From 37241162141fc708a16f8dae711abd51410aafc0 Mon Sep 17 00:00:00 2001 From: sudacode Date: Sun, 24 Aug 2025 17:18:50 -0700 Subject: [PATCH] update dockerfile --- Dockerfile | 44 ++++++++++++++++++++++---------------------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1766ef86..8b5d3ff4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,39 +2,43 @@ FROM node:20-bookworm-slim WORKDIR /metrics -# Install Google Chrome stable and runtime deps + fonts +# Install Chromium from Debian and runtime deps + fonts RUN set -eux; \ apt-get update; \ apt-get install -y --no-install-recommends \ - wget gnupg ca-certificates curl unzip \ + # runtime deps used by chromium headless + chromium \ libnss3 libxss1 libx11-xcb1 libxcomposite1 libxdamage1 libxext6 libxfixes3 \ libxkbcommon0 libxrandr2 libatk1.0-0 libatk-bridge2.0-0 libgtk-3-0 \ libgbm1 libasound2 fonts-liberation \ - fonts-ipafont-gothic fonts-wqy-zenhei fonts-thai-tlwg fonts-kacst fonts-freefont-ttf; \ - wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | gpg --dearmor -o /usr/share/keyrings/google-linux.gpg; \ - echo "deb [arch=amd64 signed-by=/usr/share/keyrings/google-linux.gpg] http://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google-chrome.list; \ - apt-get update; \ - apt-get install -y --no-install-recommends google-chrome-stable; \ + # optional fonts for broader charset support + fonts-ipafont-gothic fonts-wqy-zenhei fonts-thai-tlwg fonts-kacst fonts-freefont-ttf \ + # helpers + curl unzip ca-certificates; \ rm -rf /var/lib/apt/lists/* # Prevent Puppeteer from downloading Chromium ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true -# Force flags via a wrapper so Chrome cannot try X11 or sandbox -RUN printf '%s\n' \ +# Force flags via a wrapper so no X/Wayland or sandbox is used +# We call Debian's chromium executable (usually /usr/bin/chromium or chromium-browser) +RUN set -eux; \ + CHROME_BIN="$(command -v chromium || command -v chromium-browser)"; \ + printf '%s\n' \ '#!/usr/bin/env bash' \ -'exec /usr/bin/google-chrome-stable \' \ -' --no-sandbox --disable-setuid-sandbox \' \ -' --headless=new --disable-gpu --disable-dev-shm-usage \' \ -' --no-zygote --no-first-run \' \ -' --ozone-platform=none --disable-features=UseOzonePlatform \' \ +"exec ${CHROME_BIN} \\" \ +' --no-sandbox --disable-setuid-sandbox \\' \ +' --headless=new --disable-gpu --disable-dev-shm-usage \\' \ +' --no-zygote --no-first-run \\' \ +' --ozone-platform=none --disable-features=UseOzonePlatform \\' \ ' "$@"' \ -> /usr/local/bin/chrome-wrapper && chmod +x /usr/local/bin/chrome-wrapper +> /usr/local/bin/chrome-wrapper; \ + chmod +x /usr/local/bin/chrome-wrapper -# Point puppeteer to the wrapper +# Point puppeteer to the wrapper (guarantees the flags are applied) ENV PUPPETEER_EXECUTABLE_PATH=/usr/local/bin/chrome-wrapper -# Optional envs used by metrics (kept for completeness) +# Optional envs the app may read ENV METRICS_BROWSER=chromium ENV METRICS_BROWSER_HEADLESS=true ENV METRICS_BROWSER_ARGS="" @@ -48,14 +52,10 @@ RUN npm ci COPY . . RUN npm run build -# Entry +# Entrypoint that just runs the app; flags are injected by chrome-wrapper RUN printf '%s\n' \ '#!/usr/bin/env bash' \ 'set -euo pipefail' \ -# Ensure METRICS_BROWSER_ARGS has flags if the app reads it (not strictly needed with wrapper) -'if [ -z "${METRICS_BROWSER_ARGS:-}" ]; then' \ -' export METRICS_BROWSER_ARGS="--no-sandbox --disable-setuid-sandbox --headless=new --disable-gpu --disable-dev-shm-usage --no-zygote --no-first-run --ozone-platform=none --disable-features=UseOzonePlatform --enable-features=NetworkService,NetworkServiceInProcess"' \ -'fi' \ 'exec npm start' \ > /usr/local/bin/metrics-entrypoint && chmod +x /usr/local/bin/metrics-entrypoint