diff options
Diffstat (limited to 'Dockerfile.rootless')
-rw-r--r-- | Dockerfile.rootless | 114 |
1 files changed, 114 insertions, 0 deletions
diff --git a/Dockerfile.rootless b/Dockerfile.rootless new file mode 100644 index 0000000..d2f5f71 --- /dev/null +++ b/Dockerfile.rootless @@ -0,0 +1,114 @@ +FROM --platform=$BUILDPLATFORM docker.io/tonistiigi/xx AS xx + +FROM --platform=$BUILDPLATFORM code.forgejo.org/oci/golang:1.23-alpine3.20 as build-env + +ARG GOPROXY +ENV GOPROXY=${GOPROXY:-direct} + +ARG RELEASE_VERSION +ARG TAGS="sqlite sqlite_unlock_notify" +ENV TAGS="bindata timetzdata $TAGS" +ARG CGO_EXTRA_CFLAGS + +# +# Transparently cross compile for the target platform +# +COPY --from=xx / / +ARG TARGETPLATFORM +RUN apk --no-cache add clang lld +RUN xx-apk --no-cache add gcc musl-dev +ENV CGO_ENABLED=1 +RUN xx-go --wrap +# +# for go generate and binfmt to find +# without it the generate phase will fail with +# #19 25.04 modules/public/public_bindata.go:8: running "go": exit status 1 +# #19 25.39 aarch64-binfmt-P: Could not open '/lib/ld-musl-aarch64.so.1': No such file or directory +# why exactly is it needed? where is binfmt involved? +# +RUN cp /*-alpine-linux-musl*/lib/ld-musl-*.so.1 /lib || true + +RUN apk --no-cache add build-base git nodejs npm + +COPY . ${GOPATH}/src/code.gitea.io/gitea +WORKDIR ${GOPATH}/src/code.gitea.io/gitea + +RUN make clean +RUN make frontend +RUN go build contrib/environment-to-ini/environment-to-ini.go && xx-verify environment-to-ini +RUN make RELEASE_VERSION=$RELEASE_VERSION go-check generate-backend static-executable && xx-verify gitea + +# Copy local files +COPY docker/rootless /tmp/local + +# Set permissions +RUN chmod 755 /tmp/local/usr/local/bin/docker-entrypoint.sh \ + /tmp/local/usr/local/bin/docker-setup.sh \ + /tmp/local/usr/local/bin/gitea \ + /go/src/code.gitea.io/gitea/gitea \ + /go/src/code.gitea.io/gitea/environment-to-ini +RUN chmod 644 /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete + +FROM code.forgejo.org/oci/golang:1.23-alpine3.20 +LABEL maintainer="contact@forgejo.org" \ + org.opencontainers.image.authors="Forgejo" \ + org.opencontainers.image.url="https://forgejo.org" \ + org.opencontainers.image.documentation="https://forgejo.org/download/#container-image" \ + org.opencontainers.image.source="https://codeberg.org/forgejo/forgejo" \ + org.opencontainers.image.version="${RELEASE_VERSION}" \ + org.opencontainers.image.vendor="Forgejo" \ + org.opencontainers.image.licenses="GPL-3.0-or-later" \ + org.opencontainers.image.title="Forgejo. Beyond coding. We forge." \ + org.opencontainers.image.description="Forgejo is a self-hosted lightweight software forge. Easy to install and low maintenance, it just does the job." + +EXPOSE 2222 3000 + +RUN apk --no-cache add \ + bash \ + ca-certificates \ + dumb-init \ + gettext \ + git \ + curl \ + gnupg \ + && rm -rf /var/cache/apk/* + +RUN addgroup \ + -S -g 1000 \ + git && \ + adduser \ + -S -H -D \ + -h /var/lib/gitea/git \ + -s /bin/bash \ + -u 1000 \ + -G git \ + git + +RUN mkdir -p /var/lib/gitea /etc/gitea +RUN chown git:git /var/lib/gitea /etc/gitea + +COPY --from=build-env /tmp/local / +RUN cd /usr/local/bin ; ln -s gitea forgejo +COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea +RUN ln /app/gitea/gitea /app/gitea/forgejo-cli +COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini +COPY --from=build-env /go/src/code.gitea.io/gitea/contrib/autocompletion/bash_autocomplete /etc/profile.d/gitea_bash_autocomplete.sh + +#git:git +USER 1000:1000 +ENV GITEA_WORK_DIR=/var/lib/gitea +ENV GITEA_CUSTOM=/var/lib/gitea/custom +ENV GITEA_TEMP=/tmp/gitea +ENV TMPDIR=/tmp/gitea + +# Legacy config file for backwards compatibility +# TODO: remove on next major version release +ENV GITEA_APP_INI_LEGACY=/etc/gitea/app.ini + +ENV GITEA_APP_INI=${GITEA_CUSTOM}/conf/app.ini +ENV HOME="/var/lib/gitea/git" +VOLUME ["/var/lib/gitea", "/etc/gitea"] +WORKDIR /var/lib/gitea + +ENTRYPOINT ["/usr/bin/dumb-init", "--", "/usr/local/bin/docker-entrypoint.sh"] +CMD [] |