From 4bfbc2cdfd9b5703793f46d69f0521d55325c59d Mon Sep 17 00:00:00 2001 From: Cameron Garnham Date: Fri, 25 Aug 2023 22:41:11 +0200 Subject: [PATCH] dev: more docker work --- Dockerfile | 24 +++++++++++++++--------- compose.yaml | 15 +++++---------- docker/bin/build.sh | 17 +++++++++-------- docker/bin/run-local-image.sh | 6 +++--- docker/bin/run-public-image.sh | 4 ++-- 5 files changed, 34 insertions(+), 32 deletions(-) diff --git a/Dockerfile b/Dockerfile index bde1e204b..81c4fcca4 100644 --- a/Dockerfile +++ b/Dockerfile @@ -82,7 +82,7 @@ RUN cargo nextest run --workspace-remap /test/src/ --extract-to /test/src/ --no- RUN cargo nextest run --workspace-remap /test/src/ --target-dir-remap /test/src/target/ --cargo-metadata /test/src/target/nextest/cargo-metadata.json --binaries-metadata /test/src/target/nextest/binaries-metadata.json RUN mkdir -p /app/bin/; cp -l /test/src/target/release/torrust-tracker /app/bin/torrust-tracker -RUN mkdir /app/lib/; cp -l $(realpath $(ldd /app/bin/torrust-tracker | grep "libz\.so\.1" | awk '{print $3}')) /app/lib/libz.so.1 +RUN mkdir -p /app/lib/; cp -l $(realpath $(ldd /app/bin/torrust-tracker | grep "libz\.so\.1" | awk '{print $3}')) /app/lib/libz.so.1 RUN chown -R root:root /app RUN chmod -R u=rw,go=r,a+X /app @@ -90,19 +90,17 @@ RUN chmod -R a+x /app/bin ## Torrust-Tracker (debug) -FROM gcr.io/distroless/cc:debug as tracker_debug +FROM gcr.io/distroless/cc:debug as debug RUN ["/busybox/cp", "-sp", "/busybox/sh", "/bin/sh"] ENV ENV=/etc/profile ARG USER_ID=1000 -ARG USER_NAME=appuser ARG UDP_PORT=6969 ARG HTTP_PORT=7070 ARG API_PORT=1212 ENV USER_ID=${USER_ID} -ENV USER_NAME=${USER_NAME} ENV UDP_PORT=${UDP_PORT} ENV HTTP_PORT=${HTTP_PORT} ENV API_PORT=${API_PORT} @@ -117,21 +115,24 @@ COPY --from=test_debug /app/ /usr/ RUN printf "\n in debug mode \n \n run 'exec /usr/bin/torrust-tracker' (debug build) to start tracker \n \n" > /etc/motd RUN echo '[ ! -z "$TERM" -a -r /etc/motd ] && cat /etc/motd' >> /etc/profile -WORKDIR /home/${USER_NAME} -RUN adduser --disabled-password --uid "${USER_ID}" "${USER_NAME}" -USER "${USER_NAME}":"${USER_NAME}" +WORKDIR /home/torrust +RUN adduser --disabled-password --uid "${USER_ID}" "torrust" +RUN mkdir -p /var/lib/torrust; chown -R "${USER_ID}":"${USER_ID}" /var/lib/torrust; chmod -R 2775 /var/lib/torrust +USER "torrust":"torrust" RUN env ## Torrust-Tracker (release) (default) -FROM gcr.io/distroless/cc:nonroot as tracker +FROM gcr.io/distroless/cc:latest as release COPY --from=gcr.io/distroless/cc:debug /busybox/wget /usr/bin/wget COPY --from=test /app/ /usr/ +ARG USER_ID=1000 ARG UDP_PORT=6969 ARG HTTP_PORT=7070 ARG API_PORT=1212 +ENV USER_ID=${USER_ID} ENV UDP_PORT=${UDP_PORT} ENV HTTP_PORT=${HTTP_PORT} ENV API_PORT=${API_PORT} @@ -141,6 +142,11 @@ EXPOSE ${UDP_PORT}/udp EXPOSE ${HTTP_PORT}/tcp EXPOSE ${API_PORT}/tcp -# HEALTHCHECK ["/usr/bin/wget", "--no-verbose", "--tries=1", "--spider", "localhost:${API_PORT}/version"] +# HEALTHCHECK CMD ["/usr/bin/wget", "--no-verbose", "--tries=1", "--spider", "localhost:${API_PORT}/version"] + +WORKDIR /home/torrust +RUN adduser --disabled-password --uid "${USER_ID}" "torrust" +RUN mkdir -p /var/lib/torrust; chown -R "${USER_ID}":"${USER_ID}" /var/lib/torrust; chmod -R 2775 /var/lib/torrust +USER "torrust":"torrust" CMD ["/usr/bin/torrust-tracker"] diff --git a/compose.yaml b/compose.yaml index 5007d7f71..98444522f 100644 --- a/compose.yaml +++ b/compose.yaml @@ -2,15 +2,11 @@ name: torrust services: tracker: - pull_policy: missing - image: torrust-tracker:local - # build: - # context: . - # tags: - # - torrust-tracker:local - - user: ${USER_UID:-1000}:${USER_UID:-1000} + image: torrust-tracker:debug tty: true + environment: + - TORRUST_TRACKER_CONFIG=${TORRUST_TRACKER_CONFIG} + - TORRUST_TRACKER_API_TOKEN=${TORRUST_TRACKER_API_TOKEN:-MyAccessToken} networks: - server_side ports: @@ -18,8 +14,7 @@ services: - 7070:7070 - 1212:1212 volumes: - - ./:/app/src - - ./storage:/app/storage + - ./storage:/var/lib/torrust/tracker depends_on: - mysql diff --git a/docker/bin/build.sh b/docker/bin/build.sh index d77d1ad34..7776142d0 100755 --- a/docker/bin/build.sh +++ b/docker/bin/build.sh @@ -1,13 +1,14 @@ #!/bin/bash -TORRUST_TRACKER_USER_UID=${TORRUST_TRACKER_USER_UID:-1000} -TORRUST_TRACKER_RUN_AS_USER=${TORRUST_TRACKER_RUN_AS_USER:-appuser} +CURRENT_USER_NAME=$(whoami) +CURRENT_USER_ID=$(id -u) +echo "User name: $CURRENT_USER_NAME" +echo "User id: $CURRENT_USER_ID" + +USER_ID=$CURRENT_USER_ID +export USER_ID + echo "Building docker image ..." -echo "TORRUST_TRACKER_USER_UID: $TORRUST_TRACKER_USER_UID" -echo "TORRUST_TRACKER_RUN_AS_USER: $TORRUST_TRACKER_RUN_AS_USER" -docker build \ - --build-arg UID="$TORRUST_TRACKER_USER_UID" \ - --build-arg RUN_AS_USER="$TORRUST_TRACKER_RUN_AS_USER" \ - -t torrust-tracker . +docker build --target debug --tag torrust-tracker:debug . diff --git a/docker/bin/run-local-image.sh b/docker/bin/run-local-image.sh index 86465baeb..133ba4514 100755 --- a/docker/bin/run-local-image.sh +++ b/docker/bin/run-local-image.sh @@ -1,13 +1,13 @@ #!/bin/bash -TORRUST_TRACKER_USER_UID=${TORRUST_TRACKER_USER_UID:-1000} TORRUST_TRACKER_CONFIG=$(cat config.toml) docker run -it \ - --user="$TORRUST_TRACKER_USER_UID" \ + --user="$(whoami)" \ --publish 6969:6969/udp \ --publish 7070:7070/tcp \ --publish 1212:1212/tcp \ --env TORRUST_TRACKER_CONFIG="$TORRUST_TRACKER_CONFIG" \ --volume "$(pwd)/storage":"/app/storage" \ - torrust-tracker + --entrypoint torrust-tracker \ + torrust-tracker:debug diff --git a/docker/bin/run-public-image.sh b/docker/bin/run-public-image.sh index 50407f91b..8573cef71 100755 --- a/docker/bin/run-public-image.sh +++ b/docker/bin/run-public-image.sh @@ -1,13 +1,13 @@ #!/bin/bash -TORRUST_TRACKER_USER_UID=${TORRUST_TRACKER_USER_UID:-1000} TORRUST_TRACKER_CONFIG=$(cat config.toml) docker run -it \ - --user="$TORRUST_TRACKER_USER_UID" \ + --user="$(whoami)" \ --publish 6969:6969/udp \ --publish 7070:7070/tcp \ --publish 1212:1212/tcp \ --env TORRUST_TRACKER_CONFIG="$TORRUST_TRACKER_CONFIG" \ --volume "$(pwd)/storage":"/app/storage" \ + --entrypoint torrust-tracker \ torrust/tracker \ No newline at end of file