56 lines
1.7 KiB
Docker
56 lines
1.7 KiB
Docker
# syntax=docker/dockerfile:1.4
|
|
FROM rust:latest AS builder
|
|
WORKDIR /app
|
|
|
|
# Cloner sdk_common depuis le repository (branche ext)
|
|
RUN git clone -b ext https://git.4nkweb.com/4nk/sdk_common.git /sdk_common
|
|
|
|
# Copie des fichiers de sdk_relay
|
|
COPY Cargo.toml Cargo.lock ./
|
|
COPY src/ src/
|
|
|
|
# Build des dépendances
|
|
RUN cargo build --release
|
|
|
|
# ---- image finale ----
|
|
FROM debian:bookworm-slim
|
|
RUN apt-get update && apt-get upgrade -y && \
|
|
apt-get install -y --fix-missing \
|
|
ca-certificates curl jq git \
|
|
net-tools iputils-ping dnsutils \
|
|
netcat-openbsd telnet procps && \
|
|
rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
|
|
|
# Création d'un utilisateur non-root
|
|
RUN useradd -m -u 1000 appuser && \
|
|
mkdir -p /app && chown -R appuser:appuser /app
|
|
|
|
COPY --from=builder /app/target/release/sdk_relay /usr/local/bin/sdk_relay
|
|
RUN chmod +x /usr/local/bin/sdk_relay && \
|
|
chown appuser:appuser /usr/local/bin/sdk_relay
|
|
|
|
# Configuration via build arg
|
|
ARG CONF
|
|
RUN echo "$CONF" > /app/.conf && \
|
|
chown appuser:appuser /app/.conf && \
|
|
chmod 644 /app/.conf
|
|
|
|
# Créer le répertoire .4nk avec les bonnes permissions
|
|
RUN mkdir -p /app/.4nk && \
|
|
chown -R appuser:appuser /app/.4nk && \
|
|
chmod 755 /app/.4nk
|
|
|
|
WORKDIR /app
|
|
USER appuser
|
|
ENV HOME=/app
|
|
|
|
VOLUME ["/app/.4nk"]
|
|
|
|
EXPOSE 8090 8091
|
|
# Préparer le répertoire de logs interne (monté par docker-compose vers /home/debian/4NK_env/logs/sdk_relay)
|
|
USER root
|
|
RUN mkdir -p /var/log/sdk_relay && chown -R appuser:appuser /var/log/sdk_relay
|
|
USER appuser
|
|
|
|
# Rediriger stdout/stderr vers un fichier pour la centralisation par promtail
|
|
ENTRYPOINT ["/bin/sh","-c","exec sdk_relay --config /app/.conf >> /var/log/sdk_relay/stdout.log 2>&1"] |