Expose build args to container which allow the web service
to run as given uid:gid.
By default, this behavior is "off". Building via docker compose still
defaults to root:root on everything. Unless these args are explicitly
set, no users should notice a difference.
Build arguments are also exposed as Docker environment variables, so they can
be freely referenced in the `entrypoint.sh`
Output files will be owned by PUID and PGID, so if set, no more root:root
images (unless desired).
New arguments:
- ARG PUID=0
- ARG PGID=0
- ARG USER_HOME=/root
New environment variable:
- RSYNC_FLAGS
- NFS share doesn't like `-a` changing every bit on a directory
Example docker-compose.override.yaml using these flags
```
version: '3.9'
services:
auto:
environment:
RSYNC_FLAGS: -vrlgotO
build:
args:
USER_HOME: /opt/stablediffusion
PUID: 1000
PGID: 1002
volumes:
- /media/data:/data
- /tmp:/output
download:
volumes:
- /media/data:/data
```
Fix the problem that some extensions need to be installed from src
Now, because the step of installing extensions is moved forward in
`entrypoint.sh` instead of `startup.sh`, we cannot install some required
packages before executing `install.py`
When installing the extension `sd-webui-roop`, it relies on
`insightface==0.7.3`, and when installing this pypi package, it is found
that when building the wheel package, an error will be reported because
`gcc` cannot be found
ddc02ee1a9/requirements.txt (L1)
Therefore, considering that not all pypi packages are distributed in
wheel, those pypi packages distributed in src need `build-essential` to
build
## Justification
Closes issue #352
This update makes the Dockerfiles OCI compliant, making it easier to use
Buildah or other image building techniques that require it
## Implementation
This changes a few things, listed below:
* auto: Download container is switched to alpine. The `git` container
specified the `/git` directory as a volume. As such, all the files under
`/git` would be lost after each script invoke. Alpine is used later in
the build process anyway, so it shouldn't be any extra cost to switch to
it
* auto: "New" clone.sh script is copied into the container, which is
basically just the previous clone script that was embedded in the
Dockerfile.
* all: `<<EOF` heredoc styles have been switched to `&& \`
* all: I added NVIDIA_DRIVER_CAPABILITIES and NVIDIA_VISIBLE_DEVICES to
expose my Nvidia card. This is most likely a selinux/podman problem, but
shouldn't change anything with docker to add it.
* docker-compose: I added selinux labeling. I tested this with real
docker (not just podman!) and it seems to work fine. Though I suggest
you try it too.
## Testing
Locally builds with buildah.
Note: for caching to work properly, you still need to replace
`/root/.cache/pip` with `/root/.cache/pip,Z` on selinux systems.
Note: I was having some trouble running invoke. Thought it was this PR,
but it's a known issue. See
https://github.com/invoke-ai/InvokeAI/issues/3182
---------
Co-authored-by: AbdBarho <ka70911@gmail.com>
