mirror of
				https://github.com/dani-garcia/vaultwarden.git
				synced 2025-10-26 07:50:02 +02:00 
			
		
		
		
	Change Dockerfiles to make the AMD image multidb
This commit is contained in:
		| @@ -3,6 +3,7 @@ target | |||||||
|  |  | ||||||
| # Data folder | # Data folder | ||||||
| data | data | ||||||
|  | .env | ||||||
|  |  | ||||||
| # IDE files | # IDE files | ||||||
| .vscode | .vscode | ||||||
| @@ -10,5 +11,15 @@ data | |||||||
| *.iml | *.iml | ||||||
|  |  | ||||||
| # Documentation | # Documentation | ||||||
|  | .github | ||||||
| *.md | *.md | ||||||
|  | *.txt | ||||||
|  | *.yml | ||||||
|  | *.yaml | ||||||
|  |  | ||||||
|  | # Docker folders | ||||||
|  | hooks | ||||||
|  | tools | ||||||
|  |  | ||||||
|  | # Web vault | ||||||
|  | web-vault | ||||||
| @@ -1 +1 @@ | |||||||
| docker/amd64/sqlite/Dockerfile | docker/amd64/Dockerfile | ||||||
| @@ -1,10 +1,10 @@ | |||||||
| # This file was generated using a Jinja2 template. | # This file was generated using a Jinja2 template. | ||||||
| # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's. | # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's. | ||||||
|  |  | ||||||
| {% set build_stage_base_image = "rust:1.40" %} | {% set build_stage_base_image = "rust:1.45" %} | ||||||
| {% if "alpine" in target_file %} | {% if "alpine" in target_file %} | ||||||
| {%   set build_stage_base_image = "clux/muslrust:nightly-2020-03-09" %} | {%   set build_stage_base_image = "clux/muslrust:nightly-2020-07-09" %} | ||||||
| {%   set runtime_stage_base_image = "alpine:3.11" %} | {%   set runtime_stage_base_image = "alpine:3.12" %} | ||||||
| {%   set package_arch_name = "" %} | {%   set package_arch_name = "" %} | ||||||
| {% elif "amd64" in target_file %} | {% elif "amd64" in target_file %} | ||||||
| {%   set runtime_stage_base_image = "debian:buster-slim" %} | {%   set runtime_stage_base_image = "debian:buster-slim" %} | ||||||
| @@ -42,25 +42,19 @@ | |||||||
| FROM bitwardenrs/web-vault@{{ vault_image_hash }} as vault | FROM bitwardenrs/web-vault@{{ vault_image_hash }} as vault | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| {% if "musl" in build_stage_base_image %} |  | ||||||
| # Musl build image for statically compiled binary |  | ||||||
| {% else %} |  | ||||||
| # We need to use the Rust build image, because |  | ||||||
| # we need the Rust compiler and Cargo tooling |  | ||||||
| {% endif %} |  | ||||||
| FROM {{ build_stage_base_image }} as build | FROM {{ build_stage_base_image }} as build | ||||||
|  |  | ||||||
| {% if "sqlite" in target_file %} | {% if "alpine" in target_file %} | ||||||
| # set sqlite as default for DB ARG for backward compatibility | # Alpine only works on SQlite | ||||||
| ARG DB=sqlite | ARG DB=sqlite | ||||||
|  |  | ||||||
| {% elif "mysql" in target_file %} | {% elif "amd64" in target_file %} | ||||||
| # set mysql backend | # AMD64 supports all | ||||||
| ARG DB=mysql | ARG DB=sqlite,mysql,postgresql | ||||||
|  |  | ||||||
| {% elif "postgresql" in target_file %} | {% else %} | ||||||
| # set postgresql backend | # ARM only supports SQLite for now | ||||||
| ARG DB=postgresql | ARG DB=sqlite | ||||||
|  |  | ||||||
| {% endif %} | {% endif %} | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| @@ -73,7 +67,7 @@ RUN rustup set profile minimal | |||||||
| ENV USER "root" | ENV USER "root" | ||||||
| ENV RUSTFLAGS='-C link-arg=-s' | ENV RUSTFLAGS='-C link-arg=-s' | ||||||
|  |  | ||||||
| {% elif "arm32" in target_file or "arm64" in target_file %} | {% elif "arm" in target_file %} | ||||||
| # Install required build libs for {{ package_arch_name }} architecture. | # Install required build libs for {{ package_arch_name }} architecture. | ||||||
| RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \ | RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \ | ||||||
|         /etc/apt/sources.list.d/deb-src.list \ |         /etc/apt/sources.list.d/deb-src.list \ | ||||||
| @@ -96,7 +90,6 @@ RUN apt-get update \ | |||||||
|  |  | ||||||
| ENV CARGO_HOME "/root/.cargo" | ENV CARGO_HOME "/root/.cargo" | ||||||
| ENV USER "root" | ENV USER "root" | ||||||
|  |  | ||||||
| {% elif "arm32v6" in target_file %} | {% elif "arm32v6" in target_file %} | ||||||
| RUN apt-get update \ | RUN apt-get update \ | ||||||
|     && apt-get install -y \ |     && apt-get install -y \ | ||||||
| @@ -108,7 +101,6 @@ RUN apt-get update \ | |||||||
|  |  | ||||||
| ENV CARGO_HOME "/root/.cargo" | ENV CARGO_HOME "/root/.cargo" | ||||||
| ENV USER "root" | ENV USER "root" | ||||||
|  |  | ||||||
| {% elif "arm32v7" in target_file %} | {% elif "arm32v7" in target_file %} | ||||||
| RUN apt-get update \ | RUN apt-get update \ | ||||||
|     && apt-get install -y \ |     && apt-get install -y \ | ||||||
| @@ -120,27 +112,16 @@ RUN apt-get update \ | |||||||
|  |  | ||||||
| ENV CARGO_HOME "/root/.cargo" | ENV CARGO_HOME "/root/.cargo" | ||||||
| ENV USER "root" | ENV USER "root" | ||||||
|  |  | ||||||
| {% endif %} | {% endif %} | ||||||
| {% if "mysql" in target_file %} | {% if "amd64" in target_file %} | ||||||
| # Install MySQL package | # Install DB packages | ||||||
| RUN apt-get update && apt-get install -y \ | RUN apt-get update && apt-get install -y \ | ||||||
|     --no-install-recommends \ |     --no-install-recommends \ | ||||||
| {% if "musl" in build_stage_base_image %} |  | ||||||
|     libmysqlclient-dev{{ package_arch_prefix }} \ |  | ||||||
| {% else %} |  | ||||||
|     libmariadb-dev{{ package_arch_prefix }} \ |     libmariadb-dev{{ package_arch_prefix }} \ | ||||||
| {% endif %} |  | ||||||
|     && rm -rf /var/lib/apt/lists/* |  | ||||||
|  |  | ||||||
| {% elif "postgresql" in target_file %} |  | ||||||
| # Install PostgreSQL package |  | ||||||
| RUN apt-get update && apt-get install -y \ |  | ||||||
|     --no-install-recommends \ |  | ||||||
|     libpq-dev{{ package_arch_prefix }} \ |     libpq-dev{{ package_arch_prefix }} \ | ||||||
|     && rm -rf /var/lib/apt/lists/* |     && rm -rf /var/lib/apt/lists/* | ||||||
|  |  | ||||||
| {% endif %} | {% endif %} | ||||||
|  |  | ||||||
| # Creates a dummy project used to grab dependencies | # Creates a dummy project used to grab dependencies | ||||||
| RUN USER=root cargo new --bin /app | RUN USER=root cargo new --bin /app | ||||||
| WORKDIR /app | WORKDIR /app | ||||||
| @@ -178,6 +159,7 @@ RUN rustup target add arm-unknown-linux-gnueabi | |||||||
|  |  | ||||||
| {% elif "arm32v7" in target_file %} | {% elif "arm32v7" in target_file %} | ||||||
