-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathDockerfile
More file actions
82 lines (67 loc) · 2.37 KB
/
Dockerfile
File metadata and controls
82 lines (67 loc) · 2.37 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
FROM rust:1.86-alpine AS rust-builder
RUN apk add --no-cache musl-dev
RUN rustup target add x86_64-unknown-linux-musl
WORKDIR /build
COPY service-mesh/ /build/service-mesh/
WORKDIR /build/service-mesh
RUN cargo build --release --target x86_64-unknown-linux-musl
FROM golang:1.21-alpine AS go-builder
WORKDIR /build
COPY vpc-api-server/ /build/
RUN go mod init vpc-api-server || true
RUN go get github.com/gin-gonic/gin
RUN CGO_ENABLED=0 GOOS=linux go build -a -o vpc-api-server main.go
FROM golang:1.25-alpine AS headscale-builder
WORKDIR /build
COPY headscale/ /build/
RUN apk add --no-cache git make
RUN CGO_ENABLED=0 GOOS=linux go build -a -ldflags="-s -w" -o headscale ./cmd/headscale
FROM alpine AS ko-builder
RUN apk add --no-cache wget jq bash squashfs-tools
WORKDIR /build
COPY ./extract-modules.sh /build/
RUN ./extract-modules.sh
FROM ubuntu:24.04
RUN apt-get update && apt-get install -y \
ca-certificates \
wget \
curl \
jq \
nginx \
supervisor \
gettext-base \
socat \
kmod \
iputils-ping \
nodejs \
python3 \
python3-pip
RUN pip3 install --break-system-packages cryptography
RUN curl -fsSL https://get.docker.com | sh
RUN usermod -aG docker root
RUN mkdir -p /var/run/dstack \
/etc/dstack \
/etc/ssl/certs \
/etc/ssl/private \
/var/log/supervisor \
/var/log/nginx \
/scripts \
/lib/extra-modules
COPY --from=rust-builder /build/service-mesh/target/x86_64-unknown-linux-musl/release/dstack-mesh /usr/local/bin/dstack-mesh
RUN chmod +x /usr/local/bin/dstack-mesh
COPY --from=go-builder /build/vpc-api-server /usr/local/bin/vpc-api-server
RUN chmod +x /usr/local/bin/vpc-api-server
COPY --from=headscale-builder /build/headscale /usr/local/bin/headscale
RUN chmod +x /usr/local/bin/headscale
COPY --from=ko-builder /build/netfilter-modules/*.ko /lib/extra-modules/
COPY configs/nginx.conf /etc/nginx/nginx.conf
COPY configs/nginx-client-proxy.conf /etc/nginx/conf.d/client-proxy.conf
COPY configs/nginx-server-proxy.conf.template /etc/nginx/templates/server-proxy.conf.template
COPY configs/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
COPY configs/headscale_config.yaml /etc/headscale/config.yaml
COPY scripts /scripts
RUN chmod +x /scripts/*.sh
EXPOSE 80 443 8091 8092
HEALTHCHECK --start-period=5m --timeout=20s CMD /scripts/healthcheck.sh
ENTRYPOINT ["/scripts/entrypoint.sh"]
CMD ["/scripts/auto-entry.sh"]