-
Notifications
You must be signed in to change notification settings - Fork 67
/
Copy pathDockerfile
109 lines (93 loc) · 3.4 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
# Copyright 2020 Wayback Archiver. All rights reserved.
# Use of this source code is governed by the GNU GPL v3
# license that can be found in the LICENSE file.
#
# syntax=docker/dockerfile:1.2
ARG GO_VERSION=1.22
FROM --platform=$BUILDPLATFORM golang:${GO_VERSION}-alpine AS builder
COPY --from=tonistiigi/xx:golang / /
RUN apk add --no-cache -U build-base ca-certificates linux-headers musl-dev git tar
ARG TARGETPLATFORM
ARG WAYBACK_IPFS_TARGET
ARG WAYBACK_IPFS_APIKEY
ARG WAYBACK_IPFS_SECRET
WORKDIR /src
ENV WAYBACK_IPFS_TARGET ${WAYBACK_IPFS_TARGET}
ENV WAYBACK_IPFS_APIKEY ${WAYBACK_IPFS_APIKEY}
ENV WAYBACK_IPFS_SECRET ${WAYBACK_IPFS_SECRET}
COPY . .
RUN --mount=type=bind,target=/src,rw \
--mount=type=cache,target=/root/.cache/go-build \
--mount=type=cache,target=/go/pkg/mod \
sh ./build/binary.sh $TARGETPLATFORM \
&& rm -rf .build/binary/wayback-* \
&& mv ./build/binary/wayback-* /wayback
# Application layer
FROM alpine:3.17
LABEL org.wabarc.homepage="http://github.com/wabarc" \
org.wabarc.repository="http://github.com/wabarc/wayback" \
org.opencontainers.image.title=wayback \
org.opencontainers.image.description="A toolkit for snapshot webpage to Internet Archive, archive.today, IPFS and beyond" \
org.opencontainers.image.url=https://wabarc.eu.org \
org.opencontainers.image.licenses=GPLv3 \
org.opencontainers.image.source="https://github.com/wabarc/wayback"
ARG TOR_EXCLUDE_NODE="{cn},{hk},{mo},{sg},{th},{pk},{by},{ru},{ir},{sy},{vn},{ph},{my},{cu}"
ARG TOR_EXCLUDE_EXIT_NODE="{cn},{hk},{mo},{sg},{kp},{th},{pk},{by},{ru},{ir},{sy},{vn},{ph},{my},{cu},{au},{ca},{nz},{gb},{us},{fr},{dk},{nl},{no},{be},{de},{it},{es}"
ENV BASE_DIR /wayback
ENV PUSER wayback
ENV PGROUP wayback
ENV LANG en_US.UTF-8
ENV LC_ALL en_US.UTF-8
ENV LANGUAGE en_US.UTF-8
WORKDIR $BASE_DIR
RUN set -o pipefail; \
addgroup --system "${PGROUP}"; \
adduser --system --no-create-home --disabled-password \
--gecos '' --home "${BASE_DIR}" --ingroup "${PGROUP}" "${PUSER}"; \
chown -R "${PUSER}:${PGROUP}" "${BASE_DIR}"; \
chmod -R g+w "${BASE_DIR}"
COPY --from=builder /wayback /usr/local/bin
RUN set -o pipefail; \
apk add --no-cache -U ca-certificates libressl wget tor; \
rm -rf /var/cache/apk/*; \
\
cp /etc/tor/torrc.sample /etc/tor/torrc; \
#echo "ExcludeNodes ${TOR_EXCLUDE_NODE}" >> /etc/tor/torrc; \
#echo "ExcludeExitNodes ${TOR_EXCLUDE_EXIT_NODE}" >> /etc/tor/torrc; \
#echo 'StrictNodes 1' >> /etc/tor/torrc; \
echo 'SocksPort 9050' >> /etc/tor/torrc; \
echo 'ExitRelay 0' >> /etc/tor/torrc; \
echo 'LongLivedPorts 8964' >> /etc/tor/torrc; \
echo 'User tor' >> /etc/tor/torrc; \
chown tor:nogroup /var/lib/tor/ /var/log/tor/; \
chmod 700 /var/lib/tor
EXPOSE 8964
# Trigger on downstream build, only support for docker,
# add flag `--format=docker` if using podman.
# Ref: https://wiki.alpinelinux.org/wiki/Fonts
ONBUILD RUN set -o pipefail; \
apk add --no-cache -U \
chromium \
dbus \
dumb-init \
ffmpeg \
freetype \
libstdc++ \
harfbuzz \
nss \
you-get \
rtmpdump \
youtube-dl \
libwebp-tools \
ttf-freefont \
ttf-font-awesome \
font-noto \
font-noto-arabic \
font-noto-emoji \
font-noto-cjk \
font-noto-extra \
font-noto-lao \
font-noto-myanmar \
font-noto-thai \
font-noto-tibetan; \
rm -rf /var/cache/apk/* /tmp/* /var/tmp/*