| RUN rustup target add armv7-unknown-linux-gnueabihf | RUN rustup target add armv7-unknown-linux-gnueabihf | ||||||
|  |  | ||||||
| {% endif %} | {% endif %} | ||||||
| # Builds your dependencies and removes the | # Builds your dependencies and removes the | ||||||
| # dummy project, except the target folder | # dummy project, except the target folder | ||||||
| @@ -239,11 +221,9 @@ RUN apt-get update && apt-get install -y \ | |||||||
|     openssl \ |     openssl \ | ||||||
|     ca-certificates \ |     ca-certificates \ | ||||||
|     curl \ |     curl \ | ||||||
| {%   if "sqlite" in target_file %} |  | ||||||
|     sqlite3 \ |     sqlite3 \ | ||||||
| {%   elif "mysql" in target_file %} | {%   if "amd64" in target_file %} | ||||||
|     libmariadbclient-dev \ |     libmariadbclient-dev \ | ||||||
| {%   elif "postgresql" in target_file %} |  | ||||||
|     libpq5 \ |     libpq5 \ | ||||||
| {%   endif %} | {%   endif %} | ||||||
|     && rm -rf /var/lib/apt/lists/* |     && rm -rf /var/lib/apt/lists/* | ||||||
|   | |||||||
| @@ -18,12 +18,10 @@ | |||||||
| FROM bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c as vault | FROM bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c as vault | ||||||
| 
 | 
 | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| # We need to use the Rust build image, because | FROM rust:1.45 as build | ||||||
| # we need the Rust compiler and Cargo tooling |  | ||||||
| FROM rust:1.40 as build |  | ||||||
| 
 | 
 | ||||||
| # set mysql backend | # AMD64 supports all | ||||||
| ARG DB=mysql | ARG DB=sqlite,mysql,postgresql | ||||||
| 
 | 
 | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color | ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color | ||||||
| @@ -31,10 +29,11 @@ ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color | |||||||
| # Don't download rust docs | # Don't download rust docs | ||||||
| RUN rustup set profile minimal | RUN rustup set profile minimal | ||||||
| 
 | 
 | ||||||
| # Install MySQL package | # Install DB packages | ||||||
| RUN apt-get update && apt-get install -y \ | RUN apt-get update && apt-get install -y \ | ||||||
|     --no-install-recommends \ |     --no-install-recommends \ | ||||||
|     libmariadb-dev \ |     libmariadb-dev \ | ||||||
|  |     libpq-dev \ | ||||||
|     && rm -rf /var/lib/apt/lists/* |     && rm -rf /var/lib/apt/lists/* | ||||||
| 
 | 
 | ||||||
| # Creates a dummy project used to grab dependencies | # Creates a dummy project used to grab dependencies | ||||||
| @@ -78,7 +77,9 @@ RUN apt-get update && apt-get install -y \ | |||||||
|     openssl \ |     openssl \ | ||||||
|     ca-certificates \ |     ca-certificates \ | ||||||
|     curl \ |     curl \ | ||||||
|  |     sqlite3 \ | ||||||
|     libmariadbclient-dev \ |     libmariadbclient-dev \ | ||||||
|  |     libpq5 \ | ||||||
|     && rm -rf /var/lib/apt/lists/* |     && rm -rf /var/lib/apt/lists/* | ||||||
| 
 | 
 | ||||||
| RUN mkdir /data | RUN mkdir /data | ||||||
| @@ -18,11 +18,10 @@ | |||||||
| FROM bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c as vault | FROM bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c as vault | ||||||
| 
 | 
 | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| # Musl build image for statically compiled binary | FROM clux/muslrust:nightly-2020-07-09 as build | ||||||
| FROM clux/muslrust:nightly-2020-03-09 as build |  | ||||||
| 
 | 
 | ||||||
| # set postgresql backend | # Alpine only works on SQlite | ||||||
| ARG DB=postgresql | ARG DB=sqlite | ||||||
| 
 | 
 | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color | ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color | ||||||
| @@ -33,9 +32,10 @@ RUN rustup set profile minimal | |||||||
| ENV USER "root" | ENV USER "root" | ||||||
| ENV RUSTFLAGS='-C link-arg=-s' | ENV RUSTFLAGS='-C link-arg=-s' | ||||||
| 
 | 
 | ||||||
| # Install PostgreSQL package | # Install DB packages | ||||||
| RUN apt-get update && apt-get install -y \ | RUN apt-get update && apt-get install -y \ | ||||||
|     --no-install-recommends \ |     --no-install-recommends \ | ||||||
|  |     libmariadb-dev \ | ||||||
|     libpq-dev \ |     libpq-dev \ | ||||||
|     && rm -rf /var/lib/apt/lists/* |     && rm -rf /var/lib/apt/lists/* | ||||||
| 
 | 
 | ||||||
| @@ -70,7 +70,7 @@ RUN cargo build --features ${DB} --release | |||||||
| ######################## RUNTIME IMAGE  ######################## | ######################## RUNTIME IMAGE  ######################## | ||||||
| # Create a new stage with a minimal image | # Create a new stage with a minimal image | ||||||
| # because we already have a binary built | # because we already have a binary built | ||||||
| FROM alpine:3.11 | FROM alpine:3.12 | ||||||
| 
 | 
 | ||||||
| ENV ROCKET_ENV "staging" | ENV ROCKET_ENV "staging" | ||||||
| ENV ROCKET_PORT=80 | ENV ROCKET_PORT=80 | ||||||
| @@ -81,7 +81,6 @@ ENV SSL_CERT_DIR=/etc/ssl/certs | |||||||
| RUN apk add --no-cache \ | RUN apk add --no-cache \ | ||||||
|         openssl \ |         openssl \ | ||||||
|         curl \ |         curl \ | ||||||
|         postgresql-libs \ |  | ||||||
|         ca-certificates |         ca-certificates | ||||||
| 
 | 
 | ||||||
| RUN mkdir /data | RUN mkdir /data | ||||||
| @@ -1,105 +0,0 @@ | |||||||
| # This file was generated using a Jinja2 template. |  | ||||||
| # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's. |  | ||||||
|  |  | ||||||
| # Using multistage build: |  | ||||||
| # 	https://docs.docker.com/develop/develop-images/multistage-build/ |  | ||||||
| # 	https://whitfin.io/speeding-up-rust-docker-builds/ |  | ||||||
| ####################### VAULT BUILD IMAGE  ####################### |  | ||||||
|  |  | ||||||
| #  This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable. |  | ||||||
| #  It can be viewed in multiple ways: |  | ||||||
| #  - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there. |  | ||||||
| #  - From the console, with the following commands: |  | ||||||
| #      docker pull bitwardenrs/web-vault:v2.15.1 |  | ||||||
| #      docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.15.1 |  | ||||||
| # |  | ||||||
| #  - To do the opposite, and get the tag from the hash, you can do: |  | ||||||
| #      docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c |  | ||||||
| FROM bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c as vault |  | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## |  | ||||||
