docker/Dockerfile at master · notnite.com/core

notnite.com / core
this repo has no description
core / docker / Dockerfile
at master 1.7 kB view raw
 1FROM docker.io/golang:1.24-alpine3.21 AS build
 2
 3ENV CGO_ENABLED=1
 4
 5RUN apk add --no-cache gcc musl-dev
 6
 7WORKDIR /usr/src/app
 8
 9COPY go.mod go.sum ./
10RUN go mod download
11
12COPY . .
13RUN go build -v \
14    -o /usr/local/bin/knotserver \
15    -ldflags='-s -w -extldflags "-static"' \
16    ./cmd/knotserver && \
17    go build -v \
18    -o /usr/local/bin/keyfetch \
19    ./cmd/keyfetch && \
20    go build -v \
21    -o /usr/local/bin/repoguard \
22    ./cmd/repoguard
23
24FROM docker.io/alpine:3.21
25
26LABEL org.opencontainers.image.title=Tangled
27LABEL org.opencontainers.image.description="Tangled is a decentralized and open code collaboration platform, built on atproto."
28LABEL org.opencontainers.image.vendor=Tangled.sh
29LABEL org.opencontainers.image.licenses=MIT
30LABEL org.opencontainers.image.url=https://tangled.sh
31LABEL org.opencontainers.image.source=https://tangled.sh/@tangled.sh/core
32
33RUN apk add --no-cache shadow s6-overlay execline openssh git && \
34    adduser --disabled-password git && \
35    # We need to set password anyway since otherwise ssh won't work
36    head -c 32 /dev/random | base64 | tr -dc 'a-zA-Z0-9' | passwd git --stdin && \
37    mkdir /app && mkdir /home/git/repositories
38
39COPY --from=build /usr/local/bin/knotserver /usr/local/bin
40COPY --from=build /usr/local/bin/keyfetch /usr/local/libexec/tangled-keyfetch
41COPY --from=build /usr/local/bin/repoguard /home/git/repoguard
42COPY docker/rootfs/ .
43
44RUN chown root:root /usr/local/libexec/tangled-keyfetch && \
45    chmod 755 /usr/local/libexec/tangled-keyfetch && \
46    chown git:git /home/git/repoguard && \
47    chown git:git /app && chown git:git /home/git/repositories
48
49EXPOSE 22
50EXPOSE 5555
51
52ENTRYPOINT ["/init"]