astelm
/
telemt
mirror of https://github.com/telemt/telemt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update Dockerfile

This commit is contained in:
Alexey 2026-03-22 00:10:19 +03:00 committed by GitHub
parent 5a4072c964
commit 269fce839f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 59 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
Dockerfile
View File

@ -1,3 +1,5 @@
# syntax=docker/dockerfile:1
# ========================== # ==========================
# Stage 1: Build # Stage 1: Build
# ========================== # ==========================
@ -5,36 +7,87 @@ FROM rust:1.88-slim-bookworm AS builder
RUN apt-get update && apt-get install -y --no-install-recommends \ RUN apt-get update && apt-get install -y --no-install-recommends \
pkg-config \ pkg-config \
ca-certificates \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
WORKDIR /build WORKDIR /build
# Depcache
COPY Cargo.toml Cargo.lock* ./ COPY Cargo.toml Cargo.lock* ./
RUN mkdir src && echo 'fn main() {}' > src/main.rs && \ RUN mkdir src && echo 'fn main() {}' > src/main.rs && \
cargo build --release 2>/dev/null || true && \ cargo build --release 2>/dev/null || true && \
rm -rf src rm -rf src
# Build
COPY . . COPY . .
RUN cargo build --release && strip target/release/telemt RUN cargo build --release && strip target/release/telemt
# ========================== # ==========================
# Stage 2: Runtime # Stage 2: Compress (strip + UPX)
# ========================== # ==========================
FROM debian:bookworm-slim FROM debian:12-slim AS minimal
RUN apt-get update && apt-get install -y --no-install-recommends \
upx \
binutils \
&& rm -rf /var/lib/apt/lists/*
COPY --from=builder /build/target/release/telemt /telemt
RUN strip /telemt || true
RUN upx --best --lzma /telemt || true
# ==========================
# Stage 3: Debug base
# ==========================
FROM debian:12-slim AS debug-base
RUN apt-get update && apt-get install -y --no-install-recommends \ RUN apt-get update && apt-get install -y --no-install-recommends \
ca-certificates \ ca-certificates \
tzdata \
curl \
iproute2 \
busybox \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
RUN useradd -r -s /usr/sbin/nologin telemt # ==========================
# Stage 4: Debug image
# ==========================
FROM debug-base AS debug
WORKDIR /app WORKDIR /app
COPY --from=builder /build/target/release/telemt /app/telemt COPY --from=minimal /telemt /app/telemt
COPY config.toml /app/config.toml COPY config.toml /app/config.toml
RUN chown -R telemt:telemt /app USER root
USER telemt
EXPOSE 443
EXPOSE 9090
EXPOSE 9091
ENTRYPOINT ["/app/telemt"]
CMD ["config.toml"]
# ==========================
# Stage 5: Production (distroless)
# ==========================
FROM gcr.io/distroless/base-debian12 AS prod
WORKDIR /app
COPY --from=minimal /telemt /app/telemt
COPY config.toml /app/config.toml
# TLS + timezone + shell
COPY --from=debug-base /etc/ssl/certs /etc/ssl/certs
COPY --from=debug-base /usr/share/zoneinfo /usr/share/zoneinfo
COPY --from=debug-base /bin/busybox /bin/busybox
RUN ["/bin/busybox", "--install", "-s", "/bin"]
# distroless user
USER nonroot:nonroot
EXPOSE 443 EXPOSE 443
EXPOSE 9090 EXPOSE 9090