aboutsummaryrefslogtreecommitdiff
path: root/ci/container/Dockerfile
diff options
context:
space:
mode:
Diffstat (limited to 'ci/container/Dockerfile')
-rw-r--r--ci/container/Dockerfile100
1 files changed, 100 insertions, 0 deletions
diff --git a/ci/container/Dockerfile b/ci/container/Dockerfile
new file mode 100644
index 0000000..8e6a11e
--- /dev/null
+++ b/ci/container/Dockerfile
@@ -0,0 +1,100 @@
+#Copyright (c) Vaughn Nugent
+#Licensed under the GNU AGPL V3.0
+
+#use plain alpine latest to build native libraries in
+FROM alpine:3.19 as native-cont
+
+#install public libs and build tools
+RUN apk update && apk add --no-cache build-base cmake npm git openssl
+#most universal way to use Task is from NPM
+RUN npm install -g @go-task/cli
+
+WORKDIR /build
+
+#include local artifacts
+COPY app/ .
+
+#build internal libraries and copy the libraries to the /lib output directory
+RUN mkdir out/ ssl/
+RUN task build-libs
+
+#APP CONTAINER
+#move into a clean dotnet apline lean image
+FROM mcr.microsoft.com/dotnet/runtime:8.0.3-alpine3.19-amd64 as app-cont
+
+LABEL name="vnuge/cmnext"
+LABEL maintainer="Vaughn Nugent <vnpublic@proton.me>"
+LABEL description="A dead-simple, multi-channel cms for your blog or podcast built for static storage like S3 or FTP"
+
+#copy local artifacts again in run container
+COPY app/ /app
+
+#pull compiled libs from build container
+COPY --from=native-cont /build/out /app/lib
+#copy self signed ssl certs for first startup
+COPY --from=native-cont /build/ssl /app/ssl
+
+RUN apk update && apk add --no-cache gettext icu-libs dumb-init
+
+#workdir
+WORKDIR /app
+
+#default to 8080 for TLS on TCP
+EXPOSE 8080/tcp
+
+VOLUME /app/data \
+ /app/ssl \
+#expose an assets directory for custom assets install
+ /app/usr/assets
+
+#disable dotnet invariant culture on alpine
+ENV DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=0
+
+#add helper/required libraries
+#ENV VNLIB_SHARED_HEAP_FILE_PATH=/app/lib/libvn_rpmalloc.so not ready yet, still need to debug
+ENV VNLIB_ARGON2_DLL_PATH=/app/lib/libargon2.so
+
+#set default env variables
+ENV MAX_CONTENT_LENGTH=204800000 \
+ REG_TOKEN_DURATION_MIN=360
+
+#SQL Config
+ENV SQL_LIB_PATH=VNLib.Plugins.Extensions.Sql.SQLite.dll
+ENV SQL_CONNECTION_STRING="Data Source=data/cmnext.db;"
+
+#ACCOUNTS
+ENV MAX_LOGIN_ATTEMPS=10
+
+#HC Vault
+ENV HC_VAULT_ADDR="" \
+ HC_VAULT_TOKEN="" \
+ HC_VAULT_TRUST_CERT=false
+
+#VNCACHE (default to memory only)
+ENV CACHE_ASM_PATH=VNLib.Data.Caching.Providers.VNCache.dll \
+ MEMCACHE_ONLY=true \
+ REDIS_CONNECTION_STRING="" \
+ VNCACHE_INITIAL_NODES=[]
+
+#SECRETS
+ENV PASSWORD_PEPPER="" \
+ DATABASE_PASSWORD="" \
+ REDIS_PASSWORD="" \
+ VNCACHE_CLIENT_PRIVATE_KEY="" \
+ VNCACHE_CACHE_PUBLIC_KEY=""
+
+
+#HTTP/PROXY Config
+ENV HTTP_DOWNSTREAM_SERVERS=[] \
+ HTTP_TRACE_ON=false
+
+#set default certificate files to the self signed ones created in the build container
+ENV SSL_JSON='{"cert": "ssl/cert.pem", "privkey":"ssl/key.pem"}'
+
+#disable plugin debugging by default
+ENV DEBUG_PLUGINS=false
+
+#run the init script within dumb-init
+ENTRYPOINT ["dumb-init", "--"]
+CMD ["ash", "./run.sh"]
+
generated by cgit (git 2.46.0) at 2024-10-01 17:21:21 +0000