freenet-core icon indicating copy to clipboard operation
freenet-core copied to clipboard
verified publisher icon freenet

Docker Image Premade

Open Merith-TK opened this issue 8 months ago • 3 comments

https://git.merith.xyz/oci/freenet

I made one, Freenet is explicitly granted permission to repurpose and reuse my work.

The entrypoint has the following logic.

ensure directories

am I root?
  no: run freenet as is
  yes: is ENV:RUN_USER set?
    no: run freenet as root
    yes:
      create `freenetuser` as RUN_USER `uid:gid` 
      force set ownership of data and config directories to `freenetuser`, 
      run freenet

you may choose to remove the .forgejo folder, it is purely just templating for my OCI setup to automatically build container images off main branch, should work on github commit results in a new build tagged as git-hash and nightly, nightly is considered the source build tag results in a new "release" build tagged as latest and whatever the tag was,

Merith-TK avatar Apr 21 '25 21:04 Merith-TK

We had a PR to update our docker setup, does this resolve the problem you were trying to fix?

sanity avatar Apr 26 '25 14:04 sanity

Not quite, but kindof.

check out my docker file, I use a staged "builder" and "runner" setup which results in a far smaller docker image, plus I use a dedicated rust-builder docker container as the base to shorten build times and simplify setup.

My image, when combined with the entrypoint file, it functions regardless of which user it is ran as,

# Stage 1: Builder
FROM rust:slim-bookworm AS builder

# Install system dependencies
RUN apt-get update && \
    apt-get install -y --no-install-recommends \
      git \
      clang \
      llvm \
      libclang-dev \
      libssl-dev \
      pkg-config \
      ca-certificates \
    && rm -rf /var/lib/apt/lists/*

# First clone without submodules
WORKDIR /src
RUN git clone --depth 1 https://github.com/freenet/freenet-core.git freenet

# Change submodule URLs from SSH to HTTPS
WORKDIR /src/freenet
RUN sed -i 's|[email protected]:|https://github.com/|' .gitmodules && \
    git submodule sync && \
    git submodule update --init --recursive

# Build the core crate (correct package specification)
WORKDIR /src/freenet/crates/core
RUN cargo build --release 

# Stage 2: Runner
FROM debian:bookworm-slim
RUN apt-get update && \
    apt-get install -y --no-install-recommends \
      ca-certificates \
      gosu \
    && rm -rf /var/lib/apt/lists/*

# Create default non-root user
RUN useradd -m -u 1000 -s /bin/bash freenetuser && \
    mkdir -p /data && \
    chown freenetuser:freenetuser /data

# Copy binary and entrypoint
COPY --from=builder /src/freenet/target/release/freenet /usr/local/bin/
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh

# Environment variables
ENV DATA_DIR="/data/data" \
    CONFIG_DIR="/data/config"

VOLUME ["/data"]
ENTRYPOINT ["/entrypoint.sh"]
CMD ["freenet"]

Merith-TK avatar Apr 26 '25 23:04 Merith-TK

🤖 Relabeled for consistency

Applied labels:

  • T-feature
  • E-easy
  • A-developer-xp
  • S-waiting-feedback

Reasoning: The user is offering a prebuilt Docker/OCI image and permissions to reuse it, which is a contribution to add container distribution/support (a new feature). Integration appears low-effort (templated CI/builds provided) and relates to developer experience/CI, so mark as feature, medium priority, easy effort, and awaiting maintainer feedback/acceptance.

Previous labels: ``

sanity avatar Oct 27 '25 02:10 sanity