| # Musl build image for statically compiled binary |  | ||||||
| FROM clux/muslrust:nightly-2020-03-09 as build |  | ||||||
|  |  | ||||||
| # set mysql backend |  | ||||||
| ARG DB=mysql |  | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. |  | ||||||
| ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color |  | ||||||
|  |  | ||||||
| # Don't download rust docs |  | ||||||
| RUN rustup set profile minimal |  | ||||||
|  |  | ||||||
| ENV USER "root" |  | ||||||
| ENV RUSTFLAGS='-C link-arg=-s' |  | ||||||
|  |  | ||||||
| # Install MySQL package |  | ||||||
| RUN apt-get update && apt-get install -y \ |  | ||||||
|     --no-install-recommends \ |  | ||||||
|     libmysqlclient-dev \ |  | ||||||
|     && rm -rf /var/lib/apt/lists/* |  | ||||||
|  |  | ||||||
| # Creates a dummy project used to grab dependencies |  | ||||||
| RUN USER=root cargo new --bin /app |  | ||||||
| WORKDIR /app |  | ||||||
|  |  | ||||||
| # Copies over *only* your manifests and build files |  | ||||||
| COPY ./Cargo.* ./ |  | ||||||
| COPY ./rust-toolchain ./rust-toolchain |  | ||||||
| COPY ./build.rs ./build.rs |  | ||||||
|  |  | ||||||
| RUN rustup target add x86_64-unknown-linux-musl |  | ||||||
|  |  | ||||||
| # Builds your dependencies and removes the |  | ||||||
| # dummy project, except the target folder |  | ||||||
| # This folder contains the compiled dependencies |  | ||||||
| RUN cargo build --features ${DB} --release |  | ||||||
| RUN find . -not -path "./target*" -delete |  | ||||||
|  |  | ||||||
| # Copies the complete project |  | ||||||
| # To avoid copying unneeded files, use .dockerignore |  | ||||||
| COPY . . |  | ||||||
|  |  | ||||||
| # Make sure that we actually build the project |  | ||||||
| RUN touch src/main.rs |  | ||||||
|  |  | ||||||
| # Builds again, this time it'll just be |  | ||||||
| # your actual source files being built |  | ||||||
| RUN cargo build --features ${DB} --release |  | ||||||
|  |  | ||||||
| ######################## RUNTIME IMAGE  ######################## |  | ||||||
| # Create a new stage with a minimal image |  | ||||||
| # because we already have a binary built |  | ||||||
| FROM alpine:3.11 |  | ||||||
|  |  | ||||||
| ENV ROCKET_ENV "staging" |  | ||||||
| ENV ROCKET_PORT=80 |  | ||||||
| ENV ROCKET_WORKERS=10 |  | ||||||
| ENV SSL_CERT_DIR=/etc/ssl/certs |  | ||||||
|  |  | ||||||
| # Install needed libraries |  | ||||||
| RUN apk add --no-cache \ |  | ||||||
|         openssl \ |  | ||||||
|         curl \ |  | ||||||
|         mariadb-connector-c \ |  | ||||||
|         ca-certificates |  | ||||||
|  |  | ||||||
| RUN mkdir /data |  | ||||||
| VOLUME /data |  | ||||||
| EXPOSE 80 |  | ||||||
| EXPOSE 3012 |  | ||||||
|  |  | ||||||
| # Copies the files from the context (Rocket.toml file and web-vault) |  | ||||||
| # and the binary from the "build" stage to the current stage |  | ||||||
| COPY Rocket.toml . |  | ||||||
| COPY --from=vault /web-vault ./web-vault |  | ||||||
| COPY --from=build /app/target/x86_64-unknown-linux-musl/release/bitwarden_rs . |  | ||||||
|  |  | ||||||
| COPY docker/healthcheck.sh /healthcheck.sh |  | ||||||
| COPY docker/start.sh /start.sh |  | ||||||
|  |  | ||||||
| HEALTHCHECK --interval=60s --timeout=10s CMD ["/healthcheck.sh"] |  | ||||||
|  |  | ||||||
| # Configures the startup! |  | ||||||
| WORKDIR / |  | ||||||
| CMD ["/start.sh"] |  | ||||||
| @@ -1,102 +0,0 @@ | |||||||
| # This file was generated using a Jinja2 template. |  | ||||||
| # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's. |  | ||||||
|  |  | ||||||
| # Using multistage build: |  | ||||||
| # 	https://docs.docker.com/develop/develop-images/multistage-build/ |  | ||||||
| # 	https://whitfin.io/speeding-up-rust-docker-builds/ |  | ||||||
| ####################### VAULT BUILD IMAGE  ####################### |  | ||||||
|  |  | ||||||
| #  This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable. |  | ||||||
| #  It can be viewed in multiple ways: |  | ||||||
| #  - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there. |  | ||||||
| #  - From the console, with the following commands: |  | ||||||
| #      docker pull bitwardenrs/web-vault:v2.15.1 |  | ||||||
| #      docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.15.1 |  | ||||||
| # |  | ||||||
| #  - To do the opposite, and get the tag from the hash, you can do: |  | ||||||
| #      docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c |  | ||||||
| FROM bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c as vault |  | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## |  | ||||||
| # We need to use the Rust build image, because |  | ||||||
| # we need the Rust compiler and Cargo tooling |  | ||||||
| FROM rust:1.40 as build |  | ||||||
|  |  | ||||||
| # set postgresql backend |  | ||||||
| ARG DB=postgresql |  | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. |  | ||||||
| ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color |  | ||||||
|  |  | ||||||
| # Don't download rust docs |  | ||||||
| RUN rustup set profile minimal |  | ||||||
|  |  | ||||||
| # Install PostgreSQL package |  | ||||||
| RUN apt-get update && apt-get install -y \ |  | ||||||
|     --no-install-recommends \ |  | ||||||
|     libpq-dev \ |  | ||||||
|     && rm -rf /var/lib/apt/lists/* |  | ||||||
|  |  | ||||||
| # Creates a dummy project used to grab dependencies |  | ||||||
| RUN USER=root cargo new --bin /app |  | ||||||
| WORKDIR /app |  | ||||||
|  |  | ||||||
| # Copies over *only* your manifests and build files |  | ||||||
| COPY ./Cargo.* ./ |  | ||||||
| COPY ./rust-toolchain ./rust-toolchain |  | ||||||
| COPY ./build.rs ./build.rs |  | ||||||
|  |  | ||||||
| # Builds your dependencies and removes the |  | ||||||
| # dummy project, except the target folder |  | ||||||
| # This folder contains the compiled dependencies |  | ||||||
| RUN cargo build --features ${DB} --release |  | ||||||
| RUN find . -not -path "./target*" -delete |  | ||||||
|  |  | ||||||
| # Copies the complete project |  | ||||||
| # To avoid copying unneeded files, use .dockerignore |  | ||||||
| COPY . . |  | ||||||
|  |  | ||||||
| # Make sure that we actually build the project |  | ||||||
| RUN touch src/main.rs |  | ||||||
|  |  | ||||||
| # Builds again, this time it'll just be |  | ||||||
| # your actual source files being built |  | ||||||
| RUN cargo build --features ${DB} --release |  | ||||||
|  |  | ||||||
| ######################## RUNTIME IMAGE  ######################## |  | ||||||
