mirror of
https://github.com/DioCrafts/OxiCloud.git
synced 2025-10-05 16:12:49 +02:00
62 lines
1.8 KiB
Docker
62 lines
1.8 KiB
Docker
# Stage 1: Builder – compile the application
|
||
FROM rust:1.82-alpine AS builder
|
||
|
||
# Install build dependencies
|
||
RUN apk add --no-cache musl-dev pkgconfig openssl-dev postgresql-dev
|
||
|
||
# Create a non-root user with UID 10001 (we use the same UID across stages)
|
||
RUN adduser -D -u 10001 oxicloud
|
||
|
||
WORKDIR /app
|
||
|
||
# Copy dependency files first to leverage Docker cache for dependency compilation
|
||
COPY Cargo.toml Cargo.lock ./
|
||
|
||
# Prepare dummy source to build dependencies (improves caching)
|
||
RUN mkdir -p src && \
|
||
echo "fn main() {}" > src/main.rs && \
|
||
touch src/lib.rs && \
|
||
cargo build --release && \
|
||
rm -rf src
|
||
|
||
# Copy the actual source code and additional files
|
||
COPY src ./src
|
||
COPY static ./static
|
||
COPY db ./db
|
||
|
||
# Build the actual application and strip debug symbols for a smaller binary
|
||
RUN cargo build --release && \
|
||
strip target/release/oxicloud
|
||
|
||
# Stage 2: Runtime – only include what is necessary to run the app
|
||
FROM alpine:3.21.3
|
||
|
||
# Install runtime dependencies and clean up cache
|
||
RUN apk add --no-cache libgcc openssl ca-certificates tzdata && \
|
||
rm -rf /var/cache/apk/*
|
||
|
||
# Create a non-root user with the same UID (10001) for consistent file ownership
|
||
RUN adduser -D -u 10001 oxicloud
|
||
|
||
# Create application directories, assign proper permissions
|
||
WORKDIR /app
|
||
RUN mkdir -p /app/static /app/storage /app/db && \
|
||
chown -R oxicloud:oxicloud /app
|
||
|
||
# Copy the built binary from the builder stage and additional runtime files
|
||
COPY --from=builder /app/target/release/oxicloud /app/oxicloud
|
||
COPY --from=builder /app/static /app/static
|
||
COPY --from=builder /app/db /app/db
|
||
|
||
# Ensure all files are owned by the non-root user
|
||
RUN chown -R oxicloud:oxicloud /app
|
||
|
||
# Set the non-root user for running the application
|
||
USER oxicloud
|
||
|
||
# Expose the port the application listens on
|
||
EXPOSE 8086 8085
|
||
|
||
# Run the binary in release mode
|
||
CMD ["./oxicloud", "--release"]
|