forked from meeb/ipnetdb-service
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
100 lines (87 loc) · 2.98 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
FROM openresty/openresty:1.21.4.1-6-bullseye
ARG ARCH="amd64"
ARG S6_VERSION="2.2.0.3"
ENV DEBIAN_FRONTEND="noninteractive" \
HOME="/root" \
LANGUAGE="en_US.UTF-8" \
LANG="en_US.UTF-8" \
LC_ALL="en_US.UTF-8" \
TERM="xterm" \
S6_EXPECTED_SHA256="a7076cf205b331e9f8479bbb09d9df77dbb5cd8f7d12e9b74920902e0c16dd98" \
S6_DOWNLOAD="https://github.com/just-containers/s6-overlay/releases/download/v${S6_VERSION}/s6-overlay-${ARCH}.tar.gz"
# Install third party software
RUN set -x && \
apt-get update && \
apt-get -y --no-install-recommends install locales && \
echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && \
locale-gen en_US.UTF-8 && \
# Install required distro packages
apt-get -y --no-install-recommends install curl ca-certificates binutils && \
# Install s6
curl -L ${S6_DOWNLOAD} --output /tmp/s6-overlay-${ARCH}.tar.gz && \
sha256sum /tmp/s6-overlay-${ARCH}.tar.gz && \
echo "${S6_EXPECTED_SHA256} /tmp/s6-overlay-${ARCH}.tar.gz" | sha256sum -c - && \
tar xzf /tmp/s6-overlay-${ARCH}.tar.gz -C / && \
# Clean up
rm -rf /tmp/s6-overlay-${ARCH}.tar.gz && \
apt-get -y autoremove --purge curl binutils
# Copy app
COPY app /app
# Add Pipfile
COPY Pipfile /app/Pipfile
COPY Pipfile.lock /app/Pipfile.lock
# Switch workdir to the the app
WORKDIR /app
# Set up the app
RUN set -x && \
apt-get update && \
# Install required distro packages
apt-get -y --no-install-recommends install \
cron \
anacron \
python3 \
python3-setuptools \
python3-pip \
openresty-opm \
libmaxminddb-dev && \
# Install pipenv
pip3 --disable-pip-version-check install pipenv && \
# Create a 'app' user which the application will run as
groupadd app && \
useradd -M -d /app -s /bin/bash -g app app && \
# Install Pipenv Python packages
pipenv install --system && \
# Install opm packages
opm install leafo/geoip && \
# Make sure required directories are created
mkdir -p /ipnetdb && \
chmod 0755 /ipnetdb && \
chown app:app /ipnetdb && \
# Clean up
rm -rf /etc/cron.*/* && \
rm /app/Pipfile && \
rm /app/Pipfile.lock && \
pipenv --clear && \
pip3 --disable-pip-version-check uninstall -y pipenv virtualenv && \
apt-get -y autoremove && \
apt-get -y autoclean && \
rm -rf /var/lib/apt/lists/* && \
rm -rf /var/cache/apt/* && \
rm -rf /tmp/* && \
# Pipenv leaves a bunch of stuff in /root, as we're not using it recreate it
rm -rf /root && \
mkdir -p /root && \
chown root:root /root && \
chmod 0700 /root
# Copy root
COPY config/root /
# Install the app into OpenResty
RUN set -x && \
rm -rf /usr/local/openresty/nginx/conf/nginx.conf && \
ln -s /app/nginx.conf /usr/local/openresty/nginx/conf/nginx.conf
# Create a healthcheck
HEALTHCHECK --interval=1m --timeout=10s CMD /app/healthcheck.py http://127.0.0.1/healthcheck
# ENVS and ports
EXPOSE 80
# Entrypoint, start s6 init
ENTRYPOINT ["/init"]