-
Notifications
You must be signed in to change notification settings - Fork 24
Expand file tree
/
Copy pathDockerfile
More file actions
48 lines (35 loc) · 1.15 KB
/
Dockerfile
File metadata and controls
48 lines (35 loc) · 1.15 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
# Build stage
FROM rust:1.91-bookworm AS builder
WORKDIR /build
# Copy workspace files
COPY Cargo.toml Cargo.lock ./
COPY rustfmt.toml ./
# Copy all workspace members
COPY server ./server
COPY api ./api
COPY impls ./impls
COPY auth-impls ./auth-impls
# Build the application in release mode
RUN cargo build --locked --release --bin vss-server
# Runtime stage
FROM debian:bookworm-slim
# Install runtime dependencies and create an unprivileged runtime user
RUN apt-get update && \
apt-get install -y --no-install-recommends \
ca-certificates \
libssl3 \
&& rm -rf /var/lib/apt/lists/* \
&& groupadd --system vss \
&& useradd --system --gid vss --home-dir /app --shell /usr/sbin/nologin vss \
&& mkdir -p /app \
&& chown vss:vss /app
WORKDIR /app
# Copy the compiled binary from builder
COPY --from=builder --chown=vss:vss /build/target/release/vss-server /app/vss-server
# Copy default configuration file
COPY --chown=vss:vss server/vss-server-config.toml /app/vss-server-config.toml
USER vss:vss
ENV VSS_BIND_ADDRESS=0.0.0.0:8080
EXPOSE 8080
# Run the server with the config file
CMD ["/app/vss-server", "/app/vss-server-config.toml"]