From acf5baaad50eeb2f768dd7d8b33c4784bc741693 Mon Sep 17 00:00:00 2001 From: Jef Roosens Date: Mon, 19 Jul 2021 20:05:35 +0200 Subject: [PATCH 1/2] WIP changes --- Dockerfile | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/Dockerfile b/Dockerfile index 9cb926c..474a319 100644 --- a/Dockerfile +++ b/Dockerfile @@ -14,8 +14,8 @@ RUN apk update && \ curl -sSL "https://www.acme.com/software/thttpd/thttpd-$THTTPD_VER.tar.gz" | \ tar xzf - && \ cd "thttpd-$THTTPD_VER" && \ - ./configure && \ - make + CFLAGS="-O3 -static" ./configure && \ + make -j$(nproc) # =====BUILD THE BLOG===== @@ -34,9 +34,9 @@ ARG THTTPD_VER # Install dumb-init & create a non-root user RUN apk update && \ - apk add --no-cache dumb-init && \ - addgroup -g 82 -S www-data && \ - adduser -u 82 -D -S -G www-data www-data + apk add --no-cache dumb-init + # addgroup -g 82 -S www-data && \ + # adduser -u 82 -D -S -G www-data www-data # Copy over binary & static files COPY --from=builder /usr/src/thttpd-$THTTPD_VER/thttpd /usr/local/bin/thttpd @@ -44,7 +44,7 @@ COPY --from=builder /usr/src/app/public /var/www/html COPY thttpd.conf /etc/thttpd.conf # A static file server doesn't need root -USER www-data:www-data +USER 82:82 ENTRYPOINT [ "dumb-init", "--" ] CMD [ "/usr/local/bin/thttpd", "-D", "-C", "/etc/thttpd.conf" ] From 06f6f969dfc3c1ff0962a827451b6f641b7a890c Mon Sep 17 00:00:00 2001 From: Jef Roosens Date: Mon, 19 Jul 2021 20:46:16 +0200 Subject: [PATCH 2/2] Switched to hyper-minimal Docker image --- Dockerfile | 44 +++++++++++++++++++++++++++----------------- thttpd.conf | 2 +- 2 files changed, 28 insertions(+), 18 deletions(-) diff --git a/Dockerfile b/Dockerfile index 474a319..e3ad4fa 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,24 +1,38 @@ # Global build argument ARG THTTPD_VER=2.29 +ARG DI_VER=1.2.5 -FROM alpine:latest AS builder +FROM ubuntu:latest AS builder -# =====BUILD thttpd===== +# =====BUILD BINARIES===== WORKDIR /usr/src ARG THTTPD_VER +ARG DI_VER # Install dependencies & build thttpd -RUN apk update && \ - apk add --no-cache curl hugo build-base && \ +RUN apt update && \ + apt install -y --no-install-recommends \ + curl \ + ca-certificates \ + hugo \ + musl-dev \ + musl-tools \ + build-essential && \ curl -sSL "https://www.acme.com/software/thttpd/thttpd-$THTTPD_VER.tar.gz" | \ tar xzf - && \ cd "thttpd-$THTTPD_VER" && \ - CFLAGS="-O3 -static" ./configure && \ + CC="musl-gcc -static" ./configure && \ make -j$(nproc) +# Build dumb-init +RUN curl -sSL "https://github.com/Yelp/dumb-init/archive/refs/tags/v$DI_VER.tar.gz" | \ + tar xzf - && \ + cd "dumb-init-$DI_VER" && \ + CC="musl-gcc -static" make build -# =====BUILD THE BLOG===== + +# =====BUILD BLOG===== WORKDIR /usr/src/app # Copy site files for building @@ -29,22 +43,18 @@ RUN hugo --minify # ====CREATE RELEASE IMAGE==== -FROM alpine:latest +FROM scratch ARG THTTPD_VER - -# Install dumb-init & create a non-root user -RUN apk update && \ - apk add --no-cache dumb-init - # addgroup -g 82 -S www-data && \ - # adduser -u 82 -D -S -G www-data www-data +ARG DI_VER # Copy over binary & static files -COPY --from=builder /usr/src/thttpd-$THTTPD_VER/thttpd /usr/local/bin/thttpd -COPY --from=builder /usr/src/app/public /var/www/html +COPY --from=builder /usr/src/thttpd-$THTTPD_VER/thttpd /bin/thttpd +COPY --from=builder /usr/src/dumb-init-$DI_VER/dumb-init /bin/dumb-init +COPY --from=builder /usr/src/app/public /static COPY thttpd.conf /etc/thttpd.conf # A static file server doesn't need root USER 82:82 -ENTRYPOINT [ "dumb-init", "--" ] -CMD [ "/usr/local/bin/thttpd", "-D", "-C", "/etc/thttpd.conf" ] +ENTRYPOINT [ "/bin/dumb-init", "--" ] +CMD [ "/bin/thttpd", "-D", "-C", "/etc/thttpd.conf" ] diff --git a/thttpd.conf b/thttpd.conf index 4a3249f..c68ffe2 100644 --- a/thttpd.conf +++ b/thttpd.conf @@ -1,2 +1,2 @@ port=8080 -dir=/var/www/html +dir=/static