| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108 |
- # Using multistage build:
- # https://docs.docker.com/develop/develop-images/multistage-build/
- # https://whitfin.io/speeding-up-rust-docker-builds/
- ####################### VAULT BUILD IMAGE #######################
- FROM rust:1.40 as vault
- ENV VAULT_VERSION "v2.12.0b"
- ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
- ENV DEBIAN_FRONTEND=noninteractive \
- LANG=C.UTF-8 \
- TZ=UTC \
- TERM=xterm-256color
- RUN apt update -y \
- && apt install -y \
- curl \
- tar
- RUN mkdir /web-vault
- WORKDIR /web-vault
- SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"]
- RUN curl -L $URL | tar xz
- RUN ls
- ########################## BUILD IMAGE ##########################
- # We need to use the Rust build image, because
- # we need the Rust compiler and Cargo tooling
- FROM rust:1.40 as build
- # set postgresql backend
- ARG DB=postgresql
- # Don't download rust docs
- RUN rustup set profile minimal
- # Install PostgreSQL package
- RUN apt-get update && apt-get install -y \
- --no-install-recommends \
- libpq-dev \
- && rm -rf /var/lib/apt/lists/*
- # Creates a dummy project used to grab dependencies
- RUN USER=root cargo new --bin app
- WORKDIR /app
- # Copies over *only* your manifests and build files
- COPY ./Cargo.* ./
- COPY ./rust-toolchain ./rust-toolchain
- COPY ./build.rs ./build.rs
- # Builds your dependencies and removes the
- # dummy project, except the target folder
- # This folder contains the compiled dependencies
- RUN cargo build --features ${DB} --release
- RUN find . -not -path "./target*" -delete
- # Copies the complete project
- # To avoid copying unneeded files, use .dockerignore
- COPY . .
- # Make sure that we actually build the project
- RUN touch src/main.rs
- # Builds again, this time it'll just be
- # your actual source files being built
- RUN cargo build --features ${DB} --release
- ######################## RUNTIME IMAGE ########################
- # Create a new stage with a minimal image
- # because we already have a binary built
- FROM debian:buster-slim
- ENV ROCKET_ENV "staging"
- ENV ROCKET_PORT=80
- ENV ROCKET_WORKERS=10
- # Install needed libraries
- RUN apt-get update && apt-get install -y \
- --no-install-recommends \
- openssl \
- ca-certificates \
- curl \
- libpq5 \
- && rm -rf /var/lib/apt/lists/*
- RUN mkdir /data
- VOLUME /data
- EXPOSE 80
- EXPOSE 3012
- # Copies the files from the context (Rocket.toml file and web-vault)
- # and the binary from the "build" stage to the current stage
- COPY Rocket.toml .
- COPY --from=vault /web-vault ./web-vault
- COPY --from=build app/target/release/bitwarden_rs .
- COPY docker/healthcheck.sh ./healthcheck.sh
- HEALTHCHECK --interval=30s --timeout=3s CMD sh healthcheck.sh || exit 1
- # Configures the startup!
- WORKDIR /
- CMD ["/bitwarden_rs"]
|
