Docker #6
6
.dockerignore
Normal file
6
.dockerignore
Normal file
@ -0,0 +1,6 @@
|
||||
cache
|
||||
compose.yaml
|
||||
*.json
|
||||
LICENSE
|
||||
*.md
|
||||
services
|
1
.gitignore
vendored
1
.gitignore
vendored
@ -1,4 +1,5 @@
|
||||
**/cache
|
||||
**/compose.yaml
|
||||
**/config.json
|
||||
**/skunkyart
|
||||
**/skunkyart-*
|
||||
|
23
Dockerfile
Normal file
23
Dockerfile
Normal file
@ -0,0 +1,23 @@
|
||||
ARG GO_VERSION=1.18
|
||||
|
||||
FROM --platform=$BUILDPLATFORM golang:${GO_VERSION} AS build
|
||||
ARG TARGETOS
|
||||
ARG TARGETARCH
|
||||
|
||||
WORKDIR /build
|
||||
COPY . .
|
||||
RUN CGO_ENABLED=0 GOARCH=${TARGETARCH} GOOS=${TARGETOS} go build -ldflags "-s -w -extldflags '-static'" && \
|
||||
echo "skunkyart:x:10000:10000:SkunkyArt user:/:/sbin/nologin" > /etc/minimal-passwd && \
|
||||
echo "skunkyart:x:10000:" > /etc/minimal-group
|
||||
|
||||
FROM scratch
|
||||
|
||||
COPY --from=build /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
|
||||
COPY --from=build /build/static /static
|
||||
COPY --from=build /build/skunkyart /skunkyart
|
||||
COPY --from=build /etc/minimal-passwd /etc/passwd
|
||||
COPY --from=build /etc/minimal-group /etc/group
|
||||
|
||||
USER skunkyart
|
||||
|
||||
ENTRYPOINT ["/skunkyart"]
|
12
compose.example.yaml
Normal file
12
compose.example.yaml
Normal file
@ -0,0 +1,12 @@
|
||||
services:
|
||||
skunkyart:
|
||||
container_name: skunkyart
|
||||
restart: unless-stopped
|
||||
build: .
|
||||
ports:
|
||||
- "127.0.0.1:3003:3003"
|
||||
security_opt:
|
||||
- no-new-privileges:true
|
||||
volumes:
|
||||
- ./config.json:/config.json:ro
|
||||
- ./cache:/cache # Ensure cache folder has a 10000:10000 ownership.
|
Loading…
Reference in New Issue
Block a user