Make it possible to build for multiple architectures

Our parent container is build for multiple architectures, so I think it would be nice if we followed suite. With this change we will be able to build the following platforms: - linux/amd64 - linux/386 - linux/arm64 - linux/arm/v7 - linux/mips64le - linux/s390x - linux/ppc64le However, we will only create a push function for the top 4, since the bottom 3 takes over 30 minutes to build, and none have asked for these yet. Instructions on how to set up Docker Buildx (which is required for this) can be found in [issue #28][1]. The reason for the "32-bit fix" added to the Dockerfile is a very interesting read, which can be found in [issue #30][2], but the TL;DR is that there exist a very exotic bug for some low level libraries when they try to access the filesystem while running inside a 32-bit environment that is emulated by QEMU running on a 64-bit host. For this reason we will need to pin the package version to something that is not being compiled, but this is ONLY necessary if it is inside a QEMU emulation. [1]: #28 [2]: #30
JonasAlfredsson · Mar 31, 2021 · e941b81 · e941b81
1 parent 1bd4dbf
commit e941b81
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 3 deletions.
diff --git a/src/Dockerfile b/src/Dockerfile
@@ -1,6 +1,8 @@
 FROM nginx:1.19.8
 LABEL maintainer="Jonas Alfredsson <jonas.alfredsson@protonmail.com>"
 
+ARG BUILDX_QEMU_ENV
+
 # Do a single run command to make the intermediary containers smaller.
 RUN set -ex && \
 # Install packages necessary during the build phase (for all architectures).
@@ -19,6 +21,11 @@ RUN set -ex && \
     && \
 # Install the latest version of PIP, Setuptools and Wheel.
     curl -L 'https://bootstrap.pypa.io/get-pip.py' | python3 && \
+# Handle an extremely specific issue when building the cryptography package for
+# 32-bit architectures within QEMU running on a 64-bit host (issue #30).
+    if [ "${BUILDX_QEMU_ENV}" = "true" -a "$(getconf LONG_BIT)" = "32" ]; then \
+        pip3 install -U cryptography==3.3.2; \
+    fi && \
 # Install certbot.
     pip3 install -U cffi certbot \
     && \

diff --git a/src/Makefile b/src/Makefile
@@ -11,8 +11,10 @@ build: Makefile Dockerfile
 	$(DOCKER_BUILD) -t jonasal/nginx-certbot:local .
 	@echo "Done!  Use docker run jonasal/nginx-certbot:local to run"
 
-release:
-	$(DOCKER_BUILD) -t jonasal/nginx-certbot --pull --no-cache .
+# These commands are primarily used for development, see link for more info:
+# https://github.com/JonasAlfredsson/docker-nginx-certbot/issues/28
+dev:
+	docker buildx build --build-arg BUILDX_QEMU_ENV=true --platform linux/amd64,linux/386,linux/arm64,linux/arm/v7,linux/mips64le,linux/s390x,linux/ppc64le --tag jonasal/nginx-certbot:dev .
 
 push:
-	docker push jonasal/nginx-certbot
+	docker buildx build --build-arg BUILDX_QEMU_ENV=true --platform linux/amd64,linux/386,linux/arm64,linux/arm/v7 --tag jonasal/nginx-certbot:dev --pull --no-cache --push .