commit 31bcd1bf7cbe3e1b7c2dee20faa465c0e74f6905
parent 59e50b03bd0990a31c3be9b6c760ec41770cf1b1
Author: Daniel GarcĂa <dani-garcia@users.noreply.github.com>
Date: Sun, 5 Jan 2020 22:42:43 +0100
Merge pull request #784 from ypid/docker/use-debian-base
Use Debian base image for all steps of the build process
Diffstat:
15 files changed, 851 insertions(+), 170 deletions(-)
diff --git a/docker/Dockerfile.j2 b/docker/Dockerfile.j2
@@ -0,0 +1,322 @@
+{{ "# This file was generated using a Jinja2 template." }}
+{{ "# Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's." }}
+
+# Using multistage build:
+# https://docs.docker.com/develop/develop-images/multistage-build/
+# https://whitfin.io/speeding-up-rust-docker-builds/
+####################### VAULT BUILD IMAGE #######################
+{% set build_stage_base_image = "rust:1.40" %}
+{% set vault_stage_base_image = build_stage_base_image %}
+{% if "alpine" in target_file %}
+{% set build_stage_base_image = "clux/muslrust:nightly-2019-12-19" %}
+{% set runtime_stage_base_image = "alpine:3.11" %}
+{% set vault_stage_base_image = runtime_stage_base_image %}
+{% set package_arch_name = "" %}
+{% elif "amd64" in target_file %}
+{% set runtime_stage_base_image = "debian:buster-slim" %}
+{% set package_arch_name = "" %}
+{% elif "aarch64" in target_file %}
+{% set runtime_stage_base_image = "balenalib/aarch64-debian:buster" %}
+{% set package_arch_name = "arm64" %}
+{% elif "armv6" in target_file %}
+{% set runtime_stage_base_image = "balenalib/rpi-debian:buster" %}
+{% set package_arch_name = "armel" %}
+{% elif "armv7" in target_file %}
+{% set runtime_stage_base_image = "balenalib/armv7hf-debian:buster" %}
+{% set package_arch_name = "armhf" %}
+{% endif %}
+{% set package_arch_prefix = ":" + package_arch_name %}
+{% if package_arch_name == "" %}
+{% set package_arch_prefix = "" %}
+{% endif %}
+FROM {{ vault_stage_base_image }} as vault
+
+ENV VAULT_VERSION "v2.12.0b"
+
+ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
+
+{% if "alpine" in vault_stage_base_image %}
+RUN apk add --no-cache --upgrade \
+ curl \
+ tar
+{% else %}
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
+RUN apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ curl \
+ tar
+{% endif %}
+
+RUN mkdir /web-vault
+WORKDIR /web-vault
+
+{% if "alpine" in vault_stage_base_image %}
+SHELL ["/bin/ash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"]
+{% else %}
+SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"]
+{% endif %}
+
+RUN curl -L $URL | tar xz
+RUN ls
+
+########################## BUILD IMAGE ##########################
+{% if "musl" in build_stage_base_image %}
+# Musl build image for statically compiled binary
+{% else %}
+# We need to use the Rust build image, because
+# we need the Rust compiler and Cargo tooling
+{% endif %}
+FROM {{ build_stage_base_image }} as build
+
+{% if "sqlite" in target_file %}
+# set sqlite as default for DB ARG for backward compatibility
+ARG DB=sqlite
+
+{% elif "mysql" in target_file %}
+# set mysql backend
+ARG DB=mysql
+
+{% elif "postgresql" in target_file %}
+# set postgresql backend
+ARG DB=postgresql
+
+{% endif %}
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
+# Don't download rust docs
+RUN rustup set profile minimal
+
+{% if "alpine" in target_file %}
+ENV USER "root"
+
+{% elif "aarch64" in target_file or "armv" in target_file %}
+# Install required build libs for {{ package_arch_name }} architecture.
+RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \
+ /etc/apt/sources.list.d/deb-src.list \
+ && dpkg --add-architecture {{ package_arch_name }} \
+ && apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ libssl-dev{{ package_arch_prefix }} \
+ libc6-dev{{ package_arch_prefix }}
+
+{% endif -%}
+{% if "aarch64" in target_file %}
+RUN apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ gcc-aarch64-linux-gnu \
+ && mkdir -p ~/.cargo \
+ && echo '[target.aarch64-unknown-linux-gnu]' >> ~/.cargo/config \
+ && echo 'linker = "aarch64-linux-gnu-gcc"' >> ~/.cargo/config
+
+ENV CARGO_HOME "/root/.cargo"
+ENV USER "root"
+
+{% elif "armv6" in target_file %}
+RUN apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ gcc-arm-linux-gnueabi \
+ && mkdir -p ~/.cargo \
+ && echo '[target.arm-unknown-linux-gnueabi]' >> ~/.cargo/config \
+ && echo 'linker = "arm-linux-gnueabi-gcc"' >> ~/.cargo/config
+
+ENV CARGO_HOME "/root/.cargo"
+ENV USER "root"
+
+{% elif "armv6" in target_file %}
+RUN apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ gcc-arm-linux-gnueabihf \
+ && mkdir -p ~/.cargo \
+ && echo '[target.armv7-unknown-linux-gnueabihf]' >> ~/.cargo/config \
+ && echo 'linker = "arm-linux-gnueabihf-gcc"' >> ~/.cargo/config
+
+ENV CARGO_HOME "/root/.cargo"
+ENV USER "root"
+
+{% elif "armv7" in target_file %}
+RUN apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ gcc-arm-linux-gnueabihf \
+ && mkdir -p ~/.cargo \