| # Create a new stage with a minimal image |  | ||||||
| # because we already have a binary built |  | ||||||
| FROM debian:buster-slim |  | ||||||
|  |  | ||||||
| ENV ROCKET_ENV "staging" |  | ||||||
| ENV ROCKET_PORT=80 |  | ||||||
| ENV ROCKET_WORKERS=10 |  | ||||||
|  |  | ||||||
| # Install needed libraries |  | ||||||
| RUN apt-get update && apt-get install -y \ |  | ||||||
|     --no-install-recommends \ |  | ||||||
|     openssl \ |  | ||||||
|     ca-certificates \ |  | ||||||
|     curl \ |  | ||||||
|     libpq5 \ |  | ||||||
|     && rm -rf /var/lib/apt/lists/* |  | ||||||
|  |  | ||||||
| RUN mkdir /data |  | ||||||
| VOLUME /data |  | ||||||
| EXPOSE 80 |  | ||||||
| EXPOSE 3012 |  | ||||||
|  |  | ||||||
| # Copies the files from the context (Rocket.toml file and web-vault) |  | ||||||
| # and the binary from the "build" stage to the current stage |  | ||||||
| COPY Rocket.toml . |  | ||||||
| COPY --from=vault /web-vault ./web-vault |  | ||||||
| COPY --from=build app/target/release/bitwarden_rs . |  | ||||||
|  |  | ||||||
| COPY docker/healthcheck.sh /healthcheck.sh |  | ||||||
| COPY docker/start.sh /start.sh |  | ||||||
|  |  | ||||||
| HEALTHCHECK --interval=60s --timeout=10s CMD ["/healthcheck.sh"] |  | ||||||
|  |  | ||||||
| # Configures the startup! |  | ||||||
| WORKDIR / |  | ||||||
| CMD ["/start.sh"] |  | ||||||
| @@ -1,96 +0,0 @@ | |||||||
| # This file was generated using a Jinja2 template. |  | ||||||
| # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's. |  | ||||||
|  |  | ||||||
| # Using multistage build: |  | ||||||
| # 	https://docs.docker.com/develop/develop-images/multistage-build/ |  | ||||||
| # 	https://whitfin.io/speeding-up-rust-docker-builds/ |  | ||||||
| ####################### VAULT BUILD IMAGE  ####################### |  | ||||||
|  |  | ||||||
| #  This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable. |  | ||||||
| #  It can be viewed in multiple ways: |  | ||||||
| #  - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there. |  | ||||||
| #  - From the console, with the following commands: |  | ||||||
| #      docker pull bitwardenrs/web-vault:v2.15.1 |  | ||||||
| #      docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.15.1 |  | ||||||
| # |  | ||||||
| #  - To do the opposite, and get the tag from the hash, you can do: |  | ||||||
| #      docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c |  | ||||||
| FROM bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c as vault |  | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## |  | ||||||
| # We need to use the Rust build image, because |  | ||||||
| # we need the Rust compiler and Cargo tooling |  | ||||||
| FROM rust:1.40 as build |  | ||||||
|  |  | ||||||
| # set sqlite as default for DB ARG for backward compatibility |  | ||||||
| ARG DB=sqlite |  | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. |  | ||||||
| ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color |  | ||||||
|  |  | ||||||
| # Don't download rust docs |  | ||||||
| RUN rustup set profile minimal |  | ||||||
|  |  | ||||||
| # Creates a dummy project used to grab dependencies |  | ||||||
| RUN USER=root cargo new --bin /app |  | ||||||
| WORKDIR /app |  | ||||||
|  |  | ||||||
| # Copies over *only* your manifests and build files |  | ||||||
| COPY ./Cargo.* ./ |  | ||||||
| COPY ./rust-toolchain ./rust-toolchain |  | ||||||
| COPY ./build.rs ./build.rs |  | ||||||
|  |  | ||||||
| # Builds your dependencies and removes the |  | ||||||
| # dummy project, except the target folder |  | ||||||
| # This folder contains the compiled dependencies |  | ||||||
| RUN cargo build --features ${DB} --release |  | ||||||
| RUN find . -not -path "./target*" -delete |  | ||||||
|  |  | ||||||
| # Copies the complete project |  | ||||||
| # To avoid copying unneeded files, use .dockerignore |  | ||||||
| COPY . . |  | ||||||
|  |  | ||||||
| # Make sure that we actually build the project |  | ||||||
| RUN touch src/main.rs |  | ||||||
|  |  | ||||||
| # Builds again, this time it'll just be |  | ||||||
| # your actual source files being built |  | ||||||
| RUN cargo build --features ${DB} --release |  | ||||||
|  |  | ||||||
| ######################## RUNTIME IMAGE  ######################## |  | ||||||
| # Create a new stage with a minimal image |  | ||||||
| # because we already have a binary built |  | ||||||
| FROM debian:buster-slim |  | ||||||
|  |  | ||||||
| ENV ROCKET_ENV "staging" |  | ||||||
| ENV ROCKET_PORT=80 |  | ||||||
| ENV ROCKET_WORKERS=10 |  | ||||||
|  |  | ||||||
| # Install needed libraries |  | ||||||
| RUN apt-get update && apt-get install -y \ |  | ||||||
|     --no-install-recommends \ |  | ||||||
|     openssl \ |  | ||||||
|     ca-certificates \ |  | ||||||
|     curl \ |  | ||||||
|     sqlite3 \ |  | ||||||
|     && rm -rf /var/lib/apt/lists/* |  | ||||||
|  |  | ||||||
| RUN mkdir /data |  | ||||||
| VOLUME /data |  | ||||||
| EXPOSE 80 |  | ||||||
| EXPOSE 3012 |  | ||||||
|  |  | ||||||
| # Copies the files from the context (Rocket.toml file and web-vault) |  | ||||||
| # and the binary from the "build" stage to the current stage |  | ||||||
| COPY Rocket.toml . |  | ||||||
| COPY --from=vault /web-vault ./web-vault |  | ||||||
| COPY --from=build app/target/release/bitwarden_rs . |  | ||||||
|  |  | ||||||
| COPY docker/healthcheck.sh /healthcheck.sh |  | ||||||
| COPY docker/start.sh /start.sh |  | ||||||
|  |  | ||||||
| HEALTHCHECK --interval=60s --timeout=10s CMD ["/healthcheck.sh"] |  | ||||||
|  |  | ||||||
| # Configures the startup! |  | ||||||
| WORKDIR / |  | ||||||
| CMD ["/start.sh"] |  | ||||||
| @@ -1,99 +0,0 @@ | |||||||
| # This file was generated using a Jinja2 template. |  | ||||||
| # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's. |  | ||||||
|  |  | ||||||
| # Using multistage build: |  | ||||||
| # 	https://docs.docker.com/develop/develop-images/multistage-build/ |  | ||||||
| # 	https://whitfin.io/speeding-up-rust-docker-builds/ |  | ||||||
| ####################### VAULT BUILD IMAGE  ####################### |  | ||||||
|  |  | ||||||
| #  This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable. |  | ||||||
| #  It can be viewed in multiple ways: |  | ||||||
| #  - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there. |  | ||||||
| #  - From the console, with the following commands: |  | ||||||
| #      docker pull bitwardenrs/web-vault:v2.15.1 |  | ||||||
