From 0e315061269d8a677d746b62c7b34cfdb2221717 Mon Sep 17 00:00:00 2001
From: maxlath <k@maxlath.eu>
Date: Sun, 29 Jun 2025 19:18:50 +0200
Subject: [PATCH] replace shared volume between the inventaire and nginx
 services by a multi-stage copy

See https://docs.docker.com/build/building/multi-stage/#use-an-external-image-as-a-stage

The shared volume was making updates complicated, as the persisted volume data would not be overriden by the new container
---
 docker-compose.yml                    | 2 --
 nginx/Dockerfile.nginx                | 7 +++++--
 nginx/templates/default.conf.template | 2 +-
 3 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 21d11cb..ff3c785 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -10,7 +10,6 @@ services:
       - couchdb
       - elasticsearch
     volumes:
-      - inventaire-server:/opt/inventaire
       # The following paths are outside /opt/inventaire so that the inventaire-server volume can be removed
       # (as required when updating the server and client) without loosing their data
       - inventaire-leveldb:/opt/inventaire_leveldb
@@ -68,7 +67,6 @@ services:
     volumes:
       - ./nginx/templates:/etc/nginx/templates/
       - ./nginx/snippets:/etc/nginx/snippets
-      - inventaire-server:/opt/inventaire
       - certbot-www:/var/www/html
       - ./certbot/conf:/etc/letsencrypt
       - nginx-cache:/tmp/nginx
diff --git a/nginx/Dockerfile.nginx b/nginx/Dockerfile.nginx
index 5d4c89f..2fedaf2 100644
--- a/nginx/Dockerfile.nginx
+++ b/nginx/Dockerfile.nginx
@@ -1,5 +1,8 @@
-FROM nginx
+FROM nginx:1.28
 
 RUN [ ! -f /etc/nginx/dhparam.pem ] && openssl dhparam -out /etc/nginx/dhparam.pem 2048
 
-RUN mkdir -p /tmp/nginx/tmp /tmp/nginx/resize/img/users /tmp/nginx/resize/img/groups /tmp/nginx/resize/img/entities /tmp/nginx/resize/img/remote /tmp/nginx/resize/img/assets && chown -R nginx:nginx /tmp/nginx
+RUN mkdir -p /tmp/nginx/tmp /tmp/nginx/resize/img/users /tmp/nginx/resize/img/groups /tmp/nginx/resize/img/entities /tmp/nginx/resize/img/remote /tmp/nginx/resize/img/assets /var/cache/nginx/client_temp /opt/inventaire/client && chown -R nginx:nginx /tmp/nginx /opt
+
+# See https://docs.docker.com/build/building/multi-stage/
+COPY --from=inventaire/inventaire:latest /opt/inventaire/client /opt/inventaire/client
diff --git a/nginx/templates/default.conf.template b/nginx/templates/default.conf.template
index dcb4f78..2b2cb8b 100755
--- a/nginx/templates/default.conf.template
+++ b/nginx/templates/default.conf.template
@@ -108,7 +108,7 @@ server {
       proxy_pass http://inv;
     }
 
-    root  /opt/inventaire/client;
+    root /opt/inventaire/client;
     location /public {
         include /etc/nginx/snippets/security_headers.conf;
         limit_except GET {