+ && echo '[target.armv7-unknown-linux-gnueabihf]' >> ~/.cargo/config \
+ && echo 'linker = "arm-linux-gnueabihf-gcc"' >> ~/.cargo/config
+
+ENV CARGO_HOME "/root/.cargo"
+ENV USER "root"
+
+{% endif %}
+{% if "mysql" in target_file %}
+# Install MySQL package
+RUN apt-get update && apt-get install -y \
+ --no-install-recommends \
+{% if "musl" in build_stage_base_image %}
+ libmysqlclient-dev{{ package_arch_prefix }} \
+{% else %}
+ libmariadb-dev{{ package_arch_prefix }} \
+{% endif %}
+ && rm -rf /var/lib/apt/lists/*
+
+{% elif "postgresql" in target_file %}
+# Install PostgreSQL package
+RUN apt-get update && apt-get install -y \
+ --no-install-recommends \
+ libpq-dev{{ package_arch_prefix }} \
+ && rm -rf /var/lib/apt/lists/*
+
+{% endif %}
+# Creates a dummy project used to grab dependencies
+RUN USER=root cargo new --bin /app
+WORKDIR /app
+
+# Copies over *only* your manifests and build files
+COPY ./Cargo.* ./
+COPY ./rust-toolchain ./rust-toolchain
+COPY ./build.rs ./build.rs
+
+{% if "aarch64" in target_file %}
+ENV CC_aarch64_unknown_linux_gnu="/usr/bin/aarch64-linux-gnu-gcc"
+ENV CROSS_COMPILE="1"
+ENV OPENSSL_INCLUDE_DIR="/usr/include/aarch64-linux-gnu"
+ENV OPENSSL_LIB_DIR="/usr/lib/aarch64-linux-gnu"
+{% elif "armv6" in target_file %}
+ENV CC_arm_unknown_linux_gnueabi="/usr/bin/arm-linux-gnueabi-gcc"
+ENV CROSS_COMPILE="1"
+ENV OPENSSL_INCLUDE_DIR="/usr/include/arm-linux-gnueabi"
+ENV OPENSSL_LIB_DIR="/usr/lib/arm-linux-gnueabi"
+{% elif "armv7" in target_file %}
+ENV CC_armv7_unknown_linux_gnueabihf="/usr/bin/arm-linux-gnueabihf-gcc"
+ENV CROSS_COMPILE="1"
+ENV OPENSSL_INCLUDE_DIR="/usr/include/arm-linux-gnueabihf"
+ENV OPENSSL_LIB_DIR="/usr/lib/arm-linux-gnueabihf"
+{% endif -%}
+
+{% if "alpine" in target_file %}
+RUN rustup target add x86_64-unknown-linux-musl
+
+{% elif "aarch64" in target_file %}
+RUN rustup target add aarch64-unknown-linux-gnu
+
+{% elif "armv6" in target_file %}
+RUN rustup target add arm-unknown-linux-gnueabi
+
+{% elif "armv7" in target_file %}
+RUN rustup target add armv7-unknown-linux-gnueabihf
+{% endif %}
+# Builds your dependencies and removes the
+# dummy project, except the target folder
+# This folder contains the compiled dependencies
+RUN cargo build --features ${DB} --release
+RUN find . -not -path "./target*" -delete
+
+# Copies the complete project
+# To avoid copying unneeded files, use .dockerignore
+COPY . .
+
+# Make sure that we actually build the project
+RUN touch src/main.rs
+
+# Builds again, this time it'll just be
+# your actual source files being built
+{% if "amd64" in target_file %}
+RUN cargo build --features ${DB} --release
+{% elif "aarch64" in target_file %}
+RUN cargo build --features ${DB} --release --target=aarch64-unknown-linux-gnu
+{% elif "armv6" in target_file %}
+RUN cargo build --features ${DB} --release --target=arm-unknown-linux-gnueabi
+{% elif "armv7" in target_file %}
+RUN cargo build --features ${DB} --release --target=armv7-unknown-linux-gnueabihf
+{% endif %}
+
+######################## RUNTIME IMAGE ########################
+# Create a new stage with a minimal image
+# because we already have a binary built
+FROM {{ runtime_stage_base_image }}
+
+ENV ROCKET_ENV "staging"
+ENV ROCKET_PORT=80
+ENV ROCKET_WORKERS=10
+{% if "alpine" in runtime_stage_base_image %}
+ENV SSL_CERT_DIR=/etc/ssl/certs
+{% endif %}
+
+{% if "amd64" not in target_file %}
+RUN [ "cross-build-start" ]
+
+{% endif %}
+# Install needed libraries
+{% if "alpine" in runtime_stage_base_image %}
+RUN apk add --no-cache \
+ openssl \
+ curl \
+{% if "sqlite" in target_file %}
+ sqlite \
+{% elif "mysql" in target_file %}
+ mariadb-connector-c \
+{% elif "postgresql" in target_file %}
+ postgresql-libs \
+{% endif %}
+ ca-certificates
+{% else %}
+RUN apt-get update && apt-get install -y \
+ --no-install-recommends \
+ openssl \
+ ca-certificates \
+ curl \
+{% if "sqlite" in target_file %}
+ sqlite3 \
+{% elif "mysql" in target_file %}
+ libmariadbclient-dev \
+{% elif "postgresql" in target_file %}
+ libpq5 \
+{% endif %}
+ && rm -rf /var/lib/apt/lists/*
+{% endif %}
+
+RUN mkdir /data
+{% if "amd64" not in target_file %}
+
+RUN [ "cross-build-end" ]
+
+{% endif %}
+VOLUME /data
+EXPOSE 80
+EXPOSE 3012
+
+# Copies the files from the context (Rocket.toml file and web-vault)
+# and the binary from the "build" stage to the current stage
+COPY Rocket.toml .
+COPY --from=vault /web-vault ./web-vault
+{% if "alpine" in target_file %}
+COPY --from=build /app/target/x86_64-unknown-linux-musl/release/bitwarden_rs .
+{% elif "aarch64" in target_file %}
+COPY --from=build /app/target/aarch64-unknown-linux-gnu/release/bitwarden_rs .
+{% elif "armv6" in target_file %}
+COPY --from=build /app/target/arm-unknown-linux-gnueabi/release/bitwarden_rs .
+{% elif "armv7" in target_file %}
+COPY --from=build /app/target/armv7-unknown-linux-gnueabihf/release/bitwarden_rs .
+{% else %}
+COPY --from=build app/target/release/bitwarden_rs .