| #      docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.15.1 |  | ||||||
| # |  | ||||||
| #  - To do the opposite, and get the tag from the hash, you can do: |  | ||||||
| #      docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c |  | ||||||
| FROM bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c as vault |  | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## |  | ||||||
| # Musl build image for statically compiled binary |  | ||||||
| FROM clux/muslrust:nightly-2020-03-09 as build |  | ||||||
|  |  | ||||||
| # set sqlite as default for DB ARG for backward compatibility |  | ||||||
| ARG DB=sqlite |  | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. |  | ||||||
| ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color |  | ||||||
|  |  | ||||||
| # Don't download rust docs |  | ||||||
| RUN rustup set profile minimal |  | ||||||
|  |  | ||||||
| ENV USER "root" |  | ||||||
| ENV RUSTFLAGS='-C link-arg=-s' |  | ||||||
|  |  | ||||||
| # Creates a dummy project used to grab dependencies |  | ||||||
| RUN USER=root cargo new --bin /app |  | ||||||
| WORKDIR /app |  | ||||||
|  |  | ||||||
| # Copies over *only* your manifests and build files |  | ||||||
| COPY ./Cargo.* ./ |  | ||||||
| COPY ./rust-toolchain ./rust-toolchain |  | ||||||
| COPY ./build.rs ./build.rs |  | ||||||
|  |  | ||||||
| RUN rustup target add x86_64-unknown-linux-musl |  | ||||||
|  |  | ||||||
| # Builds your dependencies and removes the |  | ||||||
| # dummy project, except the target folder |  | ||||||
| # This folder contains the compiled dependencies |  | ||||||
| RUN cargo build --features ${DB} --release |  | ||||||
| RUN find . -not -path "./target*" -delete |  | ||||||
|  |  | ||||||
| # Copies the complete project |  | ||||||
| # To avoid copying unneeded files, use .dockerignore |  | ||||||
| COPY . . |  | ||||||
|  |  | ||||||
| # Make sure that we actually build the project |  | ||||||
| RUN touch src/main.rs |  | ||||||
|  |  | ||||||
| # Builds again, this time it'll just be |  | ||||||
| # your actual source files being built |  | ||||||
| RUN cargo build --features ${DB} --release |  | ||||||
|  |  | ||||||
| ######################## RUNTIME IMAGE  ######################## |  | ||||||
| # Create a new stage with a minimal image |  | ||||||
| # because we already have a binary built |  | ||||||
| FROM alpine:3.11 |  | ||||||
|  |  | ||||||
| ENV ROCKET_ENV "staging" |  | ||||||
| ENV ROCKET_PORT=80 |  | ||||||
| ENV ROCKET_WORKERS=10 |  | ||||||
| ENV SSL_CERT_DIR=/etc/ssl/certs |  | ||||||
|  |  | ||||||
| # Install needed libraries |  | ||||||
| RUN apk add --no-cache \ |  | ||||||
|         openssl \ |  | ||||||
|         curl \ |  | ||||||
|         sqlite \ |  | ||||||
|         ca-certificates |  | ||||||
|  |  | ||||||
| RUN mkdir /data |  | ||||||
| VOLUME /data |  | ||||||
| EXPOSE 80 |  | ||||||
| EXPOSE 3012 |  | ||||||
|  |  | ||||||
| # Copies the files from the context (Rocket.toml file and web-vault) |  | ||||||
| # and the binary from the "build" stage to the current stage |  | ||||||
| COPY Rocket.toml . |  | ||||||
| COPY --from=vault /web-vault ./web-vault |  | ||||||
| COPY --from=build /app/target/x86_64-unknown-linux-musl/release/bitwarden_rs . |  | ||||||
|  |  | ||||||
| COPY docker/healthcheck.sh /healthcheck.sh |  | ||||||
| COPY docker/start.sh /start.sh |  | ||||||
|  |  | ||||||
| HEALTHCHECK --interval=60s --timeout=10s CMD ["/healthcheck.sh"] |  | ||||||
|  |  | ||||||
| # Configures the startup! |  | ||||||
| WORKDIR / |  | ||||||
| CMD ["/start.sh"] |  | ||||||
| @@ -18,11 +18,9 @@ | |||||||
| FROM bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c as vault | FROM bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c as vault | ||||||
| 
 | 
 | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| # We need to use the Rust build image, because | FROM rust:1.45 as build | ||||||
| # we need the Rust compiler and Cargo tooling |  | ||||||
| FROM rust:1.40 as build |  | ||||||
| 
 | 
 | ||||||
| # set sqlite as default for DB ARG for backward compatibility | # ARM only supports SQLite for now | ||||||
| ARG DB=sqlite | ARG DB=sqlite | ||||||
| 
 | 
 | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| @@ -1,134 +0,0 @@ | |||||||
| # This file was generated using a Jinja2 template. |  | ||||||
| # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's. |  | ||||||
|  |  | ||||||
| # Using multistage build: |  | ||||||
| # 	https://docs.docker.com/develop/develop-images/multistage-build/ |  | ||||||
| # 	https://whitfin.io/speeding-up-rust-docker-builds/ |  | ||||||
| ####################### VAULT BUILD IMAGE  ####################### |  | ||||||
|  |  | ||||||
| #  This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable. |  | ||||||
| #  It can be viewed in multiple ways: |  | ||||||
| #  - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there. |  | ||||||
| #  - From the console, with the following commands: |  | ||||||
| #      docker pull bitwardenrs/web-vault:v2.15.1 |  | ||||||
| #      docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.15.1 |  | ||||||
| # |  | ||||||
| #  - To do the opposite, and get the tag from the hash, you can do: |  | ||||||
| #      docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c |  | ||||||
| FROM bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c as vault |  | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## |  | ||||||
| # We need to use the Rust build image, because |  | ||||||
| # we need the Rust compiler and Cargo tooling |  | ||||||
| FROM rust:1.40 as build |  | ||||||
|  |  | ||||||
| # set mysql backend |  | ||||||
| ARG DB=mysql |  | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. |  | ||||||
| ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color |  | ||||||
|  |  | ||||||
| # Don't download rust docs |  | ||||||
| RUN rustup set profile minimal |  | ||||||
|  |  | ||||||
| # Install required build libs for armel architecture. |  | ||||||
| RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \ |  | ||||||
|         /etc/apt/sources.list.d/deb-src.list \ |  | ||||||
|     && dpkg --add-architecture armel \ |  | ||||||
|     && apt-get update \ |  | ||||||
|     && apt-get install -y \ |  | ||||||
|         --no-install-recommends \ |  | ||||||
|         libssl-dev:armel \ |  | ||||||
|         libc6-dev:armel |  | ||||||
|  |  | ||||||
| RUN apt-get update \ |  | ||||||
|     && apt-get install -y \ |  | ||||||
