-
Notifications
You must be signed in to change notification settings - Fork 167
Expand file tree
/
Copy pathdocker.backend
More file actions
99 lines (83 loc) · 2.81 KB
/
docker.backend
File metadata and controls
99 lines (83 loc) · 2.81 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
# =========================
# Build stage
# =========================
FROM mcr.microsoft.com/dotnet/sdk:10.0 AS build
WORKDIR /app
COPY backend/ /backend/
COPY plugins/ /plugins/
RUN dotnet restore /backend/backend.csproj
RUN dotnet publish /backend/backend.csproj -c Release -o /magic
ADD backend/sqlite-plugins/ /magic/sqlite-plugins/
# =========================
# Runtime stage
# =========================
FROM mcr.microsoft.com/dotnet/aspnet:10.0
WORKDIR /magic
COPY --from=build /magic ./
ENV DEBIAN_FRONTEND=noninteractive
# Minimal runtime dependencies only
RUN apt-get update && \
apt-get install -y --no-install-recommends \
ca-certificates \
git \
gnupg \
python3 \
python3-pip \
wget \
fonts-liberation \
fonts-noto-color-emoji \
libasound2t64 \
libatk-bridge2.0-0 \
libatk1.0-0 \
libatspi2.0-0 \
libcups2 \
libdrm2 \
libgbm1 \
libgtk-3-0 \
libnss3 \
libx11-6 \
libx11-xcb1 \
libxcomposite1 \
libxdamage1 \
libxext6 \
libxfixes3 \
libxkbcommon0 \
libxrandr2 \
libxrender1 \
libxshmfence1 \
libxss1 \
libsqlite3-0 \
libstdc++6 \
libgcc-s1 \
libgomp1 && \
if [ "$(dpkg --print-architecture)" = "amd64" ]; then \
wget -qO- https://dl.google.com/linux/linux_signing_key.pub | gpg --dearmor > /usr/share/keyrings/google-chrome.gpg && \
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/google-chrome.gpg] http://dl.google.com/linux/chrome/deb/ stable main" \
> /etc/apt/sources.list.d/google-chrome.list && \
apt-get update && \
apt-get install -y --no-install-recommends google-chrome-stable; \
else \
apt-get install -y --no-install-recommends chromium && \
ln -sf /usr/bin/chromium /usr/bin/google-chrome; \
fi && \
rm -rf /var/lib/apt/lists/*
# Multi-arch safe sqlite symlink
RUN SQLITE_PATH=$(find /usr/lib -name libsqlite3.so.0 | head -n 1) && \
ln -sf "$SQLITE_PATH" "$(dirname "$SQLITE_PATH")/libsqlite3.so"
# Plugin path
ENV LD_LIBRARY_PATH="/magic/sqlite-plugins"
ENV PUPPETEER_EXECUTABLE_PATH="/usr/bin/google-chrome"
# Deterministic UID/GID (aligned with K8S fsGroup=999)
RUN GROUP_NAME="$(getent group 999 | cut -d: -f1)" && \
if [ -z "$GROUP_NAME" ]; then groupadd -g 999 magic && GROUP_NAME=magic; fi && \
if ! getent passwd 999 >/dev/null 2>&1; then useradd -u 999 -g "$GROUP_NAME" -m magic; fi
# Ensure runtime directories exist
RUN mkdir -p /magic/files/data \
/magic/files/etc \
/magic/files/config \
/magic/files/modules
RUN chown -R 999:999 /magic
USER 999:999
EXPOSE 4444
ENV ASPNETCORE_URLS="http://+:4444"
ENTRYPOINT ["dotnet", "backend.dll"]