+{% endif %}
+
+COPY docker/healthcheck.sh ./healthcheck.sh
+
+HEALTHCHECK --interval=30s --timeout=3s CMD sh healthcheck.sh || exit 1
+
+# Configures the startup!
+WORKDIR /
+CMD ["/bitwarden_rs"]
diff --git a/docker/Makefile b/docker/Makefile
@@ -0,0 +1,9 @@
+OBJECTS := $(shell find -mindepth 2 -name 'Dockerfile*')
+
+all: $(OBJECTS)
+
+%/Dockerfile: Dockerfile.j2 render_template
+ ./render_template "$<" "{\"target_file\":\"$@\"}" > "$@"
+
+%/Dockerfile.alpine: Dockerfile.j2 render_template
+ ./render_template "$<" "{\"target_file\":\"$@\"}" > "$@"
diff --git a/docker/aarch64/mysql/Dockerfile b/docker/aarch64/mysql/Dockerfile
@@ -1,21 +1,32 @@
-# Using multistage build:
+# This file was generated using a Jinja2 template.
+# Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's.
+
+# Using multistage build:
# https://docs.docker.com/develop/develop-images/multistage-build/
# https://whitfin.io/speeding-up-rust-docker-builds/
####################### VAULT BUILD IMAGE #######################
-FROM alpine:3.11 as vault
+FROM rust:1.40 as vault
ENV VAULT_VERSION "v2.12.0b"
ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
-RUN apk add --no-cache --upgrade \
- curl \
- tar
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
+RUN apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ curl \
+ tar
RUN mkdir /web-vault
WORKDIR /web-vault
-SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"]
RUN curl -L $URL | tar xz
RUN ls
@@ -28,9 +39,25 @@ FROM rust:1.40 as build
# set mysql backend
ARG DB=mysql
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
# Don't download rust docs
RUN rustup set profile minimal
+# Install required build libs for arm64 architecture.
+RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \
+ /etc/apt/sources.list.d/deb-src.list \
+ && dpkg --add-architecture arm64 \
+ && apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ libssl-dev:arm64 \
+ libc6-dev:arm64
+
RUN apt-get update \
&& apt-get install -y \
--no-install-recommends \
@@ -42,30 +69,42 @@ RUN apt-get update \
ENV CARGO_HOME "/root/.cargo"
ENV USER "root"
+# Install MySQL package
+RUN apt-get update && apt-get install -y \
+ --no-install-recommends \
+ libmariadb-dev:arm64 \
+ && rm -rf /var/lib/apt/lists/*
+
+# Creates a dummy project used to grab dependencies
+RUN USER=root cargo new --bin /app
WORKDIR /app
-# Prepare openssl arm64 libs
-RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \
- /etc/apt/sources.list.d/deb-src.list \
- && dpkg --add-architecture arm64 \
- && apt-get update \
- && apt-get install -y \
- --no-install-recommends \
- libssl-dev:arm64 \
- libc6-dev:arm64 \
- libmariadb-dev:arm64
+# Copies over *only* your manifests and build files
+COPY ./Cargo.* ./
+COPY ./rust-toolchain ./rust-toolchain
+COPY ./build.rs ./build.rs
ENV CC_aarch64_unknown_linux_gnu="/usr/bin/aarch64-linux-gnu-gcc"
ENV CROSS_COMPILE="1"
ENV OPENSSL_INCLUDE_DIR="/usr/include/aarch64-linux-gnu"
ENV OPENSSL_LIB_DIR="/usr/lib/aarch64-linux-gnu"
+RUN rustup target add aarch64-unknown-linux-gnu
+
+# Builds your dependencies and removes the
+# dummy project, except the target folder
+# This folder contains the compiled dependencies
+RUN cargo build --features ${DB} --release
+RUN find . -not -path "./target*" -delete
# Copies the complete project
# To avoid copying unneeded files, use .dockerignore
COPY . .
-# Build
-RUN rustup target add aarch64-unknown-linux-gnu
+# Make sure that we actually build the project
+RUN touch src/main.rs
+
+# Builds again, this time it'll just be
+# your actual source files being built
RUN cargo build --features ${DB} --release --target=aarch64-unknown-linux-gnu
######################## RUNTIME IMAGE ########################
@@ -86,14 +125,15 @@ RUN apt-get update && apt-get install -y \
ca-certificates \
curl \
libmariadbclient-dev \
- && rm -rf /var/lib/apt/lists/*
+ && rm -rf /var/lib/apt/lists/*
RUN mkdir /data
-RUN [ "cross-build-end" ]
+RUN [ "cross-build-end" ]
VOLUME /data
EXPOSE 80
+EXPOSE 3012
# Copies the files from the context (Rocket.toml file and web-vault)
# and the binary from the "build" stage to the current stage
diff --git a/docker/aarch64/sqlite/Dockerfile b/docker/aarch64/sqlite/Dockerfile
@@ -1,21 +1,32 @@
-# Using multistage build:
+# This file was generated using a Jinja2 template.
+# Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's.
+
+# Using multistage build:
# https://docs.docker.com/develop/develop-images/multistage-build/
# https://whitfin.io/speeding-up-rust-docker-builds/
####################### VAULT BUILD IMAGE #######################
-FROM alpine:3.11 as vault
+FROM rust:1.40 as vault
ENV VAULT_VERSION "v2.12.0b"
ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
-RUN apk add --no-cache --upgrade \
- curl \
- tar
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
+RUN apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ curl \
+ tar
RUN mkdir /web-vault
WORKDIR /web-vault
-SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"]
RUN curl -L $URL | tar xz
RUN ls
@@ -25,12 +36,28 @@ RUN ls
# we need the Rust compiler and Cargo tooling
FROM rust:1.40 as build
-# set sqlite as default for DB ARG for backward comaptibility
+# set sqlite as default for DB ARG for backward compatibility
ARG DB=sqlite
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
# Don't download rust docs
RUN rustup set profile minimal
+# Install required build libs for arm64 architecture.
+RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \
+ /etc/apt/sources.list.d/deb-src.list \
+ && dpkg --add-architecture arm64 \
+ && apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ libssl-dev:arm64 \
+ libc6-dev:arm64
+
RUN apt-get update \
&& apt-get install -y \
--no-install-recommends \
@@ -42,29 +69,36 @@ RUN apt-get update \
ENV CARGO_HOME "/root/.cargo"
ENV USER "root"
+# Creates a dummy project used to grab dependencies
+RUN USER=root cargo new --bin /app
WORKDIR /app
-# Prepare openssl arm64 libs
-RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \
- /etc/apt/sources.list.d/deb-src.list \
- && dpkg --add-architecture arm64 \
- && apt-get update \
- && apt-get install -y \
- --no-install-recommends \
- libssl-dev:arm64 \
- libc6-dev:arm64
+# Copies over *only* your manifests and build files
+COPY ./Cargo.* ./
+COPY ./rust-toolchain ./rust-toolchain
+COPY ./build.rs ./build.rs
ENV CC_aarch64_unknown_linux_gnu="/usr/bin/aarch64-linux-gnu-gcc"
ENV CROSS_COMPILE="1"
ENV OPENSSL_INCLUDE_DIR="/usr/include/aarch64-linux-gnu"
ENV OPENSSL_LIB_DIR="/usr/lib/aarch64-linux-gnu"
+RUN rustup target add aarch64-unknown-linux-gnu
+
+# Builds your dependencies and removes the
+# dummy project, except the target folder
+# This folder contains the compiled dependencies
+RUN cargo build --features ${DB} --release
+RUN find . -not -path "./target*" -delete
# Copies the complete project
# To avoid copying unneeded files, use .dockerignore
COPY . .
-# Build
-RUN rustup target add aarch64-unknown-linux-gnu
+# Make sure that we actually build the project
+RUN touch src/main.rs
+
+# Builds again, this time it'll just be
+# your actual source files being built
RUN cargo build --features ${DB} --release --target=aarch64-unknown-linux-gnu
######################## RUNTIME IMAGE ########################
@@ -85,14 +119,15 @@ RUN apt-get update && apt-get install -y \
ca-certificates \
curl \
sqlite3 \
- && rm -rf /var/lib/apt/lists/*
+ && rm -rf /var/lib/apt/lists/*
RUN mkdir /data
-RUN [ "cross-build-end" ]
+RUN [ "cross-build-end" ]
VOLUME /data
EXPOSE 80
+EXPOSE 3012
# Copies the files from the context (Rocket.toml file and web-vault)
# and the binary from the "build" stage to the current stage
diff --git a/docker/amd64/mysql/Dockerfile b/docker/amd64/mysql/Dockerfile
@@ -1,21 +1,32 @@
-# Using multistage build:
+# This file was generated using a Jinja2 template.
+# Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's.
+
+# Using multistage build:
# https://docs.docker.com/develop/develop-images/multistage-build/
# https://whitfin.io/speeding-up-rust-docker-builds/
####################### VAULT BUILD IMAGE #######################
-FROM alpine:3.11 as vault
+FROM rust:1.40 as vault
ENV VAULT_VERSION "v2.12.0b"
ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
-RUN apk add --no-cache --upgrade \
- curl \
- tar
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
+RUN apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ curl \
+ tar
RUN mkdir /web-vault
WORKDIR /web-vault
-SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"]
RUN curl -L $URL | tar xz
RUN ls
@@ -28,6 +39,12 @@ FROM rust:1.40 as build
# set mysql backend
ARG DB=mysql
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
# Don't download rust docs
RUN rustup set profile minimal
@@ -38,7 +55,7 @@ RUN apt-get update && apt-get install -y \
&& rm -rf /var/lib/apt/lists/*
# Creates a dummy project used to grab dependencies
-RUN USER=root cargo new --bin app
+RUN USER=root cargo new --bin /app
WORKDIR /app
# Copies over *only* your manifests and build files
diff --git a/docker/amd64/mysql/Dockerfile.alpine b/docker/amd64/mysql/Dockerfile.alpine
@@ -1,4 +1,7 @@
-# Using multistage build:
+# This file was generated using a Jinja2 template.
+# Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's.
+
+# Using multistage build:
# https://docs.docker.com/develop/develop-images/multistage-build/
# https://whitfin.io/speeding-up-rust-docker-builds/
####################### VAULT BUILD IMAGE #######################
@@ -15,7 +18,7 @@ RUN apk add --no-cache --upgrade \
RUN mkdir /web-vault
WORKDIR /web-vault
-SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+SHELL ["/bin/ash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"]
RUN curl -L $URL | tar xz
RUN ls
@@ -27,29 +30,49 @@ FROM clux/muslrust:nightly-2019-12-19 as build
# set mysql backend
ARG DB=mysql
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
# Don't download rust docs
RUN rustup set profile minimal
ENV USER "root"
-# Install needed libraries
+# Install MySQL package
RUN apt-get update && apt-get install -y \
--no-install-recommends \
libmysqlclient-dev \
&& rm -rf /var/lib/apt/lists/*
+# Creates a dummy project used to grab dependencies
+RUN USER=root cargo new --bin /app
WORKDIR /app
+# Copies over *only* your manifests and build files
+COPY ./Cargo.* ./
+COPY ./rust-toolchain ./rust-toolchain
+COPY ./build.rs ./build.rs
+
+RUN rustup target add x86_64-unknown-linux-musl
+
+# Builds your dependencies and removes the
+# dummy project, except the target folder
+# This folder contains the compiled dependencies
+RUN cargo build --features ${DB} --release
+RUN find . -not -path "./target*" -delete
+
# Copies the complete project
# To avoid copying unneeded files, use .dockerignore
COPY . .
