vw_small

Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
git clone https://git.philomathiclife.com/repos/vw_small
Log | Files | Refs | README

commit 3713f2d13439577e50f43b34f63de2972c52b639
parent 5845ed2c920563d990b32b7cf54084b4b8608eb0
Author: Daniel GarcĂ­a <dani-garcia@users.noreply.github.com>
Date:   Sat, 28 May 2022 14:56:47 +0200

Merge pull request #2507 from BlackDex/fix-persisten-volume-check

Fix persistent volume check
Diffstat:
Mdocker/Dockerfile.j2 | 15+++++++++------
Mdocker/amd64/Dockerfile | 15+++++++++------
Mdocker/amd64/Dockerfile.alpine | 15+++++++++------
Mdocker/amd64/Dockerfile.buildx | 15+++++++++------
Mdocker/amd64/Dockerfile.buildx.alpine | 15+++++++++------
Mdocker/arm64/Dockerfile | 15+++++++++------
Mdocker/arm64/Dockerfile.alpine | 15+++++++++------
Mdocker/arm64/Dockerfile.buildx | 15+++++++++------
Mdocker/arm64/Dockerfile.buildx.alpine | 15+++++++++------
Mdocker/armv6/Dockerfile | 15+++++++++------
Mdocker/armv6/Dockerfile.alpine | 15+++++++++------
Mdocker/armv6/Dockerfile.buildx | 15+++++++++------
Mdocker/armv6/Dockerfile.buildx.alpine | 15+++++++++------
Mdocker/armv7/Dockerfile | 15+++++++++------
Mdocker/armv7/Dockerfile.alpine | 15+++++++++------
Mdocker/armv7/Dockerfile.buildx | 15+++++++++------
Mdocker/armv7/Dockerfile.buildx.alpine | 15+++++++++------
17 files changed, 153 insertions(+), 102 deletions(-)

diff --git a/docker/Dockerfile.j2 b/docker/Dockerfile.j2 @@ -181,6 +181,14 @@ RUN touch src/main.rs # hadolint ignore=DL3059 RUN {{ mount_rust_cache -}} cargo build --features ${DB} --release{{ package_arch_target_param }} +# Create a special empty file which we check within the application. +# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. +# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` +# This file should disappear if a volume is mounted on-top of this using a docker volume. +# We run this in the build image and copy it over, because the runtime image could be missing some executables. +# hadolint ignore=DL3059 +RUN touch /vaultwarden_docker_persistent_volume_check + ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built @@ -238,16 +246,11 @@ VOLUME /data EXPOSE 80 EXPOSE 3012 -# Create a special empty file which we check within the application. -# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. -# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` -# This file should disappear if a volume is mounted on-top of this using a docker volume. -RUN touch /data/vaultwarden_docker_persistent_volume_check - # Copies the files from the context (Rocket.toml file and web-vault) # and the binary from the "build" stage to the current stage WORKDIR / COPY --from=vault /web-vault ./web-vault +COPY --from=build /vaultwarden_docker_persistent_volume_check /data/vaultwarden_docker_persistent_volume_check {% if package_arch_target is defined %} COPY --from=build /app/target/{{ package_arch_target }}/release/vaultwarden . {% else %} diff --git a/docker/amd64/Dockerfile b/docker/amd64/Dockerfile @@ -84,6 +84,14 @@ RUN touch src/main.rs # hadolint ignore=DL3059 RUN cargo build --features ${DB} --release +# Create a special empty file which we check within the application. +# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. +# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` +# This file should disappear if a volume is mounted on-top of this using a docker volume. +# We run this in the build image and copy it over, because the runtime image could be missing some executables. +# hadolint ignore=DL3059 +RUN touch /vaultwarden_docker_persistent_volume_check + ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built @@ -112,16 +120,11 @@ VOLUME /data EXPOSE 80 EXPOSE 3012 -# Create a special empty file which we check within the application. -# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. -# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` -# This file should disappear if a volume is mounted on-top of this using a docker volume. -RUN touch /data/vaultwarden_docker_persistent_volume_check - # Copies the files from the context (Rocket.toml file and web-vault) # and the binary from the "build" stage to the current stage WORKDIR / COPY --from=vault /web-vault ./web-vault +COPY --from=build /vaultwarden_docker_persistent_volume_check /data/vaultwarden_docker_persistent_volume_check COPY --from=build /app/target/release/vaultwarden . COPY docker/healthcheck.sh /healthcheck.sh diff --git a/docker/amd64/Dockerfile.alpine b/docker/amd64/Dockerfile.alpine @@ -78,6 +78,14 @@ RUN touch src/main.rs # hadolint ignore=DL3059 RUN cargo build --features ${DB} --release --target=x86_64-unknown-linux-musl +# Create a special empty file which we check within the