syncthing-relay-discovery icon indicating copy to clipboard operation
syncthing-relay-discovery copied to clipboard

Published 20 hours ago verified publisher icon t4skforce

Suggestion: Alpine version

Open orangelynx opened this issue 5 years ago • 1 comments

I'd be happy to see alpine versions of your syncthing related projects, because Alpine's base image is much much more lightweight and I don't think it lacks anything debian would offer for this usecase.

orangelynx avatar May 09 '19 14:05 orangelynx

Hey thanks for all your hard work in creating this dockerfile. It took me about a day to figure things out how to use and configure this image with a reverse proxy, but it looks like things are working. I then took your file and tried to modify it to use alpine linux to see how much smaller I could make it. My debian docker image was 207Mb were as my alpine image was 38.9Mb.

I'm posting my Dockerfile below. I took your Dockerfile as a starting point and tried to almost exactly replicate it but just substitute in the Alpine Linux specific parts. The file is below.

Just some thoughts. In my alpine image I included packages: curl, openssl, ca-certificates bash shadow

I see that your openssl is used to generate a password for the discosrv user within the container. Does a password really need to be generated for this user??

I don't know if I actually require the bash shell in my image, and it password is not needed I don't need shadow either.

Anyway here is my Dockerfile:

FROM alpine:latest
################################
#           Settings           #
################################
# Syncthing-Discovery Server

ENV SERV_PORT 8443
ENV DISCO_OPTS "-http"

################################
#            Setup             #
################################
ENV BUILD_REQUIREMENTS curl openssl
ENV REQUIREMENTS ca-certificates bash shadow
ENV PUID 6000
ENV PGID 6000
ENV USER_HOME /home/discosrv
ENV USERNAME discosrv
ENV USERGROUP discosrv
################################

###############################
#           Build             #
###############################
ARG VERSION v1.18.1
#ARG DOWNLOAD="https://github.com/syncthing/discosrv/releases/download/${VERSION}/stdiscosrv-linux-amd64-v1.18.1.tar.gz"
ARG DOWNLOADURL="https://github.com/syncthing/discosrv/releases/download/v1.18.1/stdiscosrv-linux-amd64-v1.18.1.tar.gz"
###############################

USER root

# setup
SHELL ["/bin/sh", "-c"]
RUN apk update \
        && apk add --no-cache ${BUILD_REQUIREMENTS} ${REQUIREMENTS} \
        && mkdir -p ${USER_HOME} \
        && addgroup -S -g ${PGID} ${USERGROUP} \
        && adduser \
           --disabled-password \
           --gecos "" \
           --home ${USER_HOME} \
           --ingroup ${USERGROUP} \
           --uid ${PUID} \
           ${USERNAME} \
        && echo "${USERNAME}:$(openssl rand 512 | openssl sha256 | awk '{print $2}')" | chpasswd \
        && chown -R ${USERNAME}:${USERGROUP} ${USER_HOME}

EXPOSE ${SERV_PORT}

HEALTHCHECK --interval=1m --timeout=10s \
  CMD nc -z localhost 8443 || exit 1

# install disco
WORKDIR /tmp/
RUN curl -Ls ${DOWNLOADURL} --output discosrv.tar.gz \
  && tar -zxf discosrv.tar.gz \
  && rm discosrv.tar.gz \
  && mkdir -p ${USER_HOME}/server ${USER_HOME}/certs ${USER_HOME}/db \
  && cp /tmp/*discosrv*/*discosrv ${USER_HOME}/server/discosrv \
  && chown -R ${USERNAME}:${USERGROUP} ${USER_HOME}

# cleanup
RUN apk del ${BUILD_REQUIREMENTS} \
  && rm -rf /var/cache/apk/* \
  && rm -rf /tmp/*

USER ${USERNAME}
VOLUME ${USER_HOME}/certs

CMD ${USER_HOME}/server/discosrv \
    ${DISCO_OPTS} \
    -listen=":${SERV_PORT}" \
    -db-dir="${USER_HOME}/db/discosrv.db" \
    -cert="${USER_HOME}/certs/cert.pem" \
    -key="${USER_HOME}/certs/key.pem"

kevdogg avatar Oct 10 '21 05:10 kevdogg