-RUN rustup target add x86_64-unknown-linux-musl
-
# Make sure that we actually build the project
RUN touch src/main.rs
-# Build
+# Builds again, this time it'll just be
+# your actual source files being built
RUN cargo build --features ${DB} --release
######################## RUNTIME IMAGE ########################
@@ -65,8 +88,8 @@ ENV SSL_CERT_DIR=/etc/ssl/certs
# Install needed libraries
RUN apk add --no-cache \
openssl \
- mariadb-connector-c \
curl \
+ mariadb-connector-c \
ca-certificates
RUN mkdir /data
diff --git a/docker/amd64/postgresql/Dockerfile b/docker/amd64/postgresql/Dockerfile
@@ -1,21 +1,32 @@
-# Using multistage build:
+# This file was generated using a Jinja2 template.
+# Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's.
+
+# Using multistage build:
# https://docs.docker.com/develop/develop-images/multistage-build/
# https://whitfin.io/speeding-up-rust-docker-builds/
####################### VAULT BUILD IMAGE #######################
-FROM alpine:3.11 as vault
+FROM rust:1.40 as vault
ENV VAULT_VERSION "v2.12.0b"
ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
-RUN apk add --no-cache --upgrade \
- curl \
- tar
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
+RUN apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ curl \
+ tar
RUN mkdir /web-vault
WORKDIR /web-vault
-SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"]
RUN curl -L $URL | tar xz
RUN ls
@@ -25,26 +36,26 @@ RUN ls
# we need the Rust compiler and Cargo tooling
FROM rust:1.40 as build
-# set mysql backend
+# set postgresql backend
ARG DB=postgresql
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
# Don't download rust docs
RUN rustup set profile minimal
-# Using bundled SQLite, no need to install it
-# RUN apt-get update && apt-get install -y\
-# --no-install-recommends \
-# sqlite3\
-# && rm -rf /var/lib/apt/lists/*
-
-# Install MySQL package
+# Install PostgreSQL package
RUN apt-get update && apt-get install -y \
--no-install-recommends \
libpq-dev \
&& rm -rf /var/lib/apt/lists/*
# Creates a dummy project used to grab dependencies
-RUN USER=root cargo new --bin app
+RUN USER=root cargo new --bin /app
WORKDIR /app
# Copies over *only* your manifests and build files
@@ -84,7 +95,6 @@ RUN apt-get update && apt-get install -y \
openssl \
ca-certificates \
curl \
- sqlite3 \
libpq5 \
&& rm -rf /var/lib/apt/lists/*
diff --git a/docker/amd64/postgresql/Dockerfile.alpine b/docker/amd64/postgresql/Dockerfile.alpine
@@ -1,4 +1,7 @@
-# Using multistage build:
+# This file was generated using a Jinja2 template.
+# Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's.
+
+# Using multistage build:
# https://docs.docker.com/develop/develop-images/multistage-build/
# https://whitfin.io/speeding-up-rust-docker-builds/
####################### VAULT BUILD IMAGE #######################
@@ -15,7 +18,7 @@ RUN apk add --no-cache --upgrade \
RUN mkdir /web-vault
WORKDIR /web-vault
-SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+SHELL ["/bin/ash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"]
RUN curl -L $URL | tar xz
RUN ls
@@ -27,29 +30,49 @@ FROM clux/muslrust:nightly-2019-12-19 as build
# set postgresql backend
ARG DB=postgresql
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
# Don't download rust docs
RUN rustup set profile minimal
ENV USER "root"
-# Install needed libraries
+# Install PostgreSQL package
RUN apt-get update && apt-get install -y \
--no-install-recommends \
libpq-dev \
&& rm -rf /var/lib/apt/lists/*
+# Creates a dummy project used to grab dependencies
+RUN USER=root cargo new --bin /app
WORKDIR /app
+# Copies over *only* your manifests and build files
+COPY ./Cargo.* ./
+COPY ./rust-toolchain ./rust-toolchain
+COPY ./build.rs ./build.rs
+
+RUN rustup target add x86_64-unknown-linux-musl
+
+# Builds your dependencies and removes the
+# dummy project, except the target folder
+# This folder contains the compiled dependencies
+RUN cargo build --features ${DB} --release
+RUN find . -not -path "./target*" -delete
+
# Copies the complete project
# To avoid copying unneeded files, use .dockerignore
COPY . .
-RUN rustup target add x86_64-unknown-linux-musl
-
# Make sure that we actually build the project
RUN touch src/main.rs
-# Build
+# Builds again, this time it'll just be
+# your actual source files being built
RUN cargo build --features ${DB} --release
######################## RUNTIME IMAGE ########################
@@ -65,9 +88,8 @@ ENV SSL_CERT_DIR=/etc/ssl/certs
# Install needed libraries
RUN apk add --no-cache \
openssl \
- postgresql-libs \
curl \
- sqlite \
+ postgresql-libs \
ca-certificates
RUN mkdir /data
diff --git a/docker/amd64/sqlite/Dockerfile b/docker/amd64/sqlite/Dockerfile
@@ -1,21 +1,32 @@
-# Using multistage build:
+# This file was generated using a Jinja2 template.
+# Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's.
+
+# Using multistage build:
# https://docs.docker.com/develop/develop-images/multistage-build/
# https://whitfin.io/speeding-up-rust-docker-builds/
####################### VAULT BUILD IMAGE #######################
-FROM alpine:3.11 as vault
+FROM rust:1.40 as vault
ENV VAULT_VERSION "v2.12.0b"
ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
-RUN apk add --no-cache --upgrade \
- curl \
- tar
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
+RUN apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ curl \
+ tar
RUN mkdir /web-vault
WORKDIR /web-vault
-SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"]
RUN curl -L $URL | tar xz
RUN ls
@@ -25,14 +36,20 @@ RUN ls
# we need the Rust compiler and Cargo tooling
FROM rust:1.40 as build
-# set sqlite as default for DB ARG for backward comaptibility
+# set sqlite as default for DB ARG for backward compatibility
ARG DB=sqlite
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
# Don't download rust docs
RUN rustup set profile minimal
# Creates a dummy project used to grab dependencies
-RUN USER=root cargo new --bin app
+RUN USER=root cargo new --bin /app
WORKDIR /app
# Copies over *only* your manifests and build files
diff --git a/docker/amd64/sqlite/Dockerfile.alpine b/docker/amd64/sqlite/Dockerfile.alpine
@@ -1,4 +1,7 @@
-# Using multistage build:
+# This file was generated using a Jinja2 template.
+# Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's.
+
+# Using multistage build:
# https://docs.docker.com/develop/develop-images/multistage-build/
# https://whitfin.io/speeding-up-rust-docker-builds/
####################### VAULT BUILD IMAGE #######################
@@ -15,7 +18,7 @@ RUN apk add --no-cache --upgrade \
RUN mkdir /web-vault
WORKDIR /web-vault
-SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+SHELL ["/bin/ash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"]
RUN curl -L $URL | tar xz
RUN ls
@@ -24,26 +27,46 @@ RUN ls
# Musl build image for statically compiled binary
FROM clux/muslrust:nightly-2019-12-19 as build
-# set sqlite as default for DB ARG for backward comaptibility
+# set sqlite as default for DB ARG for backward compatibility
ARG DB=sqlite
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
# Don't download rust docs
RUN rustup set profile minimal
ENV USER "root"
+# Creates a dummy project used to grab dependencies
+RUN USER=root cargo new --bin /app
WORKDIR /app
+# Copies over *only* your manifests and build files
+COPY ./Cargo.* ./
+COPY ./rust-toolchain ./rust-toolchain
+COPY ./build.rs ./build.rs
+
+RUN rustup target add x86_64-unknown-linux-musl
+
+# Builds your dependencies and removes the
+# dummy project, except the target folder
+# This folder contains the compiled dependencies
+RUN cargo build --features ${DB} --release
+RUN find . -not -path "./target*" -delete
+
# Copies the complete project
# To avoid copying unneeded files, use .dockerignore
COPY . .
-RUN rustup target add x86_64-unknown-linux-musl
-
# Make sure that we actually build the project
RUN touch src/main.rs
-# Build
+# Builds again, this time it'll just be
+# your actual source files being built
RUN cargo build --features ${DB} --release
######################## RUNTIME IMAGE ########################
@@ -78,7 +101,6 @@ COPY docker/healthcheck.sh ./healthcheck.sh
HEALTHCHECK --interval=30s --timeout=3s CMD sh healthcheck.sh || exit 1
-
# Configures the startup!
WORKDIR /
CMD ["/bitwarden_rs"]
diff --git a/docker/armv6/mysql/Dockerfile b/docker/armv6/mysql/Dockerfile
@@ -1,21 +1,32 @@
-# Using multistage build:
+# This file was generated using a Jinja2 template.
+# Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's.
+
+# Using multistage build:
# https://docs.docker.com/develop/develop-images/multistage-build/
# https://whitfin.io/speeding-up-rust-docker-builds/
####################### VAULT BUILD IMAGE #######################
-FROM alpine:3.11 as vault
+FROM rust:1.40 as vault
ENV VAULT_VERSION "v2.12.0b"
ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
-RUN apk add --no-cache --upgrade \
- curl \
- tar
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
+RUN apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ curl \
+ tar
RUN mkdir /web-vault
WORKDIR /web-vault
-SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"]
RUN curl -L $URL | tar xz
RUN ls
@@ -28,9 +39,25 @@ FROM rust:1.40 as build
# set mysql backend
ARG DB=mysql
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
# Don't download rust docs
RUN rustup set profile minimal
+# Install required build libs for armel architecture.
+RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \
+ /etc/apt/sources.list.d/deb-src.list \
+ && dpkg --add-architecture armel \
+ && apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ libssl-dev:armel \
+ libc6-dev:armel
+
RUN apt-get update \
&& apt-get install -y \
--no-install-recommends \
@@ -42,30 +69,42 @@ RUN apt-get update \
ENV CARGO_HOME "/root/.cargo"
ENV USER "root"
+# Install MySQL package
+RUN apt-get update && apt-get install -y \
+ --no-install-recommends \
+ libmariadb-dev:armel \
+ && rm -rf /var/lib/apt/lists/*
+
+# Creates a dummy project used to grab dependencies
+RUN USER=root cargo new --bin /app
WORKDIR /app
-# Prepare openssl armel libs
-RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \
- /etc/apt/sources.list.d/deb-src.list \
- && dpkg --add-architecture armel \
- && apt-get update \
- && apt-get install -y \
- --no-install-recommends \
- libssl-dev:armel \
- libc6-dev:armel \
- libmariadb-dev:armel
+# Copies over *only* your manifests and build files
+COPY ./Cargo.* ./
+COPY ./rust-toolchain ./rust-toolchain
+COPY ./build.rs ./build.rs
ENV CC_arm_unknown_linux_gnueabi="/usr/bin/arm-linux-gnueabi-gcc"
ENV CROSS_COMPILE="1"
ENV OPENSSL_INCLUDE_DIR="/usr/include/arm-linux-gnueabi"
ENV OPENSSL_LIB_DIR="/usr/lib/arm-linux-gnueabi"
+RUN rustup target add arm-unknown-linux-gnueabi
+
+# Builds your dependencies and removes the
+# dummy project, except the target folder
+# This folder contains the compiled dependencies
+RUN cargo build --features ${DB} --release
+RUN find . -not -path "./target*" -delete
# Copies the complete project
# To avoid copying unneeded files, use .dockerignore
COPY . .
-# Build
-RUN rustup target add arm-unknown-linux-gnueabi
+# Make sure that we actually build the project
+RUN touch src/main.rs
+
+# Builds again, this time it'll just be
+# your actual source files being built
RUN cargo build --features ${DB} --release --target=arm-unknown-linux-gnueabi
######################## RUNTIME IMAGE ########################
@@ -90,10 +129,11 @@ RUN apt-get update && apt-get install -y \
RUN mkdir /data
-RUN [ "cross-build-end" ]
+RUN [ "cross-build-end" ]
VOLUME /data
EXPOSE 80
+EXPOSE 3012
# Copies the files from the context (Rocket.toml file and web-vault)
# and the binary from the "build" stage to the current stage
diff --git a/docker/armv6/sqlite/Dockerfile b/docker/armv6/sqlite/Dockerfile
@@ -1,21 +1,32 @@
-# Using multistage build:
+# This file was generated using a Jinja2 template.
+# Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's.
+
+# Using multistage build:
# https://docs.docker.com/develop/develop-images/multistage-build/
# https://whitfin.io/speeding-up-rust-docker-builds/
####################### VAULT BUILD IMAGE #######################
-FROM alpine:3.11 as vault
+FROM rust:1.40 as vault
ENV VAULT_VERSION "v2.12.0b"
ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
-RUN apk add --no-cache --upgrade \
- curl \
- tar
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
+RUN apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ curl \
+ tar
RUN mkdir /web-vault
WORKDIR /web-vault
-SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"]
RUN curl -L $URL | tar xz
RUN ls
@@ -25,12 +36,28 @@ RUN ls
# we need the Rust compiler and Cargo tooling
FROM rust:1.40 as build
-# set sqlite as default for DB ARG for backward comaptibility
+# set sqlite as default for DB ARG for backward compatibility
ARG DB=sqlite
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
# Don't download rust docs
RUN rustup set profile minimal
+# Install required build libs for armel architecture.
+RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \
+ /etc/apt/sources.list.d/deb-src.list \
+ && dpkg --add-architecture armel \
+ && apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ libssl-dev:armel \
+ libc6-dev:armel
+
RUN apt-get update \
&& apt-get install -y \
--no-install-recommends \
@@ -42,29 +69,36 @@ RUN apt-get update \
ENV CARGO_HOME "/root/.cargo"
ENV USER "root"
+# Creates a dummy project used to grab dependencies
+RUN USER=root cargo new --bin /app
WORKDIR /app
-# Prepare openssl armel libs
-RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \
- /etc/apt/sources.list.d/deb-src.list \
- && dpkg --add-architecture armel \
- && apt-get update \
- && apt-get install -y \
- --no-install-recommends \
- libssl-dev:armel \
- libc6-dev:armel
+# Copies over *only* your manifests and build files
+COPY ./Cargo.* ./
+COPY ./rust-toolchain ./rust-toolchain
+COPY ./build.rs ./build.rs
ENV CC_arm_unknown_linux_gnueabi="/usr/bin/arm-linux-gnueabi-gcc"
ENV CROSS_COMPILE="1"
ENV OPENSSL_INCLUDE_DIR="/usr/include/arm-linux-gnueabi"
ENV OPENSSL_LIB_DIR="/usr/lib/arm-linux-gnueabi"
+RUN rustup target add arm-unknown-linux-gnueabi
+
+# Builds your dependencies and removes the
+# dummy project, except the target folder
+# This folder contains the compiled dependencies
+RUN cargo build --features ${DB} --release
+RUN find . -not -path "./target*" -delete
# Copies the complete project
# To avoid copying unneeded files, use .dockerignore
COPY . .
-# Build
-RUN rustup target add arm-unknown-linux-gnueabi
+# Make sure that we actually build the project
+RUN touch src/main.rs
+
+# Builds again, this time it'll just be
+# your actual source files being built
RUN cargo build --features ${DB} --release --target=arm-unknown-linux-gnueabi
######################## RUNTIME IMAGE ########################
@@ -89,10 +123,11 @@ RUN apt-get update && apt-get install -y \
RUN mkdir /data
-RUN [ "cross-build-end" ]
+RUN [ "cross-build-end" ]
VOLUME /data
EXPOSE 80
+EXPOSE 3012
# Copies the files from the context (Rocket.toml file and web-vault)
# and the binary from the "build" stage to the current stage
diff --git a/docker/armv7/mysql/Dockerfile b/docker/armv7/mysql/Dockerfile
@@ -1,21 +1,32 @@
-# Using multistage build:
+# This file was generated using a Jinja2 template.
+# Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's.
+
+# Using multistage build:
# https://docs.docker.com/develop/develop-images/multistage-build/
# https://whitfin.io/speeding-up-rust-docker-builds/
####################### VAULT BUILD IMAGE #######################
-FROM alpine:3.11 as vault
+FROM rust:1.40 as vault
ENV VAULT_VERSION "v2.12.0b"
ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
-RUN apk add --no-cache --upgrade \
- curl \
- tar
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
+RUN apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ curl \
+ tar
RUN mkdir /web-vault
WORKDIR /web-vault
-SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"]
RUN curl -L $URL | tar xz
RUN ls
@@ -28,9 +39,25 @@ FROM rust:1.40 as build
# set mysql backend
ARG DB=mysql
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
# Don't download rust docs
RUN rustup set profile minimal
+# Install required build libs for armhf architecture.
+RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \
+ /etc/apt/sources.list.d/deb-src.list \
+ && dpkg --add-architecture armhf \
+ && apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ libssl-dev:armhf \
+ libc6-dev:armhf
+
RUN apt-get update \
&& apt-get install -y \
--no-install-recommends \
@@ -42,31 +69,41 @@ RUN apt-get update \
ENV CARGO_HOME "/root/.cargo"
ENV USER "root"
-WORKDIR /app
+# Install MySQL package
+RUN apt-get update && apt-get install -y \
+ --no-install-recommends \
+ libmariadb-dev:armhf \
+ && rm -rf /var/lib/apt/lists/*
-# Prepare openssl armhf libs
-RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \
- /etc/apt/sources.list.d/deb-src.list \
- && dpkg --add-architecture armhf \
- && apt-get update \
- && apt-get install -y \
- --no-install-recommends \
- libssl-dev:armhf \
- libc6-dev:armhf \
- libmariadb-dev:armhf
+# Creates a dummy project used to grab dependencies
+RUN USER=root cargo new --bin /app
+WORKDIR /app
+# Copies over *only* your manifests and build files
+COPY ./Cargo.* ./
+COPY ./rust-toolchain ./rust-toolchain
+COPY ./build.rs ./build.rs
ENV CC_armv7_unknown_linux_gnueabihf="/usr/bin/arm-linux-gnueabihf-gcc"
ENV CROSS_COMPILE="1"
ENV OPENSSL_INCLUDE_DIR="/usr/include/arm-linux-gnueabihf"
ENV OPENSSL_LIB_DIR="/usr/lib/arm-linux-gnueabihf"
+RUN rustup target add armv7-unknown-linux-gnueabihf
+# Builds your dependencies and removes the
+# dummy project, except the target folder
+# This folder contains the compiled dependencies
+RUN cargo build --features ${DB} --release
+RUN find . -not -path "./target*" -delete
# Copies the complete project
# To avoid copying unneeded files, use .dockerignore
COPY . .
