From c4ba156ea147e960be2f4f68f562a1a9403a7eca Mon Sep 17 00:00:00 2001
From: Jun Kurihara <junkurihara@users.noreply.github.com>
Date: Fri, 20 Jan 2023 22:12:51 +0900
Subject: [PATCH] docker multi-images

---
 .dockerignore                                 |  1 +
 .github/workflows/docker_build_push.yml       | 12 +++-
 LICENSE                                       |  2 +-
 README.md                                     |  2 +-
 Dockerfile => docker/amd64-slim/Dockerfile    |  8 +--
 {docker-bin => docker/amd64-slim}/run.sh      |  0
 docker/amd64/Dockerfile                       | 55 +++++++++++++++++
 docker/amd64/run.sh                           | 61 +++++++++++++++++++
 .../docker-compose.yml                        |  9 +--
 {docker-bin => docker}/entrypoint.sh          |  0
 10 files changed, 138 insertions(+), 12 deletions(-)
 rename Dockerfile => docker/amd64-slim/Dockerfile (88%)
 rename {docker-bin => docker/amd64-slim}/run.sh (100%)
 create mode 100644 docker/amd64/Dockerfile
 create mode 100644 docker/amd64/run.sh
 rename docker-compose.yml => docker/docker-compose.yml (57%)
 rename {docker-bin => docker}/entrypoint.sh (100%)

diff --git a/.dockerignore b/.dockerignore
index a948f55..3538235 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -3,3 +3,4 @@ bench/
 .vscode/
 .private/
 .github/
+example-certs/
diff --git a/.github/workflows/docker_build_push.yml b/.github/workflows/docker_build_push.yml
index 7d8f948..64c802d 100644
--- a/.github/workflows/docker_build_push.yml
+++ b/.github/workflows/docker_build_push.yml
@@ -26,11 +26,19 @@ jobs:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
 
-      - name: Build and push
+      - name: Build and push x86_64
         uses: docker/build-push-action@v3
         with:
           context: .
           push: true
           tags: |
             ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}:latest
-          file: ./Dockerfile
+          file: ./docker/amd64/Dockerfile
+      - name: Build and push x86_64
+        uses: docker/build-push-action@v3
+        with:
+          context: .
+          push: true
+          tags: |
+            ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}:slim, ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}:latest-slim
+          file: ./docker/amd64-slim/Dockerfile
diff --git a/LICENSE b/LICENSE
index 76ef520..967c341 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2022 Jun Kurihara
+Copyright (c) 2023 Jun Kurihara
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
diff --git a/README.md b/README.md
index 4a3e43b..3f255df 100644
--- a/README.md
+++ b/README.md
@@ -221,7 +221,7 @@ You can also use [docker image](https://hub.docker.com/r/jqtype/rpxy) instead of
 - `LOG_LEVEL=debug|info|warn|error`: Log level
 - `LOG_TO_FILE=true|false`: Enable logging to the log file `/var/log/rpxy/rpxy.log` using `logrotate`. You should mount `/var/log/rpxy` via docker volume option if enabled.
 
-Other than them, all you need is to mount your `config.toml` as `/etc/rpxy.toml` and certificates/private keys as you like through the docker volume option. See [`docker-compose.yml`](./docker-compose.yml) for the detailed configuration. Note that the file path of keys and certificates must be ones in your docker container.
+Other than them, all you need is to mount your `config.toml` as `/etc/rpxy.toml` and certificates/private keys as you like through the docker volume option. See [`docker/docker-compose.yml`](./docker/docker-compose.yml) for the detailed configuration. Note that the file path of keys and certificates must be ones in your docker container.
 
 ## Example
 
diff --git a/Dockerfile b/docker/amd64-slim/Dockerfile
similarity index 88%
rename from Dockerfile
rename to docker/amd64-slim/Dockerfile
index 66f3144..9e5b9d4 100644
--- a/Dockerfile
+++ b/docker/amd64-slim/Dockerfile
@@ -10,15 +10,15 @@ COPY . /tmp/
 
 ENV RUSTFLAGS "-C link-arg=-s"
 
-# RUN update-ca-certificates 2> /dev/null || true
-
 RUN echo "Building rpxy from source" && \
   cargo build --release && \
   musl-strip --strip-all /tmp/target/${TARGET_DIR}/release/rpxy
 
 ########################################
 FROM alpine:latest as runner
+LABEL maintainer="Jun Kurihara"
 
+ENV TAG_NAME=amd64-slim
 ENV TARGET_DIR=x86_64-unknown-linux-musl
 ENV RUNTIME_DEPS logrotate ca-certificates
 
@@ -29,8 +29,8 @@ RUN apk add --no-cache ${RUNTIME_DEPS} && \
   touch /var/log/rpxy/rpxy.log
 
 COPY --from=builder /tmp/target/${TARGET_DIR}/release/rpxy /opt/rpxy/sbin/rpxy
-COPY docker-bin/run.sh /
-COPY docker-bin/entrypoint.sh /
+COPY ./docker/${TAG_NAME}/run.sh /
+COPY ./docker/entrypoint.sh /
 