application. +# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. +# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` +# This file should disappear if a volume is mounted on-top of this using a docker volume. +# We run this in the build image and copy it over, because the runtime image could be missing some executables. +# hadolint ignore=DL3059 +RUN touch /vaultwarden_docker_persistent_volume_check + ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built @@ -104,16 +112,11 @@ VOLUME /data EXPOSE 80 EXPOSE 3012 -# Create a special empty file which we check within the application. -# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. -# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` -# This file should disappear if a volume is mounted on-top of this using a docker volume. -RUN touch /data/vaultwarden_docker_persistent_volume_check - # Copies the files from the context (Rocket.toml file and web-vault) # and the binary from the "build" stage to the current stage WORKDIR / COPY --from=vault /web-vault ./web-vault +COPY --from=build /vaultwarden_docker_persistent_volume_check /data/vaultwarden_docker_persistent_volume_check COPY --from=build /app/target/x86_64-unknown-linux-musl/release/vaultwarden . COPY docker/healthcheck.sh /healthcheck.sh diff --git a/docker/amd64/Dockerfile.buildx b/docker/amd64/Dockerfile.buildx @@ -84,6 +84,14 @@ RUN touch src/main.rs # hadolint ignore=DL3059 RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry cargo build --features ${DB} --release +# Create a special empty file which we check within the application. +# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. +# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` +# This file should disappear if a volume is mounted on-top of this using a docker volume. +# We run this in the build image and copy it over, because the runtime image could be missing some executables. +# hadolint ignore=DL3059 +RUN touch /vaultwarden_docker_persistent_volume_check + ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built @@ -112,16 +120,11 @@ VOLUME /data EXPOSE 80 EXPOSE 3012 -# Create a special empty file which we check within the application. -# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. -# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` -# This file should disappear if a volume is mounted on-top of this using a docker volume. -RUN touch /data/vaultwarden_docker_persistent_volume_check - # Copies the files from the context (Rocket.toml file and web-vault) # and the binary from the "build" stage to the current stage WORKDIR / COPY --from=vault /web-vault ./web-vault +COPY --from=build /vaultwarden_docker_persistent_volume_check /data/vaultwarden_docker_persistent_volume_check COPY --from=build /app/target/release/vaultwarden . COPY docker/healthcheck.sh /healthcheck.sh diff --git a/docker/amd64/Dockerfile.buildx.alpine b/docker/amd64/Dockerfile.buildx.alpine @@ -78,6 +78,14 @@ RUN touch src/main.rs # hadolint ignore=DL3059 RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry cargo build --features ${DB} --release --target=x86_64-unknown-linux-musl +# Create a special empty file which we check within the application. +# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. +# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` +# This file should disappear if a volume is mounted on-top of this using a docker volume. +# We run this in the build image and copy it over, because the runtime image could be missing some executables. +# hadolint ignore=DL3059 +RUN touch /vaultwarden_docker_persistent_volume_check + ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built @@ -104,16 +112,11 @@ VOLUME /data EXPOSE 80 EXPOSE 3012 -# Create a special empty file which we check within the application. -# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. -# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` -# This file should disappear if a volume is mounted on-top of this using a docker volume. -RUN touch /data/vaultwarden_docker_persistent_volume_check - # Copies the files from the context (Rocket.toml file and web-vault) # and the binary from the "build" stage to the current stage WORKDIR / COPY --from=vault /web-vault ./web-vault +COPY --from=build /vaultwarden_docker_persistent_volume_check /data/vaultwarden_docker_persistent_volume_check COPY --from=build /app/target/x86_64-unknown-linux-musl/release/vaultwarden . COPY docker/healthcheck.sh /healthcheck.sh diff --git a/docker/arm64/Dockerfile b/docker/arm64/Dockerfile @@ -104,6 +104,14 @@ RUN touch src/main.rs # hadolint ignore=DL3059 RUN cargo build --features ${DB} --release --target=aarch64-unknown-linux-gnu +# Create a special empty file which we check within the