saret/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2025-11-04 04:08:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

Revert setcap, update rust and crates

Browse Source 
- Revert #3170 as discussed in #3387
  In hindsight it's better to not have this feature
- Update Dockerfile.j2 for easy version changes.
  Just change it in one place instead of multiple
- Updated to Rust to latest patched version
- Updated crates to latest available
- Pinned mimalloc to an older version, as it breaks on musl builds
This commit is contained in:
BlackDex
2023-03-31 13:43:33 +02:00
parent 525e6bb65a
commit fc43608eec
21 changed files with 149 additions and 261 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
docker/armv6/Dockerfile.buildkit
View File

@@ -2,7 +2,6 @@
# This file was generated using a Jinja2 template.
# Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles.
# Using multistage build:
# https://docs.docker.com/develop/develop-images/multistage-build/
# https://whitfin.io/speeding-up-rust-docker-builds/
@@ -27,7 +26,7 @@
FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault
########################## BUILD IMAGE ##########################
FROM rust:1.68.1-bullseye as build
FROM rust:1.68.2-bullseye as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
@@ -48,7 +47,6 @@ RUN dpkg --add-architecture armel \
--no-install-recommends \
gcc-arm-linux-gnueabi \
libc6-dev:armel \
libcap2-bin \
libmariadb-dev:armel \
libmariadb-dev-compat:armel \
libmariadb3:armel \
@@ -98,12 +96,6 @@ RUN touch src/main.rs
# your actual source files being built
RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry cargo build --features ${DB} --release --target=arm-unknown-linux-gnueabi
# Add the `cap_net_bind_service` capability to allow listening on
# privileged (< 1024) ports even when running as a non-root user.
# This is only done if building with BuildKit; with the legacy
# builder, the `COPY` instruction doesn't carry over capabilities.
RUN setcap cap_net_bind_service=+ep target/arm-unknown-linux-gnueabi/release/vaultwarden
######################## RUNTIME IMAGE ########################
# Create a new stage with a minimal image
# because we already have a binary built