vaultwarden/Dockerfile

FROM thegeeklab/alpine:latest@sha256:b7783fa9915d884ec5d8836826b10e0984126430a127dfb9aedc3b4b105f33c6

LABEL maintainer="Robert Kaussow <mail@thegeeklab.de>"
LABEL org.opencontainers.image.authors="Robert Kaussow <mail@thegeeklab.de>"
LABEL org.opencontainers.image.title="vaultwarden"
LABEL org.opencontainers.image.url="https://gitea.rknet.org/docker/vaultwarden"
LABEL org.opencontainers.image.source="https://gitea.rknet.org/docker/vaultwarden"
LABEL org.opencontainers.image.documentation="https://gitea.rknet.org/docker/vaultwarden"

ARG WEBVAULT_VERSION

# renovate: datasource=github-releases depName=dani-garcia/bw_web_builds versioning=loose
ENV WEBVAULT_VERSION="${WEBVAULT_VERSION:-v2.21.1}"

ADD overlay/ /

RUN apk --update add --virtual .build-deps tar curl && \
    apk --update add openssl postgresql-libs sqlite ca-certificates && \
    mkdir -p /app/web-vault /app/data && \
    echo "Using Web Vault version '${WEBVAULT_VERSION##v}' ..." && \
    curl -SsL "https://github.com/dani-garcia/bw_web_builds/releases/download/${WEBVAULT_VERSION}/bw_web_${WEBVAULT_VERSION}.tar.gz" | \
      tar xz -C /app && \
    apk del .build-deps && \
    rm -rf /var/cache/apk/* && \
    rm -rf /tmp/* && \
    chown -R app:app /app

ADD src/Rocket.toml /app
ADD src/target/x86_64-unknown-linux-musl/release/vaultwarden /app

VOLUME /app/data

EXPOSE 8080
EXPOSE 3012

USER app

STOPSIGNAL SIGTERM

ENTRYPOINT ["/usr/local/bin/entrypoint"]
HEALTHCHECK --interval=10s --timeout=3s --retries=3 CMD /usr/local/bin/healthcheck
WORKDIR /app
CMD []