-# Build
-RUN rustup target add armv7-unknown-linux-gnueabihf
+# Make sure that we actually build the project
+RUN touch src/main.rs
+
+# Builds again, this time it'll just be
+# your actual source files being built
RUN cargo build --features ${DB} --release --target=armv7-unknown-linux-gnueabihf
######################## RUNTIME IMAGE ########################
@@ -91,10 +128,11 @@ RUN apt-get update && apt-get install -y \
RUN mkdir /data
-RUN [ "cross-build-end" ]
+RUN [ "cross-build-end" ]
VOLUME /data
EXPOSE 80
+EXPOSE 3012
# Copies the files from the context (Rocket.toml file and web-vault)
# and the binary from the "build" stage to the current stage
diff --git a/docker/armv7/sqlite/Dockerfile b/docker/armv7/sqlite/Dockerfile
@@ -1,21 +1,32 @@
-# Using multistage build:
+# This file was generated using a Jinja2 template.
+# Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfile's.
+
+# Using multistage build:
# https://docs.docker.com/develop/develop-images/multistage-build/
# https://whitfin.io/speeding-up-rust-docker-builds/
####################### VAULT BUILD IMAGE #######################
-FROM alpine:3.11 as vault
+FROM rust:1.40 as vault
ENV VAULT_VERSION "v2.12.0b"
ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"
-RUN apk add --no-cache --upgrade \
- curl \
- tar
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
+RUN apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ curl \
+ tar
RUN mkdir /web-vault
WORKDIR /web-vault
-SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
+SHELL ["/bin/bash", "-o", "nounset", "-o", "pipefail", "-o", "errexit", "-c"]
RUN curl -L $URL | tar xz
RUN ls
@@ -25,12 +36,28 @@ RUN ls
# we need the Rust compiler and Cargo tooling
FROM rust:1.40 as build
-# set sqlite as default for DB ARG for backward comaptibility
+# set sqlite as default for DB ARG for backward compatibility
ARG DB=sqlite
+# Build time options to avoid dpkg warnings and help with reproducible builds.
+ARG DEBIAN_FRONTEND=noninteractive
+ARG LANG=C.UTF-8
+ARG TZ=UTC
+ARG TERM=xterm-256color
+
# Don't download rust docs
RUN rustup set profile minimal
+# Install required build libs for armhf architecture.
+RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \
+ /etc/apt/sources.list.d/deb-src.list \
+ && dpkg --add-architecture armhf \
+ && apt-get update \
+ && apt-get install -y \
+ --no-install-recommends \
+ libssl-dev:armhf \
+ libc6-dev:armhf
+
RUN apt-get update \
&& apt-get install -y \
--no-install-recommends \
@@ -42,29 +69,35 @@ RUN apt-get update \
ENV CARGO_HOME "/root/.cargo"
ENV USER "root"
+# Creates a dummy project used to grab dependencies
+RUN USER=root cargo new --bin /app
WORKDIR /app
-# Prepare openssl armhf libs
-RUN sed 's/^deb/deb-src/' /etc/apt/sources.list > \
- /etc/apt/sources.list.d/deb-src.list \
- && dpkg --add-architecture armhf \
- && apt-get update \
- && apt-get install -y \
- --no-install-recommends \
- libssl-dev:armhf \
- libc6-dev:armhf
+# Copies over *only* your manifests and build files
+COPY ./Cargo.* ./
+COPY ./rust-toolchain ./rust-toolchain
+COPY ./build.rs ./build.rs
ENV CC_armv7_unknown_linux_gnueabihf="/usr/bin/arm-linux-gnueabihf-gcc"
ENV CROSS_COMPILE="1"
ENV OPENSSL_INCLUDE_DIR="/usr/include/arm-linux-gnueabihf"
ENV OPENSSL_LIB_DIR="/usr/lib/arm-linux-gnueabihf"
+RUN rustup target add armv7-unknown-linux-gnueabihf
+# Builds your dependencies and removes the
+# dummy project, except the target folder
+# This folder contains the compiled dependencies
+RUN cargo build --features ${DB} --release
+RUN find . -not -path "./target*" -delete
# Copies the complete project
# To avoid copying unneeded files, use .dockerignore
COPY . .
-# Build
-RUN rustup target add armv7-unknown-linux-gnueabihf
+# Make sure that we actually build the project
+RUN touch src/main.rs
+
+# Builds again, this time it'll just be
+# your actual source files being built
RUN cargo build --features ${DB} --release --target=armv7-unknown-linux-gnueabihf
######################## RUNTIME IMAGE ########################
@@ -89,10 +122,11 @@ RUN apt-get update && apt-get install -y \
RUN mkdir /data
-RUN [ "cross-build-end" ]
+RUN [ "cross-build-end" ]
VOLUME /data
EXPOSE 80
+EXPOSE 3012
# Copies the files from the context (Rocket.toml file and web-vault)
# and the binary from the "build" stage to the current stage
diff --git a/docker/render_template b/docker/render_template
@@ -0,0 +1,17 @@
+#!/usr/bin/env python3
+
+import os, argparse, json
+
+import jinja2
+
+args_parser = argparse.ArgumentParser()
+args_parser.add_argument('template_file', help='Jinja2 template file to render.')
+args_parser.add_argument('render_vars', help='JSON-encoded data to pass to the templating engine.')
+cli_args = args_parser.parse_args()
+
+render_vars = json.loads(cli_args.render_vars)
+environment = jinja2.Environment(
+ loader=jinja2.FileSystemLoader(os.getcwd()),
+ trim_blocks=True,
+)
+print(environment.get_template(cli_args.template_file).render(render_vars))