|         --no-install-recommends \ |  | ||||||
|         gcc-arm-linux-gnueabi \ |  | ||||||
|     && mkdir -p ~/.cargo \ |  | ||||||
|     && echo '[target.arm-unknown-linux-gnueabi]' >> ~/.cargo/config \ |  | ||||||
|     && echo 'linker = "arm-linux-gnueabi-gcc"' >> ~/.cargo/config |  | ||||||
|  |  | ||||||
| ENV CARGO_HOME "/root/.cargo" |  | ||||||
| ENV USER "root" |  | ||||||
|  |  | ||||||
| # Install MySQL package |  | ||||||
| RUN apt-get update && apt-get install -y \ |  | ||||||
|     --no-install-recommends \ |  | ||||||
|     libmariadb-dev:armel \ |  | ||||||
|     && rm -rf /var/lib/apt/lists/* |  | ||||||
|  |  | ||||||
| # Creates a dummy project used to grab dependencies |  | ||||||
| RUN USER=root cargo new --bin /app |  | ||||||
| WORKDIR /app |  | ||||||
|  |  | ||||||
| # Copies over *only* your manifests and build files |  | ||||||
| COPY ./Cargo.* ./ |  | ||||||
| COPY ./rust-toolchain ./rust-toolchain |  | ||||||
| COPY ./build.rs ./build.rs |  | ||||||
|  |  | ||||||
| ENV CC_arm_unknown_linux_gnueabi="/usr/bin/arm-linux-gnueabi-gcc" |  | ||||||
| ENV CROSS_COMPILE="1" |  | ||||||
| ENV OPENSSL_INCLUDE_DIR="/usr/include/arm-linux-gnueabi" |  | ||||||
| ENV OPENSSL_LIB_DIR="/usr/lib/arm-linux-gnueabi" |  | ||||||
| RUN rustup target add arm-unknown-linux-gnueabi |  | ||||||
|  |  | ||||||
| # Builds your dependencies and removes the |  | ||||||
| # dummy project, except the target folder |  | ||||||
| # This folder contains the compiled dependencies |  | ||||||
| RUN cargo build --features ${DB} --release |  | ||||||
| RUN find . -not -path "./target*" -delete |  | ||||||
|  |  | ||||||
| # Copies the complete project |  | ||||||
| # To avoid copying unneeded files, use .dockerignore |  | ||||||
| COPY . . |  | ||||||
|  |  | ||||||
| # Make sure that we actually build the project |  | ||||||
| RUN touch src/main.rs |  | ||||||
|  |  | ||||||
| # Builds again, this time it'll just be |  | ||||||
| # your actual source files being built |  | ||||||
| RUN cargo build --features ${DB} --release --target=arm-unknown-linux-gnueabi |  | ||||||
|  |  | ||||||
| ######################## RUNTIME IMAGE  ######################## |  | ||||||
| # Create a new stage with a minimal image |  | ||||||
| # because we already have a binary built |  | ||||||
| FROM balenalib/rpi-debian:buster |  | ||||||
|  |  | ||||||
| ENV ROCKET_ENV "staging" |  | ||||||
| ENV ROCKET_PORT=80 |  | ||||||
| ENV ROCKET_WORKERS=10 |  | ||||||
|  |  | ||||||
| RUN [ "cross-build-start" ] |  | ||||||
|  |  | ||||||
| # Install needed libraries |  | ||||||
| RUN apt-get update && apt-get install -y \ |  | ||||||
|     --no-install-recommends \ |  | ||||||
|     openssl \ |  | ||||||
|     ca-certificates \ |  | ||||||
|     curl \ |  | ||||||
|     libmariadbclient-dev \ |  | ||||||
|     && rm -rf /var/lib/apt/lists/* |  | ||||||
|  |  | ||||||
| RUN mkdir /data |  | ||||||
|  |  | ||||||
| RUN [ "cross-build-end" ] |  | ||||||
|  |  | ||||||
| VOLUME /data |  | ||||||
| EXPOSE 80 |  | ||||||
| EXPOSE 3012 |  | ||||||
|  |  | ||||||
| # Copies the files from the context (Rocket.toml file and web-vault) |  | ||||||
| # and the binary from the "build" stage to the current stage |  | ||||||
| COPY Rocket.toml . |  | ||||||
| COPY --from=vault /web-vault ./web-vault |  | ||||||
| COPY --from=build /app/target/arm-unknown-linux-gnueabi/release/bitwarden_rs . |  | ||||||
|  |  | ||||||
| COPY docker/healthcheck.sh /healthcheck.sh |  | ||||||
| COPY docker/start.sh /start.sh |  | ||||||
|  |  | ||||||
| HEALTHCHECK --interval=60s --timeout=10s CMD ["/healthcheck.sh"] |  | ||||||
|  |  | ||||||
| # Configures the startup! |  | ||||||
| WORKDIR / |  | ||||||
| CMD ["/start.sh"] |  | ||||||
| @@ -18,11 +18,9 @@ | |||||||
| FROM bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c as vault | FROM bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c as vault | ||||||
| 
 | 
 | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| # We need to use the Rust build image, because | FROM rust:1.45 as build | ||||||
| # we need the Rust compiler and Cargo tooling |  | ||||||
| FROM rust:1.40 as build |  | ||||||
| 
 | 
 | ||||||
| # set sqlite as default for DB ARG for backward compatibility | # ARM only supports SQLite for now | ||||||
| ARG DB=sqlite | ARG DB=sqlite | ||||||
| 
 | 
 | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| @@ -66,6 +64,7 @@ ENV CROSS_COMPILE="1" | |||||||
| ENV OPENSSL_INCLUDE_DIR="/usr/include/arm-linux-gnueabihf" | ENV OPENSSL_INCLUDE_DIR="/usr/include/arm-linux-gnueabihf" | ||||||
| ENV OPENSSL_LIB_DIR="/usr/lib/arm-linux-gnueabihf" | ENV OPENSSL_LIB_DIR="/usr/lib/arm-linux-gnueabihf" | ||||||
| RUN rustup target add armv7-unknown-linux-gnueabihf | RUN rustup target add armv7-unknown-linux-gnueabihf | ||||||
|  | 
 | ||||||
| # Builds your dependencies and removes the | # Builds your dependencies and removes the | ||||||
| # dummy project, except the target folder | # dummy project, except the target folder | ||||||
| # This folder contains the compiled dependencies | # This folder contains the compiled dependencies | ||||||
| @@ -1,133 +0,0 @@ | |||||||
| # This file was generated using a Jinja2 template. |  | ||||||
| # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's. |  | ||||||
|  |  | ||||||
| # Using multistage build: |  | ||||||
| # 	https://docs.docker.com/develop/develop-images/multistage-build/ |  | ||||||
| # 	https://whitfin.io/speeding-up-rust-docker-builds/ |  | ||||||
| ####################### VAULT BUILD IMAGE  ####################### |  | ||||||
|  |  | ||||||
| #  This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable. |  | ||||||
| #  It can be viewed in multiple ways: |  | ||||||
| #  - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there. |  | ||||||
| #  - From the console, with the following commands: |  | ||||||
| #      docker pull bitwardenrs/web-vault:v2.15.1 |  | ||||||
| #      docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.15.1 |  | ||||||
| # |  | ||||||
| #  - To do the opposite, and get the tag from the hash, you can do: |  | ||||||
| #      docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c |  | ||||||
| FROM bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c as vault |  | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## |  | ||||||
| # We need to use the Rust build image, because |  | ||||||
| # we need the Rust compiler and Cargo tooling |  | ||||||
| FROM rust:1.40 as build |  | ||||||
|  |  | ||||||
