Dockerfile 1.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778
  1. FROM golang as server-build-stage
  2. ENV CGO_ENABLED=0 GOOS=linux
  3. WORKDIR /go/src/cwtch.im/cwtch
  4. COPY . .
  5. RUN go get -d -v ./...
  6. #RUN go install -v ./...
  7. WORKDIR /go/src/cwtch.im/cwtch/server/app/
  8. RUN go build -ldflags "-extldflags '-static'"
  9. #----------------------------------------------
  10. FROM alpine:latest as tor-build-stage
  11. # Install prerequisites
  12. RUN apk --no-cache add --update \
  13. gnupg \
  14. build-base \
  15. libevent \
  16. libevent-dev \
  17. libressl \
  18. libressl-dev \
  19. xz-libs \
  20. xz-dev \
  21. zlib \
  22. zlib-dev \
  23. zstd \
  24. zstd-dev \
  25. && wget -q https://www.torproject.org/dist/tor-0.3.5.3-alpha.tar.gz \
  26. && tar xf tor-0.3.5.3-alpha.tar.gz \
  27. && cd tor-0.3.5.3-alpha \
  28. && ./configure \
  29. && make install \
  30. && ls -R /usr/local/
  31. FROM alpine:latest
  32. MAINTAINER Ablative Hosting <support@ablative.hosting>
  33. #BSD habits die hard
  34. ENV TOR_USER=_tor
  35. # Installing dependencies of Tor and pwgen
  36. RUN apk --no-cache add --update \
  37. libevent \
  38. libressl \
  39. xz-libs \
  40. zlib \
  41. zstd \
  42. zstd-dev \
  43. pwgen
  44. # Copy Tor
  45. COPY --from=tor-build-stage /usr/local/ /usr/local/
  46. # Create an unprivileged tor user
  47. RUN addgroup -S $TOR_USER && adduser -G $TOR_USER -S $TOR_USER && adduser -G _tor -S cwtchd && mkdir /run/tor
  48. # Copy Tor configuration file
  49. COPY ./server/docker/torrc /etc/tor/torrc
  50. # Copy docker-entrypoint
  51. COPY ./server/docker/docker-entrypoint /usr/local/bin/
  52. # Copy across cwtch
  53. COPY --from=server-build-stage /go/src/cwtch.im/cwtch/server/app/app /usr/local/bin/cwtch_server
  54. # Persist data
  55. VOLUME /etc/tor /var/lib/tor /etc/cwtch
  56. ENTRYPOINT ["docker-entrypoint"]
  57. #cwtchd is in the _tor group so can access the socket but that's it
  58. #USER cwtchd
  59. #Launches the cwtchd daemon
  60. CMD ["/usr/local/bin/cwtch_server"]