-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
40 lines (32 loc) · 1.24 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
# minimal OS for minimal attack surface and easy to use TLS and timezones
FROM alpine:latest
# run all installs and filesystem adds as root
USER root
# install OS dependencies
# add non-root group and user account called "go"
RUN apk add --no-cache ca-certificates bash \
&& mkdir -p /exp/docs \
&& mkdir -p /exp/templates \
# alpine way https://stackoverflow.com/questions/49955097/how-do-i-add-a-user-when-im-using-alpine-as-a-base-image
&& addgroup -S go && adduser -S go -G go
# debian/ubuntu way
#&& groupadd -r go && useradd --no-log-init -r -g go go
# extras for main binary
ADD swagger.json /exp/docs/swagger.json
ADD master/redoc.html /exp/docs/redoc.html
ADD master/swagger.html /exp/docs/swagger.html
ADD master/templates/install.sh /exp/templates/install.sh
# frontend dir to be served by main binary
ADD aimpanel-master-frontend /exp/frontend
# slave binary as a main or backup source of update and deployment of new hosts
ADD aimpanel-slave /exp/slave
# add main binary
ADD aimpanel-master /exp/master
# set proper permissions for binary and extras
RUN chmod +x /exp/master \
&& chown -R go:root /exp
# list files added to container as debug
RUN ls -alh /exp/
# run main binary as non-root in production
USER go
ENTRYPOINT ["/exp/master"]