| # set mysql backend |  | ||||||
| ARG DB=mysql |  | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. |  | ||||||
| ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color |  | ||||||
|  |  | ||||||
| # Don't download rust docs |  | ||||||
| RUN rustup set profile minimal |  | ||||||
|  |  | ||||||
| # Install required build libs for armhf architecture. |  | ||||||
| RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \ |  | ||||||
|         /etc/apt/sources.list.d/deb-src.list \ |  | ||||||
|     && dpkg --add-architecture armhf \ |  | ||||||
|     && apt-get update \ |  | ||||||
|     && apt-get install -y \ |  | ||||||
|         --no-install-recommends \ |  | ||||||
|         libssl-dev:armhf \ |  | ||||||
|         libc6-dev:armhf |  | ||||||
|  |  | ||||||
| RUN apt-get update \ |  | ||||||
|     && apt-get install -y \ |  | ||||||
|         --no-install-recommends \ |  | ||||||
|         gcc-arm-linux-gnueabihf \ |  | ||||||
|     && mkdir -p ~/.cargo \ |  | ||||||
|     && echo '[target.armv7-unknown-linux-gnueabihf]' >> ~/.cargo/config \ |  | ||||||
|     && echo 'linker = "arm-linux-gnueabihf-gcc"' >> ~/.cargo/config |  | ||||||
|  |  | ||||||
| ENV CARGO_HOME "/root/.cargo" |  | ||||||
| ENV USER "root" |  | ||||||
|  |  | ||||||
| # Install MySQL package |  | ||||||
| RUN apt-get update && apt-get install -y \ |  | ||||||
|     --no-install-recommends \ |  | ||||||
|     libmariadb-dev:armhf \ |  | ||||||
|     && rm -rf /var/lib/apt/lists/* |  | ||||||
|  |  | ||||||
| # Creates a dummy project used to grab dependencies |  | ||||||
| RUN USER=root cargo new --bin /app |  | ||||||
| WORKDIR /app |  | ||||||
|  |  | ||||||
| # Copies over *only* your manifests and build files |  | ||||||
| COPY ./Cargo.* ./ |  | ||||||
| COPY ./rust-toolchain ./rust-toolchain |  | ||||||
| COPY ./build.rs ./build.rs |  | ||||||
|  |  | ||||||
| ENV CC_armv7_unknown_linux_gnueabihf="/usr/bin/arm-linux-gnueabihf-gcc" |  | ||||||
| ENV CROSS_COMPILE="1" |  | ||||||
| ENV OPENSSL_INCLUDE_DIR="/usr/include/arm-linux-gnueabihf" |  | ||||||
| ENV OPENSSL_LIB_DIR="/usr/lib/arm-linux-gnueabihf" |  | ||||||
| RUN rustup target add armv7-unknown-linux-gnueabihf |  | ||||||
| # Builds your dependencies and removes the |  | ||||||
| # dummy project, except the target folder |  | ||||||
| # This folder contains the compiled dependencies |  | ||||||
| RUN cargo build --features ${DB} --release |  | ||||||
| RUN find . -not -path "./target*" -delete |  | ||||||
|  |  | ||||||
| # Copies the complete project |  | ||||||
| # To avoid copying unneeded files, use .dockerignore |  | ||||||
| COPY . . |  | ||||||
|  |  | ||||||
| # Make sure that we actually build the project |  | ||||||
| RUN touch src/main.rs |  | ||||||
|  |  | ||||||
| # Builds again, this time it'll just be |  | ||||||
| # your actual source files being built |  | ||||||
| RUN cargo build --features ${DB} --release --target=armv7-unknown-linux-gnueabihf |  | ||||||
|  |  | ||||||
| ######################## RUNTIME IMAGE  ######################## |  | ||||||
| # Create a new stage with a minimal image |  | ||||||
| # because we already have a binary built |  | ||||||
| FROM balenalib/armv7hf-debian:buster |  | ||||||
|  |  | ||||||
| ENV ROCKET_ENV "staging" |  | ||||||
| ENV ROCKET_PORT=80 |  | ||||||
| ENV ROCKET_WORKERS=10 |  | ||||||
|  |  | ||||||
| RUN [ "cross-build-start" ] |  | ||||||
|  |  | ||||||
| # Install needed libraries |  | ||||||
| RUN apt-get update && apt-get install -y \ |  | ||||||
|     --no-install-recommends \ |  | ||||||
|     openssl \ |  | ||||||
|     ca-certificates \ |  | ||||||
|     curl \ |  | ||||||
|     libmariadbclient-dev \ |  | ||||||
|     && rm -rf /var/lib/apt/lists/* |  | ||||||
|  |  | ||||||
| RUN mkdir /data |  | ||||||
|  |  | ||||||
| RUN [ "cross-build-end" ] |  | ||||||
|  |  | ||||||
| VOLUME /data |  | ||||||
| EXPOSE 80 |  | ||||||
| EXPOSE 3012 |  | ||||||
|  |  | ||||||
| # Copies the files from the context (Rocket.toml file and web-vault) |  | ||||||
| # and the binary from the "build" stage to the current stage |  | ||||||
| COPY Rocket.toml . |  | ||||||
| COPY --from=vault /web-vault ./web-vault |  | ||||||
| COPY --from=build /app/target/armv7-unknown-linux-gnueabihf/release/bitwarden_rs . |  | ||||||
|  |  | ||||||
| COPY docker/healthcheck.sh /healthcheck.sh |  | ||||||
| COPY docker/start.sh /start.sh |  | ||||||
|  |  | ||||||
| HEALTHCHECK --interval=60s --timeout=10s CMD ["/healthcheck.sh"] |  | ||||||
|  |  | ||||||
| # Configures the startup! |  | ||||||
| WORKDIR / |  | ||||||
| CMD ["/start.sh"] |  | ||||||
| @@ -18,11 +18,9 @@ | |||||||
| FROM bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c as vault | FROM bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c as vault | ||||||
| 
 | 
 | ||||||
| ########################## BUILD IMAGE  ########################## | ########################## BUILD IMAGE  ########################## | ||||||
| # We need to use the Rust build image, because | FROM rust:1.45 as build | ||||||
| # we need the Rust compiler and Cargo tooling |  | ||||||
| FROM rust:1.40 as build |  | ||||||
| 
 | 
 | ||||||
| # set sqlite as default for DB ARG for backward compatibility | # ARM only supports SQLite for now | ||||||
| ARG DB=sqlite | ARG DB=sqlite | ||||||
| 
 | 
 | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. | # Build time options to avoid dpkg warnings and help with reproducible builds. | ||||||
| @@ -1,134 +0,0 @@ | |||||||
| # This file was generated using a Jinja2 template. |  | ||||||
| # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's. |  | ||||||
|  |  | ||||||
| # Using multistage build: |  | ||||||
| # 	https://docs.docker.com/develop/develop-images/multistage-build/ |  | ||||||
| # 	https://whitfin.io/speeding-up-rust-docker-builds/ |  | ||||||
| ####################### VAULT BUILD IMAGE  ####################### |  | ||||||
|  |  | ||||||
| #  This hash is extracted from the docker web-vault builds and it's prefered over a simple tag because it's immutable. |  | ||||||
| #  It can be viewed in multiple ways: |  | ||||||
| #  - From the https://hub.docker.com/repository/docker/bitwardenrs/web-vault/tags page, click the tag name and the digest should be there. |  | ||||||
| #  - From the console, with the following commands: |  | ||||||
| #      docker pull bitwardenrs/web-vault:v2.15.1 |  | ||||||
| #      docker image inspect --format "{{.RepoDigests}}" bitwardenrs/web-vault:v2.15.1 |  | ||||||
