diff --git a/Dockerfile b/Dockerfile index fde0763..091331f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,21 @@ -FROM python:3.10-slim +FROM alpine:3.20 -WORKDIR /app +ENV APP_ENV=/opt/venv +ENV PATH="${APP_ENV}/bin:$PATH" -RUN apt-get update && apt-get install -y --no-install-recommends \ - && apt-get clean && rm -rf /var/lib/apt/lists/* +RUN apk add --no-cache py3-pip uwsgi-python3 && \ + python3 -m venv $APP_ENV -RUN pip install --no-cache-dir wikimore +COPY . /app + +RUN $APP_ENV/bin/pip install --no-cache-dir pip && \ + $APP_ENV/bin/pip install /app && \ + adduser -S -D -H wikimore + +COPY entrypoint.sh /entrypoint.sh EXPOSE 8109 -CMD ["wikimore"] \ No newline at end of file +USER wikimore + +ENTRYPOINT ["/entrypoint.sh"] diff --git a/docker-compose-example.yml b/docker-compose-example.yml new file mode 100644 index 0000000..bca495b --- /dev/null +++ b/docker-compose-example.yml @@ -0,0 +1,17 @@ +services: + wikimore-app: + container_name: wikimore + restart: unless-stopped + image: privatecoffee/wikimore:latest + ports: + - "127.0.0.1:8109:8109" + security_opt: + - no-new-privileges:true + cap_drop: + - ALL + read_only: true + deploy: + resources: + limits: + cpus: '0.5' + memory: 300M \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml deleted file mode 100644 index fc72d19..0000000 --- a/docker-compose.yml +++ /dev/null @@ -1,5 +0,0 @@ -services: - wikimore-app: - build: . - ports: - - 8109:8109 ## change host port if needed \ No newline at end of file diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100644 index 0000000..ee4c4f4 --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,18 @@ +#!/bin/sh +args="--plugin python3 \ + --http-socket 0.0.0.0:$PORT \ + --master \ + --module wikimore.app:app \ + -H /opt/venv" + +if [ "$UWSGI_PROCESSES" ] +then + args="$args --processes $UWSGI_PROCESSES" +fi + +if [ "$UWSGI_THREADS" ] +then + args="$args --threads $UWSGI_THREADS" +fi + +exec /usr/sbin/uwsgi $args