/
Dockerfile
87 lines (66 loc) · 2.45 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
# Fotomat as a Docker image meant to be used directly on Docker-based
# production systems.
#
# Automatically built by Docker Hub and available as dienet/fotomat:latest.
# To rebuild locally: docker build -t dienet/fotomat:latest .
#
# To run serving local images from /path/to/images:
# docker run -v /path/to/images:/images dienet/fotomat:latest -listen=:3520 -local_image_directory=/images
#
# To run as an HTTP image proxy, trusting the host header:
# docker run dienet/fotomat:latest -listen=:3520
FROM debian:bullseye as builder
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && \
apt-get dist-upgrade -y -q --no-install-recommends
# Apt-get our dependencies, download, build, and install VIPS, and download and install Go.
ADD preinstall.sh /app/src/github.com/die-net/fotomat/
RUN VIPS_OPTIONS="--prefix=/usr" \
/app/src/github.com/die-net/fotomat/preinstall.sh
# Install busybox.
RUN apt-get install -y -q --no-install-recommends busybox
# Add the rest of our code.
COPY . /app/src/github.com/die-net/fotomat/
WORKDIR /app/src/github.com/die-net/fotomat/
# Build and install Fotomat
RUN GOPATH=/app /usr/local/go/bin/go install -ldflags="-s -w" ./...
# Test fotomat
RUN GOPATH=/app /usr/local/go/bin/go test -v ./...
# Set up an /export/ directory with the very basics of a system
RUN mkdir -m 0755 -p /export/etc /export/home /export/bin /export/usr/bin /export/sbin /export/usr/sbin && \
mkdir -m 0700 -p /export/root /export/proc /export/dev && \
mkdir -p -m 1777 /export/tmp
RUN useradd -r fotomat
RUN cp -a --parents \
/etc/nsswitch.conf \
/etc/passwd \
/etc/group \
/etc/shadow \
/etc/localtime \
/usr/share/zoneinfo/UTC \
/etc/ssl/certs/ca-certificates.crt \
/export/
# Copy busybox, Fotomat, DNS libraries, and all of their dependencies into /export.
RUN for file in \
/bin/busybox \
/app/bin/fotomat \
/lib/x86_64-linux-gnu/libnss_files.so.2 \
/lib/x86_64-linux-gnu/libnss_dns.so.2 \
/lib/x86_64-linux-gnu/libnss_compat.so.2; do \
echo $file; \
ldd $file; \
done | \
awk '($2=="=>"){print $3};(substr($1,1,1)=="/"){print $1}' | \
sort -u | \
xargs -I{} install -D {} /export{}
FROM scratch
ENTRYPOINT ["/app/bin/fotomat"]
CMD ["-listen=:3520"]
EXPOSE 3520
COPY --from=builder /export/ /
VOLUME /tmp
# Expand busybox
RUN ["/bin/busybox", "--install"]
USER fotomat
# Make sure the app runs at all.
RUN ["/app/bin/fotomat", "--version"]