| # |  | ||||||
| #  - To do the opposite, and get the tag from the hash, you can do: |  | ||||||
| #      docker image inspect --format "{{.RepoTags}}" bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c |  | ||||||
| FROM bitwardenrs/web-vault@sha256:afba1e3bded09dc0a6a0dbacb3363ac33b6f122b4b26d3682cafb9115bdf785c as vault |  | ||||||
|  |  | ||||||
| ########################## BUILD IMAGE  ########################## |  | ||||||
| # We need to use the Rust build image, because |  | ||||||
| # we need the Rust compiler and Cargo tooling |  | ||||||
| FROM rust:1.40 as build |  | ||||||
|  |  | ||||||
| # set mysql backend |  | ||||||
| ARG DB=mysql |  | ||||||
|  |  | ||||||
| # Build time options to avoid dpkg warnings and help with reproducible builds. |  | ||||||
| ENV DEBIAN_FRONTEND=noninteractive LANG=C.UTF-8 TZ=UTC TERM=xterm-256color |  | ||||||
|  |  | ||||||
| # Don't download rust docs |  | ||||||
| RUN rustup set profile minimal |  | ||||||
|  |  | ||||||
| # Install required build libs for arm64 architecture. |  | ||||||
| RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \ |  | ||||||
|         /etc/apt/sources.list.d/deb-src.list \ |  | ||||||
|     && dpkg --add-architecture arm64 \ |  | ||||||
|     && apt-get update \ |  | ||||||
|     && apt-get install -y \ |  | ||||||
|         --no-install-recommends \ |  | ||||||
|         libssl-dev:arm64 \ |  | ||||||
|         libc6-dev:arm64 |  | ||||||
|  |  | ||||||
| RUN apt-get update \ |  | ||||||
|     && apt-get install -y \ |  | ||||||
|         --no-install-recommends \ |  | ||||||
|         gcc-aarch64-linux-gnu \ |  | ||||||
|     && mkdir -p ~/.cargo \ |  | ||||||
|     && echo '[target.aarch64-unknown-linux-gnu]' >> ~/.cargo/config \ |  | ||||||
|     && echo 'linker = "aarch64-linux-gnu-gcc"' >> ~/.cargo/config |  | ||||||
|  |  | ||||||
| ENV CARGO_HOME "/root/.cargo" |  | ||||||
| ENV USER "root" |  | ||||||
|  |  | ||||||
| # Install MySQL package |  | ||||||
| RUN apt-get update && apt-get install -y \ |  | ||||||
|     --no-install-recommends \ |  | ||||||
|     libmariadb-dev:arm64 \ |  | ||||||
|     && rm -rf /var/lib/apt/lists/* |  | ||||||
|  |  | ||||||
| # Creates a dummy project used to grab dependencies |  | ||||||
| RUN USER=root cargo new --bin /app |  | ||||||
| WORKDIR /app |  | ||||||
|  |  | ||||||
| # Copies over *only* your manifests and build files |  | ||||||
| COPY ./Cargo.* ./ |  | ||||||
| COPY ./rust-toolchain ./rust-toolchain |  | ||||||
| COPY ./build.rs ./build.rs |  | ||||||
|  |  | ||||||
| ENV CC_aarch64_unknown_linux_gnu="/usr/bin/aarch64-linux-gnu-gcc" |  | ||||||
| ENV CROSS_COMPILE="1" |  | ||||||
| ENV OPENSSL_INCLUDE_DIR="/usr/include/aarch64-linux-gnu" |  | ||||||
| ENV OPENSSL_LIB_DIR="/usr/lib/aarch64-linux-gnu" |  | ||||||
| RUN rustup target add aarch64-unknown-linux-gnu |  | ||||||
|  |  | ||||||
| # Builds your dependencies and removes the |  | ||||||
| # dummy project, except the target folder |  | ||||||
| # This folder contains the compiled dependencies |  | ||||||
| RUN cargo build --features ${DB} --release |  | ||||||
| RUN find . -not -path "./target*" -delete |  | ||||||
|  |  | ||||||
| # Copies the complete project |  | ||||||
| # To avoid copying unneeded files, use .dockerignore |  | ||||||
| COPY . . |  | ||||||
|  |  | ||||||
| # Make sure that we actually build the project |  | ||||||
| RUN touch src/main.rs |  | ||||||
|  |  | ||||||
| # Builds again, this time it'll just be |  | ||||||
| # your actual source files being built |  | ||||||
| RUN cargo build --features ${DB} --release --target=aarch64-unknown-linux-gnu |  | ||||||
|  |  | ||||||
| ######################## RUNTIME IMAGE  ######################## |  | ||||||
| # Create a new stage with a minimal image |  | ||||||
| # because we already have a binary built |  | ||||||
| FROM balenalib/aarch64-debian:buster |  | ||||||
|  |  | ||||||
| ENV ROCKET_ENV "staging" |  | ||||||
| ENV ROCKET_PORT=80 |  | ||||||
| ENV ROCKET_WORKERS=10 |  | ||||||
|  |  | ||||||
| RUN [ "cross-build-start" ] |  | ||||||
|  |  | ||||||
| # Install needed libraries |  | ||||||
| RUN apt-get update && apt-get install -y \ |  | ||||||
|     --no-install-recommends \ |  | ||||||
|     openssl \ |  | ||||||
|     ca-certificates \ |  | ||||||
|     curl \ |  | ||||||
|     libmariadbclient-dev \ |  | ||||||
|     && rm -rf /var/lib/apt/lists/* |  | ||||||
|  |  | ||||||
| RUN mkdir /data |  | ||||||
|  |  | ||||||
| RUN [ "cross-build-end" ] |  | ||||||
|  |  | ||||||
| VOLUME /data |  | ||||||
| EXPOSE 80 |  | ||||||
| EXPOSE 3012 |  | ||||||
|  |  | ||||||
| # Copies the files from the context (Rocket.toml file and web-vault) |  | ||||||
| # and the binary from the "build" stage to the current stage |  | ||||||
| COPY Rocket.toml . |  | ||||||
| COPY --from=vault /web-vault ./web-vault |  | ||||||
| COPY --from=build /app/target/aarch64-unknown-linux-gnu/release/bitwarden_rs . |  | ||||||
|  |  | ||||||
| COPY docker/healthcheck.sh /healthcheck.sh |  | ||||||
| COPY docker/start.sh /start.sh |  | ||||||
|  |  | ||||||
| HEALTHCHECK --interval=60s --timeout=10s CMD ["/healthcheck.sh"] |  | ||||||
|  |  | ||||||
| # Configures the startup! |  | ||||||
| WORKDIR / |  | ||||||
| CMD ["/start.sh"] |  | ||||||
| @@ -11,16 +11,11 @@ arches=( | |||||||
|  |  | ||||||
| case "${DOCKER_REPO}" in | case "${DOCKER_REPO}" in | ||||||
|     *-mysql) |     *-mysql) | ||||||
|         db=mysql |  | ||||||
|         arches=(amd64) |         arches=(amd64) | ||||||
|         ;; |         ;; | ||||||
|     *-postgresql) |     *-postgresql) | ||||||
|         db=postgresql |  | ||||||
|         arches=(amd64) |         arches=(amd64) | ||||||
|         ;; |         ;; | ||||||
|     *) |  | ||||||
|         db=sqlite |  | ||||||
|         ;; |  | ||||||
| esac | esac | ||||||
|  |  | ||||||
| if [[ "${DOCKER_TAG}" == *alpine ]]; then | if [[ "${DOCKER_TAG}" == *alpine ]]; then | ||||||
|   | |||||||
| @@ -9,6 +9,6 @@ set -ex | |||||||
| for arch in "${arches[@]}"; do | for arch in "${arches[@]}"; do | ||||||
|     docker build \ |     docker build \ | ||||||
|            -t "${DOCKER_REPO}:${DOCKER_TAG}-${arch}" \ |            -t "${DOCKER_REPO}:${DOCKER_TAG}-${arch}" \ | ||||||
|            -f docker/${arch}/${db}/Dockerfile${os_suffix} \ |            -f docker/${arch}/Dockerfile${os_suffix} \ | ||||||
|            . |            . | ||||||
| done | done | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user