Refactored Dockerfile: thin container & can run private relay

kylemanna · Mar 27, 2018 · f358001 · f358001
1 parent 271e016
commit f358001
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 9 deletions.
diff --git a/.travis.yml b/.travis.yml
@@ -15,7 +15,7 @@ before_script:
     - docker inspect "$image"
 
 script:
-    - official-images/test/run.sh "$image"
+    - official-images/test/run.sh -t utc -t cve-2014--shellshock -t no-hard-coded-passwords "$image"
 
 after_script:
     - docker images
diff --git a/Dockerfile b/Dockerfile
@@ -1,26 +1,33 @@
-FROM golang:alpine
+FROM golang:alpine AS builder
 LABEL maintainer="Kyle Manna <kyle@kylemanna.com>"
 
 ENV PKGVER   0.14.45
 
 # Busybox wget needs TLS support, curl is less painful to get working
-RUN apk add --update ca-certificates curl && \
-    install -d src/github.com/syncthing && \
+RUN apk add --no-cache ca-certificates curl && \
+    mkdir /go || true && \
+    cd /go && \
+    mkdir -p src/github.com/syncthing && \
     export SRCDIR=$PWD && \
     cd src/github.com/syncthing && \
-    echo curl -L https://github.com/syncthing/syncthing/releases/download/v$PKGVER/syncthing-source-v${PKGVER}.tar.gz && \
     curl -L https://github.com/syncthing/syncthing/releases/download/v$PKGVER/syncthing-source-v${PKGVER}.tar.gz | tar xzf - && \
     cd syncthing && \
     export GOPATH="$SRCDIR" GOROOT_FINAL="/usr/bin" && \
-    go run build.go -no-upgrade -version v${PKGVER} build strelaysrv && \
-    install -Dm755 strelaysrv /usr/bin/strelaysrv && \
-    rm -rf $SRCDIR /tmp/* /var/tmp/* /var/cache/apk/* /var/cache/distfiles/*
+    go run build.go -no-upgrade -version v${PKGVER} build strelaysrv
+
+#Building thin container
+FROM alpine
+
+RUN apk add --no-cache ca-certificates
+COPY --from=builder /go/src/github.com/syncthing/syncthing/strelaysrv /usr/bin/strelaysrv
 
 # Run unprivileged out of /relaysrv
 RUN mkdir /relaysrv && chown nobody:nobody /relaysrv
+VOLUME /relaysrv
 USER nobody
 WORKDIR /relaysrv
 
 EXPOSE 22067 22070
 
-CMD ["/usr/bin/strelaysrv"]
+ENTRYPOINT ["/usr/bin/strelaysrv"]
+CMD [""]
diff --git a/README.md b/README.md
@@ -25,6 +25,11 @@ Just run:
 
 Verify your server shows up at http://relays.syncthing.net/
 
+Or private relay:
+
+    docker run --rm -p 22067:22067 -p 22070:22070 kylemanna/syncthing-relay -pools=""
+
+
 ## Using Systemd to Auto Start the Docker Container
 
 Here's the quick start guide for setting up a systemd service that will listen on the defualt ports and start at boot time.  It will also attempt to pull down image updates each time the service starts and automatically restart after 10 seconds if the process exits.  This Docker container preserves no state across starts.