| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104 |
- # This file was generated using a Jinja2 template.
- # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's.
- # Using multistage build:
- # https://docs.docker.com/develop/develop-images/multistage-build/
- # https://whitfin.io/speeding-up-rust-docker-builds/
- ####################### VAULT BUILD IMAGE #######################
- # This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable.
- # It can be viewed in multiple ways:
- # - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there.
- # - From the console, with the following commands:
- # docker pull bitwardenrs/web-vault:v2.13.2b
- # docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.13.2b
- #
- # - To do the opposite, and get the tag from the hash, you can do:
- # docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:f32c555a2bc3ee6bc0718319b1e8057c10ef889cf7231f0ff217af98486da554
- FROM bitwardenrs/web-vault@sha256:f32c555a2bc3ee6bc0718319b1e8057c10ef889cf7231f0ff217af98486da554 as vault
- ########################## BUILD IMAGE ##########################
- # Musl build image for statically compiled binary
- FROM clux/muslrust:nightly-2020-03-09 as build
- # set mysql backend
- ARG DB=mysql
- # Build time options to avoid dpkg warnings and help with reproducible builds.
- ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color
- # Don't download rust docs
- RUN rustup set profile minimal
- ENV USER "root"
- ENV RUSTFLAGS='-C link-arg=-s'
- # Install MySQL package
- RUN apt-get update && apt-get install -y \
- --no-install-recommends \
- libmysqlclient-dev \
- && rm -rf /var/lib/apt/lists/*
- # Creates a dummy project used to grab dependencies
- RUN USER=root cargo new --bin /app
- WORKDIR /app
- # Copies over *only* your manifests and build files
- COPY ./Cargo.* ./
- COPY ./rust-toolchain ./rust-toolchain
- COPY ./build.rs ./build.rs
- RUN rustup target add x86_64-unknown-linux-musl
- # Builds your dependencies and removes the
- # dummy project, except the target folder
- # This folder contains the compiled dependencies
- RUN cargo build --features ${DB} --release
- RUN find . -not -path "./target*" -delete
- # Copies the complete project
- # To avoid copying unneeded files, use .dockerignore
- COPY . .
- # Make sure that we actually build the project
- RUN touch src/main.rs
- # Builds again, this time it'll just be
- # your actual source files being built
- RUN cargo build --features ${DB} --release
- ######################## RUNTIME IMAGE ########################
- # Create a new stage with a minimal image
- # because we already have a binary built
- FROM alpine:3.11
- ENV ROCKET_ENV "staging"
- ENV ROCKET_PORT=80
- ENV ROCKET_WORKERS=10
- ENV SSL_CERT_DIR=/etc/ssl/certs
- # Install needed libraries
- RUN apk add --no-cache \
- openssl \
- curl \
- mariadb-connector-c \
- ca-certificates
- RUN mkdir /data
- VOLUME /data
- EXPOSE 80
- EXPOSE 3012
- # Copies the files from the context (Rocket.toml file and web-vault)
- # and the binary from the "build" stage to the current stage
- COPY Rocket.toml .
- COPY --from=vault /web-vault ./web-vault
- COPY --from=build /app/target/x86_64-unknown-linux-musl/release/bitwarden_rs .
- COPY docker/healthcheck.sh /healthcheck.sh
- HEALTHCHECK --interval=60s --timeout=10s CMD ["/healthcheck.sh"]
- # Configures the startup!
- WORKDIR /
- CMD ["/bitwarden_rs"]
|
