12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 |
- # This Dockerfile installs Sydent from source, which is assumed to be in the current
- # working directory. The resulting image contains a single "sydent" user, and populates
- # their home area with "src" and "venv" directories. The entrypoint runs Sydent,
- # listening on port 8090.
- #
- # Users must provide a persistent volume available to the container as `/data`. This
- # will contain Sydent's configuration and database. A blank configuration and database
- # file is created the first time Sydent runs.
- # Step 1: install dependencies
- FROM docker.io/python:3.8-slim-bookworm as builder
- # Add user sydent
- RUN addgroup --system --gid 993 sydent \
- && useradd -m --system --uid 993 -g sydent sydent
- USER sydent:sydent
- # Install poetry
- RUN pip install --user poetry==1.2.2
- # Copy source code and resources
- WORKDIR /home/sydent/src
- COPY --chown=sydent:sydent ["res", "res"]
- COPY --chown=sydent:sydent ["scripts", "scripts"]
- COPY --chown=sydent:sydent ["sydent", "sydent"]
- COPY --chown=sydent:sydent ["README.rst", "pyproject.toml", "poetry.lock", "./"]
- # Install dependencies
- RUN python -m poetry install --no-dev --no-interaction --extras "prometheus sentry"
- # Record dependencies for posterity
- RUN python -m poetry export -o requirements.txt
- # Make the virtualenv accessible for the final image
- RUN ln -s $(python -m poetry env info -p) /home/sydent/venv
- # Nuke bytecode files to keep the final image slim.
- RUN find /home/sydent/venv -type f -name '*.pyc' -delete
- # Step 2: Create runtime image
- FROM docker.io/python:3.8-slim-bookworm
- # Add user sydent and create /data directory
- RUN addgroup --system --gid 993 sydent \
- && useradd -m --system --uid 993 -g sydent sydent \
- && mkdir /data \
- && chown sydent:sydent /data
- # Copy sydent and the virtualenv
- COPY --from=builder ["/home/sydent/src", "/home/sydent/src"]
- COPY --from=builder ["/home/sydent/venv", "/home/sydent/venv"]
- ENV SYDENT_CONF=/data/sydent.conf
- ENV SYDENT_PID_FILE=/data/sydent.pid
- ENV SYDENT_DB_PATH=/data/sydent.db
- WORKDIR /home/sydent
- USER sydent:sydent
- VOLUME ["/data"]
- EXPOSE 8090/tcp
- CMD [ "venv/bin/python", "-m", "sydent.sydent" ]
|