGO_HOST="" \
+    MONGO_PORT="27017" \
+    MONGO_USERNAME="" \
+    MONGO_PASS="" \
+    MONGO_URL=""
+
+# PostgreSQL Variables
+ENV PSQL_HOST="" \
+    PSQL_PORT="5432" \
+    PSQL_USER="" \
+    PSQL_PASS="" \
+    PSQL_DATABASE=""
+
+# MariaDB/MySQL Variables, Alpine Linux only provides the actual MariaDB binaries.
+ENV MARIADB_HOST="" \
+    MARIADB_PORT="3306" \
+    MARIADB_USER="" \
+    MARIADB_PASS="" \
+    MARIADB_DATABASE=""
 
-# meshcentral installation
+RUN mkdir -p /opt/meshcentral/meshcentral
 WORKDIR /opt/meshcentral
 
 RUN apk update \
-    && apk add --no-cache --update tzdata nodejs npm bash python3 make gcc g++ \
-    && rm -rf /var/cache/apk/*
+    && apk add --no-cache --update \
+    bash gcc g++ jq make nodejs npm python3 tzdata \
+    && rm -rf /var/cache/* \
+        /tmp/* \
+        /usr/share/man/ \
+        /usr/share/doc/ \
+        /var/log/* \
+        /var/spool/* \
+        /usr/lib/debug/
 RUN npm install -g npm@latest
 
-ARG INCLUDE_MONGODBTOOLS=""
-ARG PREINSTALL_LIBS="false"
-
-# environment variables
-ENV NODE_ENV="production"
-ENV CONFIG_FILE="config.json"
-
-# environment variables for initial configuration file
-ENV USE_MONGODB="false"
-ENV MONGO_INITDB_ROOT_USERNAME="root"
-ENV MONGO_INITDB_ROOT_PASSWORD="pass"
-ENV MONGO_URL=""
-ENV HOSTNAME="localhost"
-ENV ALLOW_NEW_ACCOUNTS="true"
-ENV ALLOWPLUGINS="false"
-ENV LOCALSESSIONRECORDING="true"
-ENV MINIFY="false"
-ENV WEBRTC="false"
-ENV IFRAME="false"
-ENV SESSION_KEY=""
-ENV REVERSE_PROXY="false"
-ENV REVERSE_PROXY_TLS_PORT=""
-ENV ARGS=""
-ENV ALLOWED_ORIGIN="false"
-
-RUN if ! [ -z "$INCLUDE_MONGODBTOOLS" ] && [ "$INCLUDE_MONGODBTOOLS" != "yes" ] && [ "$INCLUDE_MONGODBTOOLS" != "YES" ] \
-    && [ "$INCLUDE_MONGODBTOOLS" != "true" ] && [ "$INCLUDE_MONGODBTOOLS" != "TRUE" ]; then \
-    echo -e "\e[0;31;49mInvalid value for build argument INCLUDE_MONGODBTOOLS, possible values: yes/true\e[;0m"; exit 1; \
-    fi
-
-RUN if ! [ -z "$INCLUDE_MONGODBTOOLS" ]; then apk add --no-cache mongodb-tools; fi
+RUN case "$PREINSTALL_LIBS" in \
+        true|yes|TRUE|YES) \
+            cd meshcentral && \
+            npm install [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected];; \
+        false|no|FALSE|NO) \
+            echo "Not pre-installing libraries.";; \
+        *) \
+            echo -e "Invalid value for build argument INCLUDE_POSTGRESQL_TOOLS, possible values: 'yes' or 'true'"; \
+            exit 1;; \
+    esac
+
+# NOTE: ALL MODULES MUST HAVE A VERSION NUMBER AND THE VERSION MUST MATCH THAT USED IN meshcentraljs mainStart()
+RUN case "$INCLUDE_MONGODB_TOOLS" in \
+        true|yes|TRUE|YES) \
+            apk add --no-cache mongodb-tools && \
+            cd meshcentral && npm install [email protected] \
+            ;; \
+        false|no|FALSE|NO) \
+            echo "Not including MongoDB Tools.";; \
+        *) \
+            echo "Invalid value for build argument INCLUDE_MONGODB_TOOLS, possible values: 'yes' or 'true'"; \
+            exit 1;; \
+    esac
+
+RUN case "$INCLUDE_POSTGRESQL_TOOLS" in \
+        true|yes|TRUE|YES) \
+            apk add --no-cache postgresql-client && \
+            cd meshcentral && npm install [email protected] \
+            ;; \
+        false|no|FALSE|NO) \
+            echo "Not including PostgreSQL Tools.";; \
+        *) \
+            echo -e "Invalid value for build argument INCLUDE_POSTGRESQL_TOOLS, possible values: 'yes' or 'true'"; \
+            exit 1;; \
+    esac
+
+RUN case "$INCLUDE_MARIADB_TOOLS" in \
+        true|yes|TRUE|YES) \
+            apk add --no-cache mariadb-client && \
+            cd meshcentral && npm install [email protected] [email protected] \
+            ;; \
+        false|no|FALSE|NO) \
+            echo "Not including MariaDB/MySQL Tools.";; \
+        *) \
+            echo -e "Invalid value for build argument INCLUDE_MARIADB_TOOLS, possible values: 'yes' or 'true'"; \
+            exit 1;; \
+    esac
 
 # copy files from builder-image
 COPY --from=builder /opt/meshcentral/meshcentral /opt/meshcentral/meshcentral
-COPY ./docker/startup.sh ./startup.sh
-COPY ./docker/config.json.template /opt/meshcentral/config.json.template
 
 # install dependencies from package.json
 RUN cd meshcentral && npm install
 
-# NOTE: ALL MODULES MUST HAVE A VERSION NUMBER AND THE VERSION MUST MATCH THAT USED IN meshcentral.js mainStart()
-RUN if ! [ -z "$INCLUDE_MONGODBTOOLS" ]; then cd meshcentral && npm install [email protected]; fi
-RUN if ! [ -z "$PREINSTALL_LIBS" ] && [ "$PREINSTALL_LIBS" == "true" ]; then cd meshcentral && npm install [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]; fi
-
-EXPOSE 80 443 4433
+# Expose needed ports
+EXPOSE 80 443
 
-# volumes
+# These volumes will be created by default even without any declaration, this allows default persistence in Docker/Podman.
 VOLUME /opt/meshcentral/meshcentral-data
 VOLUME /opt/meshcentral/meshcentral-files
 VOLUME /opt/meshcentral/meshcentral-web
 VOLUME /opt/meshcentral/meshcentral-backups
 
-CMD ["bash", "/opt/meshcentral/startup.sh"]
+# Copy images from Git repo, place it before ending so recompilation can make good use of cache.
+COPY ./docker/entrypoint.sh ./entrypoint.sh
+COPY ./docker/config.json.template /opt/meshcentral/config.json.template
+
+ENTRYPOINT  ["bash", "/opt/meshcentral/entrypoint.sh"]