vaultwarden/Containerfile
Renovator Bot 59e56d3b15
All checks were successful
ci/woodpecker/push/build-package Pipeline was successful
ci/woodpecker/tag/build-package Pipeline was successful
ci/woodpecker/push/build-container Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
ci/woodpecker/push/notify Pipeline was successful
ci/woodpecker/tag/build-container Pipeline was successful
ci/woodpecker/tag/docs Pipeline was successful
ci/woodpecker/tag/notify Pipeline was successful
chore(deps): update docker.io/clux/muslrust docker tag to v1.74.1 (#149)
Reviewed-on: #149
Co-authored-by: Renovator Bot <renovator@rknet.org>
Co-committed-by: Renovator Bot <renovator@rknet.org>
2023-12-12 16:53:12 +01:00

74 lines
2.7 KiB
Docker

FROM docker.io/clux/muslrust:1.74.1-stable@sha256:c0149e6c81beed0c64e3ddca8e7c338ebc9ebc47b70c30c9b9b34795b4925e58 as build
ARG WEBVAULT_VERSION
ARG VAULTWARDEN_VERSION
ARG DEBIAN_FRONTEND=noninteractive
ARG LANG=C.UTF-8
ARG TZ=UTC
ARG RUSTFLAGS="-C link-arg=-s"
ARG DB=sqlite,postgresql
ARG TARGETPLATFORM
# renovate: datasource=github-releases depName=dani-garcia/bw_web_builds versioning=loose
ENV WEBVAULT_VERSION="${WEBVAULT_VERSION:-v2023.10.0}"
# renovate: datasource=github-releases depName=dani-garcia/vaultwarden
ENV VAULTWARDEN_VERSION="${VAULTWARDEN_VERSION:-1.30.1}"
WORKDIR /src
RUN apt-get update && apt-get install -y --no-install-recommends && \
mkdir -p /release/web-vault && \
mkdir -p /data
RUN echo "Using Vaultwarden version '${VAULTWARDEN_VERSION##v}'" && \
curl -sSL "https://github.com/dani-garcia/vaultwarden/archive/${VAULTWARDEN_VERSION##v}.tar.gz" | \
tar xz --strip-components=1 && \
echo "Using Web Vault version '${WEBVAULT_VERSION##v}'" && \
curl -SsfL "https://github.com/dani-garcia/bw_web_builds/releases/download/${WEBVAULT_VERSION}/bw_web_${WEBVAULT_VERSION}.tar.gz" | \
tar xz -C /release
RUN echo "Building for platform '$TARGETPLATFORM'" && \
case "$TARGETPLATFORM" in \
"linux/amd64") echo x86_64-unknown-linux-musl > rust_target ;; \
"linux/arm64") echo aarch64-unknown-linux-musl > rust_target ;; \
*) exit 1 ;; \
esac
RUN rustup set profile minimal && \
rustup target add $(cat rust_target) && \
VW_VERSION="${VAULTWARDEN_VERSION##v}" cargo build -j 8 --features "$DB" --target $(cat rust_target) --release
RUN ldd target/$(cat rust_target)/release/vaultwarden && \
target/$(cat rust_target)/release/vaultwarden --help && \
target/$(cat rust_target)/release/vaultwarden --version
FROM docker.io/alpine:3.19@sha256:51b67269f354137895d43f3b3d810bfacd3945438e94dc5ac55fdac340352f48
LABEL maintainer="Robert Kaussow <mail@thegeeklab.de>"
LABEL org.opencontainers.image.authors="Robert Kaussow <mail@thegeeklab.de>"
LABEL org.opencontainers.image.title="Vaultwarden"
LABEL org.opencontainers.image.url="https://gitea.rknet.org/container/vaultwarden"
LABEL org.opencontainers.image.source="https://gitea.rknet.org/container/vaultwarden"
LABEL org.opencontainers.image.documentation="https://gitea.rknet.org/container/vaultwarden"
ENV DATA_FOLDER=/data
ENV ROCKET_ADDRESS=0.0.0.0
ENV ROCKET_PORT=8000
ENV WEBSOCKET_ADDRESS=0.0.0.0
ENV WEBSOCKET_PORT=3012
COPY --from=build --chown=65532:65532 /data /data
COPY --from=build /release/web-vault /web-vault
COPY --from=build /src/target/**/release/vaultwarden /bin/vaultwarden
EXPOSE 8000
EXPOSE 3012
STOPSIGNAL SIGTERM
USER 65532
CMD ["/bin/vaultwarden"]