-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
84 lines (66 loc) · 2.13 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
# syntax = docker/dockerfile:1.5.2
# tag needed for riscv64 support
FROM --platform=$BUILDPLATFORM alpine:3.19 AS httpd_git
RUN apk add --no-cache git
WORKDIR /app
ARG BUSYBOX_VERSION=1_36_0
# https://subscription.packtpub.com/book/hardware-and-creative/9781783289851/1/ch01lvl1sec08/configuring-busybox-simple
RUN git clone --depth 1 https://github.com/mirror/busybox.git .
RUN git fetch origin tag "$BUSYBOX_VERSION" --no-tags
RUN git -c advice.detachedHead=false -c gc.auto=0 checkout "tags/$BUSYBOX_VERSION"
FROM alpine:3.19 AS httpd
RUN apk add --no-cache gcc make musl-dev
COPY --link --from=httpd_git /app /app
COPY --link ./config /app/.config
WORKDIR /app
RUN make -s -j4 && make install
FROM --platform=$BUILDPLATFORM alpine:3.19 AS tini
RUN apk add --no-cache curl
ARG TINI_VERSION="v0.19.0"
ARG TARGETPLATFORM
RUN <<EOF
set -eu
case "$TARGETPLATFORM" in
"linux/amd64") TINI_ARCH='amd64'
;;
"linux/arm/v6") TINI_ARCH='armel'
;;
"linux/arm/v7") TINI_ARCH='armhf'
;;
"linux/arm64") TINI_ARCH='arm64'
;;
"linux/386") TINI_ARCH='i386'
;;
"linux/ppc64le") TINI_ARCH='ppc64le'
;;
"linux/s390x") TINI_ARCH='s390x'
;;
*) echo "Unsupported architecture: $TARGETPLATFORM"; exit 1
;;
esac
echo "downloading tiny $TINI_VERSION for arch $TINI_ARCH"
curl -fsSLo /tini "https://github.com/krallin/tini/releases/download/$TINI_VERSION/tini-static-$TINI_ARCH"
EOF
FROM scratch AS squash
COPY --link --from=httpd_git /tmp /tmp
COPY --link --from=httpd_git /opt /opt
COPY --link --chown=0:0 --chmod=644 <<EOF /etc/group
root:x:0:root
www-data:x:65532:httpd
EOF
COPY --link --chown=0:0 --chmod=644 <<EOF /etc/passwd
root:x:0:0:root:/root:/sbin/nologin
httpd:x:65532:65532::/opt/httpd:/sbin/nologin
EOF
COPY --link --chown=0:0 --chmod=644 <<EOF /etc/httpd/httpd.conf
EOF
COPY --link --chown=0:0 --chmod=755 --from=tini /tini /bin/tini
COPY --link --chown=0:0 --chmod=755 --from=httpd /app/_install/bin/busybox /bin/httpd
FROM scratch
ENV PATH=/bin
USER 65532:65532
COPY --link --from=squash / /
WORKDIR /opt/httpd
EXPOSE 8080
ENTRYPOINT ["/bin/tini", "--", "/bin/httpd"]
CMD ["-f", "-v", "-p", "8080", "-c", "/etc/httpd/httpd.conf"]