application. +# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. +# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` +# This file should disappear if a volume is mounted on-top of this using a docker volume. +# We run this in the build image and copy it over, because the runtime image could be missing some executables. +# hadolint ignore=DL3059 +RUN touch /vaultwarden_docker_persistent_volume_check + ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built @@ -136,16 +144,11 @@ VOLUME /data EXPOSE 80 EXPOSE 3012 -# Create a special empty file which we check within the application. -# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. -# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` -# This file should disappear if a volume is mounted on-top of this using a docker volume. -RUN touch /data/vaultwarden_docker_persistent_volume_check - # Copies the files from the context (Rocket.toml file and web-vault) # and the binary from the "build" stage to the current stage WORKDIR / COPY --from=vault /web-vault ./web-vault +COPY --from=build /vaultwarden_docker_persistent_volume_check /data/vaultwarden_docker_persistent_volume_check COPY --from=build /app/target/aarch64-unknown-linux-gnu/release/vaultwarden . COPY docker/healthcheck.sh /healthcheck.sh diff --git a/docker/arm64/Dockerfile.alpine b/docker/arm64/Dockerfile.alpine @@ -78,6 +78,14 @@ RUN touch src/main.rs # hadolint ignore=DL3059 RUN cargo build --features ${DB} --release --target=aarch64-unknown-linux-musl +# Create a special empty file which we check within the application. +# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. +# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` +# This file should disappear if a volume is mounted on-top of this using a docker volume. +# We run this in the build image and copy it over, because the runtime image could be missing some executables. +# hadolint ignore=DL3059 +RUN touch /vaultwarden_docker_persistent_volume_check + ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built @@ -108,16 +116,11 @@ VOLUME /data EXPOSE 80 EXPOSE 3012 -# Create a special empty file which we check within the application. -# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. -# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` -# This file should disappear if a volume is mounted on-top of this using a docker volume. -RUN touch /data/vaultwarden_docker_persistent_volume_check - # Copies the files from the context (Rocket.toml file and web-vault) # and the binary from the "build" stage to the current stage WORKDIR / COPY --from=vault /web-vault ./web-vault +COPY --from=build /vaultwarden_docker_persistent_volume_check /data/vaultwarden_docker_persistent_volume_check COPY --from=build /app/target/aarch64-unknown-linux-musl/release/vaultwarden . COPY docker/healthcheck.sh /healthcheck.sh diff --git a/docker/arm64/Dockerfile.buildx b/docker/arm64/Dockerfile.buildx @@ -104,6 +104,14 @@ RUN touch src/main.rs # hadolint ignore=DL3059 RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry cargo build --features ${DB} --release --target=aarch64-unknown-linux-gnu +# Create a special empty file which we check within the application. +# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. +# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` +# This file should disappear if a volume is mounted on-top of this using a docker volume. +# We run this in the build image and copy it over, because the runtime image could be missing some executables. +# hadolint ignore=DL3059 +RUN touch /vaultwarden_docker_persistent_volume_check + ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built @@ -136,16 +144,11 @@ VOLUME /data EXPOSE 80 EXPOSE 3012 -# Create a special empty file which we check within the application. -# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. -# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` -# This file should disappear if a volume is mounted on-top of this using a docker volume. -RUN touch /data/vaultwarden_docker_persistent_volume_check - # Copies the files from the context (Rocket.toml file and web-vault) # and the binary from the "build" stage to the current stage WORKDIR / COPY --from=vault /web-vault ./web-vault +COPY --from=build /vaultwarden_docker_persistent_volume_check /data/vaultwarden_docker_persistent_volume_check COPY --from=build /app/target/aarch64-unknown-linux-gnu/release/vaultwarden . COPY docker/healthcheck.sh /healthcheck.sh diff --git a/docker/arm64/Dockerfile.buildx.alpine b/docker/arm64/Dockerfile.buildx.alpine @@ -78,6 +78,14 @@ RUN touch src/main.rs # hadolint ignore=DL3059 RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry cargo build --features ${DB} --release --target=aarch64-unknown-linux-musl +# Create a special empty file which we check within the application. +# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. +# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` +# This file should disappear if a volume is mounted on-top of this using a docker volume. +# We run this in the build image and copy it over, because the runtime image could be missing some executables. +# hadolint ignore=DL3059 +RUN touch /vaultwarden_docker_persistent_volume_check + ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built @@ -108,16 +116,11 @@ VOLUME /data EXPOSE 80 EXPOSE 3012 -# Create a special empty file which we check within the application. -# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. -# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` -# This file should disappear if a volume is mounted on-top of this using a docker volume. -RUN touch /data/vaultwarden_docker_persistent_volume_check - # Copies the files from the context (Rocket.toml file and web-vault) # and the binary from the "build" stage to the current stage WORKDIR / COPY --from=vault /web-vault ./web-vault +COPY --from=build /vaultwarden_docker_persistent_volume_check /data/vaultwarden_docker_persistent_volume_check COPY --from=build /app/target/aarch64-unknown-linux-musl/release/vaultwarden . COPY docker/healthcheck.sh /healthcheck.sh diff --git a/docker/armv6/Dockerfile b/docker/armv6/Dockerfile @@ -104,6 +104,14 @@ RUN touch src/main.rs # hadolint ignore=DL3059 RUN cargo build --features ${DB} --release --target=arm-unknown-linux-gnueabi +# Create a special empty file which we check within the application. +# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. +# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` +# This file should disappear if a volume is mounted on-top of this using a docker volume. +# We run this in the build image and copy it over, because the runtime image could be missing some executables. +# hadolint ignore=DL3059 +RUN touch /vaultwarden_docker_persistent_volume_check + ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built @@ -141,16 +149,11 @@ VOLUME /data EXPOSE 80 EXPOSE 3012 -# Create a special empty file which we check within the application. -# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. -# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` -# This file should disappear if a volume is mounted on-top of this using a docker volume. -RUN touch /data/vaultwarden_docker_persistent_volume_check - # Copies the files from the context (Rocket.toml file and web-vault) # and the binary from the "build" stage to the current stage WORKDIR / COPY --from=vault /web-vault ./web-vault +COPY --from=build /vaultwarden_docker_persistent_volume_check /data/vaultwarden_docker_persistent_volume_check COPY --from=build /app/target/arm-unknown-linux-gnueabi/release/vaultwarden . COPY docker/healthcheck.sh /healthcheck.sh diff --git a/docker/armv6/Dockerfile.alpine b/docker/armv6/Dockerfile.alpine @@ -80,6 +80,14 @@ RUN touch src/main.rs # hadolint ignore=DL3059 RUN cargo build --features ${DB} --release --target=arm-unknown-linux-musleabi +# Create a special empty file which we check within the application. +# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. +# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` +# This file should disappear if a volume is mounted on-top of this using a docker volume. +# We run this in the build image and copy it over, because the runtime image could be missing some executables. +# hadolint ignore=DL3059 +RUN touch /vaultwarden_docker_persistent_volume_check + ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built @@ -110,16 +118,11 @@ VOLUME /data EXPOSE 80 EXPOSE 3012 -# Create a special empty file which we check within the application. -# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. -# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` -# This file should disappear if a volume is mounted on-top of this using a docker volume. -RUN touch /data/vaultwarden_docker_persistent_volume_check - # Copies the files from the context (Rocket.toml file and web-vault) # and the binary from the "build" stage to the current stage WORKDIR / COPY --from=vault /web-vault ./web-vault +COPY --from=build /vaultwarden_docker_persistent_volume_check /data/vaultwarden_docker_persistent_volume_check COPY --from=build /app/target/arm-unknown-linux-musleabi/release/vaultwarden . COPY docker/healthcheck.sh /healthcheck.sh diff --git a/docker/armv6/Dockerfile.buildx b/docker/armv6/Dockerfile.buildx @@ -104,6 +104,14 @@ RUN touch src/main.rs # hadolint ignore=DL3059 RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry cargo build --features ${DB} --release --target=arm-unknown-linux-gnueabi +# Create a special empty file which we check within the application. +# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. +# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` +# This file should disappear if a volume is mounted on-top of this using a docker volume. +# We run this in the build image and copy it over, because the runtime image could be missing some executables. +# hadolint ignore=DL3059 +RUN touch /vaultwarden_docker_persistent_volume_check + ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built @@ -141,16 +149,11 @@ VOLUME /data EXPOSE 80 EXPOSE 3012 -# Create a special empty file which we check within the application. -# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. -# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` -# This file should disappear if a volume is mounted on-top of this using a docker volume. -RUN touch /data/vaultwarden_docker_persistent_volume_check - # Copies the files from the context (Rocket.toml file and web-vault) # and the binary from the "build" stage to the current stage WORKDIR / COPY --from=vault /web-vault ./web-vault +COPY --from=build /vaultwarden_docker_persistent_volume_check /data/vaultwarden_docker_persistent_volume_check COPY --from=build /app/target/arm-unknown-linux-gnueabi/release/vaultwarden . COPY docker/healthcheck.sh /healthcheck.sh diff --git a/docker/armv6/Dockerfile.buildx.alpine b/docker/armv6/Dockerfile.buildx.alpine @@ -80,6 +80,14 @@ RUN touch src/main.rs # hadolint ignore=DL3059 RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry cargo build --features ${DB} --release --target=arm-unknown-linux-musleabi +# Create a special empty file which we check within the application. +# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. +# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` +# This file should disappear if a volume is mounted on-top of this using a docker volume. +# We run this in the build image and copy it over, because the runtime image could be missing some executables. +# hadolint ignore=DL3059 +RUN touch /vaultwarden_docker_persistent_volume_check + ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built @@ -110,16 +118,11 @@ VOLUME /data EXPOSE 80 EXPOSE 3012 -# Create a special empty file which we check within the application. -# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. -# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` -# This file should disappear if a volume is mounted on-top of this using a docker volume. -RUN touch /data/vaultwarden_docker_persistent_volume_check - # Copies the files from the context (Rocket.toml file and web-vault) # and the binary from the "build" stage to the current stage WORKDIR / COPY --from=vault /web-vault ./web-vault +COPY --from=build /vaultwarden_docker_persistent_volume_check /data/vaultwarden_docker_persistent_volume_check COPY --from=build /app/target/arm-unknown-linux-musleabi/release/vaultwarden . COPY docker/healthcheck.sh /healthcheck.sh diff --git a/docker/armv7/Dockerfile b/docker/armv7/Dockerfile @@ -104,6 +104,14 @@ RUN touch src/main.rs # hadolint ignore=DL3059 RUN cargo build --features ${DB} --release --target=armv7-unknown-linux-gnueabihf +# Create a special empty file which we check within the application. +# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. +# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` +# This file should disappear if a volume is mounted on-top of this using a docker volume. +# We run this in the build image and copy it over, because the runtime image could be missing some executables. +# hadolint ignore=DL3059 +RUN touch /vaultwarden_docker_persistent_volume_check + ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built @@ -136,16 +144,11 @@ VOLUME /data EXPOSE 80 EXPOSE 3012 -# Create a special empty file which we check within the application. -# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. -# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` -# This file should disappear if a volume is mounted on-top of this using a docker volume. -RUN touch /data/vaultwarden_docker_persistent_volume_check - # Copies the files from the context (Rocket.toml file and web-vault) # and the binary from the "build" stage to the current stage WORKDIR / COPY --from=vault /web-vault ./web-vault +COPY --from=build /vaultwarden_docker_persistent_volume_check /data/vaultwarden_docker_persistent_volume_check COPY --from=build /app/target/armv7-unknown-linux-gnueabihf/release/vaultwarden . COPY docker/healthcheck.sh /healthcheck.sh diff --git a/docker/armv7/Dockerfile.alpine b/docker/armv7/Dockerfile.alpine @@ -78,6 +78,14 @@ RUN touch src/main.rs # hadolint ignore=DL3059 RUN cargo build --features ${DB} --release --target=armv7-unknown-linux-musleabihf +# Create a special empty file which we check within the application. +# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. +# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` +# This file should disappear if a volume is mounted on-top of this using a docker volume. +# We run this in the build image and copy it over, because the runtime image could be missing some executables. +# hadolint ignore=DL3059 +RUN touch /vaultwarden_docker_persistent_volume_check + ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built @@ -108,16 +116,11 @@ VOLUME /data EXPOSE 80 EXPOSE 3012 -# Create a special empty file which we check within the application. -# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. -# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` -# This file should disappear if a volume is mounted on-top of this using a docker volume. -RUN touch /data/vaultwarden_docker_persistent_volume_check - # Copies the files from the context (Rocket.toml file and web-vault) # and the binary from the "build" stage to the current stage WORKDIR / COPY --from=vault /web-vault ./web-vault +COPY --from=build /vaultwarden_docker_persistent_volume_check /data/vaultwarden_docker_persistent_volume_check COPY --from=build /app/target/armv7-unknown-linux-musleabihf/release/vaultwarden . COPY docker/healthcheck.sh /healthcheck.sh diff --git a/docker/armv7/Dockerfile.buildx b/docker/armv7/Dockerfile.buildx @@ -104,6 +104,14 @@ RUN touch src/main.rs # hadolint ignore=DL3059 RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry cargo build --features ${DB} --release --target=armv7-unknown-linux-gnueabihf +# Create a special empty file which we check within the application. +# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. +# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` +# This file should disappear if a volume is mounted on-top of this using a docker volume. +# We run this in the build image and copy it over, because the runtime image could be missing some executables. +# hadolint ignore=DL3059 +RUN touch /vaultwarden_docker_persistent_volume_check + ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built @@ -136,16 +144,11 @@ VOLUME /data EXPOSE 80 EXPOSE 3012 -# Create a special empty file which we check within the application. -# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. -# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` -# This file should disappear if a volume is mounted on-top of this using a docker volume. -RUN touch /data/vaultwarden_docker_persistent_volume_check - # Copies the files from the context (Rocket.toml file and web-vault) # and the binary from the "build" stage to the current stage WORKDIR / COPY --from=vault /web-vault ./web-vault +COPY --from=build /vaultwarden_docker_persistent_volume_check /data/vaultwarden_docker_persistent_volume_check COPY --from=build /app/target/armv7-unknown-linux-gnueabihf/release/vaultwarden . COPY docker/healthcheck.sh /healthcheck.sh diff --git a/docker/armv7/Dockerfile.buildx.alpine b/docker/armv7/Dockerfile.buildx.alpine @@ -78,6 +78,14 @@ RUN touch src/main.rs # hadolint ignore=DL3059 RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry cargo build --features ${DB} --release --target=armv7-unknown-linux-musleabihf +# Create a special empty file which we check within the application. +# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. +# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` +# This file should disappear if a volume is mounted on-top of this using a docker volume. +# We run this in the build image and copy it over, because the runtime image could be missing some executables. +# hadolint ignore=DL3059 +RUN touch /vaultwarden_docker_persistent_volume_check + ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built @@ -108,16 +116,11 @@ VOLUME /data EXPOSE 80 EXPOSE 3012 -# Create a special empty file which we check within the application. -# If this file exists, then we exit Vaultwarden to prevent data loss when someone forgets to use volumes. -# If you really really want to use volatile storage you can set the env `I_REALLY_WANT_VOLATILE_STORAGE=true` -# This file should disappear if a volume is mounted on-top of this using a docker volume. -RUN touch /data/vaultwarden_docker_persistent_volume_check - # Copies the files from the context (Rocket.toml file and web-vault) # and the binary from the "build" stage to the current stage WORKDIR / COPY --from=vault /web-vault ./web-vault +COPY --from=build /vaultwarden_docker_persistent_volume_check /data/vaultwarden_docker_persistent_volume_check COPY --from=build /app/target/armv7-unknown-linux-musleabihf/release/vaultwarden . COPY docker/healthcheck.sh /healthcheck.sh