diff --git a/Dockerfile b/Dockerfile index b2f479f66..b0909143a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,51 +1,39 @@ +# syntax=docker/dockerfile:1 +# ┬─┐┬ ┐o┬ ┬─┐ +# │─││ │││ │ │ +# ┘─┘┘─┘┘┘─┘┘─┘ -############## -# Build stage -FROM --platform=$BUILDPLATFORM techknowlogick/xgo:go-1.19.2 AS build-env +FROM techknowlogick/xgo:go-1.19.2 AS builder -RUN \ - go install github.com/magefile/mage@latest && \ - mv /go/bin/mage /usr/local/go/bin +RUN go install github.com/magefile/mage@latest && \ + mv /go/bin/mage /usr/local/go/bin -ARG VIKUNJA_VERSION - -# Setup repo -COPY . /go/src/code.vikunja.io/api WORKDIR /go/src/code.vikunja.io/api +COPY . ./ ARG TARGETOS TARGETARCH TARGETVARIANT -# Checkout version if set -RUN if [ -n "${VIKUNJA_VERSION}" ]; then git checkout "${VIKUNJA_VERSION}"; fi && \ - mage build:clean && \ - mage release:xgo $TARGETOS/$TARGETARCH/$TARGETVARIANT -################### +RUN mage build:clean && \ + mage release:xgo "${TARGETOS}/${TARGETARCH}/${TARGETVARIANT}" + +# ┬─┐┬ ┐┌┐┐┌┐┐┬─┐┬─┐ +# │┬┘│ │││││││├─ │┬┘ +# ┘└┘┘─┘┘└┘┘└┘┴─┘┘└┘ + # The actual image # Note: I wanted to use the scratch image here, but unfortunatly the go-sqlite bindings require cgo and # because of this, the container would not start when I compiled the image without cgo. -FROM alpine:3.16 +FROM alpine:3.16 AS runner LABEL maintainer="maintainers@vikunja.io" +WORKDIR /app/vikunja +ENTRYPOINT [ "/sbin/tini", "-g", "--", "/entrypoint.sh" ] -WORKDIR /app/vikunja/ -COPY --from=build-env /build/vikunja-* vikunja ENV VIKUNJA_SERVICE_ROOTPATH=/app/vikunja/ - -# Dynamic permission changing stuff ENV PUID 1000 ENV PGID 1000 -RUN apk --no-cache add shadow && \ - addgroup -g ${PGID} vikunja && \ - adduser -s /bin/sh -D -G vikunja -u ${PUID} vikunja -h /app/vikunja -H && \ - chown vikunja -R /app/vikunja -COPY run.sh /run.sh -# Add time zone data -RUN apk --no-cache add tzdata +RUN apk --update --no-cache add tzdata tini +COPY docker/entrypoint.sh /entrypoint.sh +RUN chmod 0755 /entrypoint.sh && mkdir files -# Files permissions -RUN mkdir /app/vikunja/files && \ - chown -R vikunja /app/vikunja/files -VOLUME /app/vikunja/files - -CMD ["/run.sh"] -EXPOSE 3456 +COPY --from=builder /build/vikunja-* vikunja diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh new file mode 100644 index 000000000..80b36656c --- /dev/null +++ b/docker/entrypoint.sh @@ -0,0 +1,15 @@ +#!/usr/bin/env sh +set -e + +if [ -n "$PUID" ] && [ "$PUID" -ne 0 ] && \ + [ -n "$PGID" ] && [ "$PGID" -ne 0 ] ; then + echo "info: creating the new user vikunja with $PUID:$PGID" + addgroup -g "$PGID" vikunja + adduser -s /bin/sh -D -G vikunja -u "$PUID" vikunja -h /app/vikunja -H + chown -R vikunja:vikunja ./ + su -pc /app/vikunja/vikunja - vikunja "$@" +else + echo "info: creation of non-root user is skipped" + exec /app/vikunja/vikunja "$@" +fi + diff --git a/run.sh b/run.sh deleted file mode 100755 index aa22c9850..000000000 --- a/run.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh - -# Set the uid and gid of the vikunja run user -usermod --non-unique --uid ${PUID} vikunja -groupmod --non-unique --gid ${PGID} vikunja - -exec su vikunja -c '/app/vikunja/vikunja' \ No newline at end of file