 RUN chmod 755 /run.sh && \
   chmod 755 /entrypoint.sh
diff --git a/docker-bin/run.sh b/docker/amd64-slim/run.sh
similarity index 100%
rename from docker-bin/run.sh
rename to docker/amd64-slim/run.sh
diff --git a/docker/amd64/Dockerfile b/docker/amd64/Dockerfile
new file mode 100644
index 0000000..8f7ecf7
--- /dev/null
+++ b/docker/amd64/Dockerfile
@@ -0,0 +1,55 @@
+
+FROM ubuntu:22.04 AS base
+LABEL maintainer="Jun Kurihara"
+
+SHELL ["/bin/sh", "-x", "-c"]
+ENV SERIAL 2
+
+########################################
+FROM base as builder
+
+ENV CFLAGS=-Ofast
+ENV BUILD_DEPS curl make ca-certificates build-essential
+
+WORKDIR /tmp
+
+COPY . /tmp/
+
+ENV RUSTFLAGS "-C link-arg=-s"
+
+RUN update-ca-certificates 2> /dev/null || true
+
+RUN apt-get update && apt-get install -qy --no-install-recommends $BUILD_DEPS && \
+  curl -sSf https://sh.rustup.rs | bash -s -- -y --default-toolchain stable && \
+  export PATH="$HOME/.cargo/bin:$PATH" && \
+  echo "Building rpxy from source" && \
+  cargo build --release && \
+  strip --strip-all /tmp/target/release/rpxy
+
+########################################
+FROM base AS runner
+
+ENV TAG_NAME=amd64
+ENV RUNTIME_DEPS logrotate ca-certificates
+
+RUN apt-get update && \
+  apt-get install -qy --no-install-recommends $RUNTIME_DEPS && \
+  apt-get -qy clean && \
+  apt-get -qy autoremove &&\
+  rm -fr /tmp/* /var/tmp/* /var/cache/apt/* /var/lib/apt/lists/* /var/log/apt/* /var/log/*.log &&\
+  mkdir -p /opt/rpxy/sbin &&\
+  mkdir -p /var/log/rpxy && \
+  touch /var/log/rpxy/rpxy.log
+
+COPY --from=builder /tmp/target/release/rpxy /opt/rpxy/sbin/rpxy
+COPY ./docker/${TAG_NAME}/run.sh /
+COPY ./docker/entrypoint.sh /
+
+RUN chmod 755 /run.sh && \
+  chmod 755 /entrypoint.sh
+
+EXPOSE 80 443
+
+CMD ["/entrypoint.sh"]
+
+ENTRYPOINT ["/entrypoint.sh"]
diff --git a/docker/amd64/run.sh b/docker/amd64/run.sh
new file mode 100644
index 0000000..bace2c9
--- /dev/null
+++ b/docker/amd64/run.sh
@@ -0,0 +1,61 @@
+
+#!/usr/bin/env sh
+
+LOG_FILE=/var/log/rpxy/rpxy.log
+CONFIG_FILE=/etc/rpxy.toml
+LOG_SIZE=10M
+LOG_NUM=10
+
+# logrotate
+if [ $LOGROTATE_NUM ]; then
+  LOG_NUM=${LOGROTATE_NUM}
+fi
+if [ $LOGROTATE_SIZE ]; then
+  LOG_SIZE=${LOGROTATE_SIZE}
+fi
+
+cat > /etc/logrotate.conf << EOF
+# see "man logrotate" for details
+# rotate log files weekly
+weekly
+# use the adm group by default, since this is the owning group
+# of /var/log/syslog.
+su root adm
+# keep 4 weeks worth of backlogs
+rotate 4
+# create new (empty) log files after rotating old ones
+create
+# use date as a suffix of the rotated file
+#dateext
+# uncomment this if you want your log files compressed
+#compress
+# packages drop log rotation information into this directory
+include /etc/logrotate.d
+# system-specific logs may be also be configured here.
+EOF
+
+cat > /etc/logrotate.d/rpxy << EOF
+${LOG_FILE} {
+    dateext
+    daily
+    missingok
+    rotate ${LOG_NUM}
+    notifempty
+    compress
+    delaycompress
+    dateformat -%Y-%m-%d-%s
+    size ${LOG_SIZE}
+    copytruncate
+}
+EOF
+
+cp -p /etc/cron.daily/logrotate /etc/cron.hourly/
+service cron start
+
+# debug level logging
+if [ -z $LOG_LEVEL ]; then
+  LOG_LEVEL=info
+fi
+echo "rpxy: Logging with level ${LOG_LEVEL}"
+
+RUST_LOG=${LOG_LEVEL} /opt/rpxy/sbin/rpxy --config ${CONFIG_FILE}
diff --git a/docker-compose.yml b/docker/docker-compose.yml
similarity index 57%
rename from docker-compose.yml
rename to docker/docker-compose.yml
index 8514a4a..9a64db2 100644
--- a/docker-compose.yml
+++ b/docker/docker-compose.yml
@@ -8,13 +8,14 @@ services:
       - 127.0.0.1:8080:8080
       - 127.0.0.1:8443:8443
     build:
-      context: ./
+      context: ../
+      dockerfile: ./docker/amd64/Dockerfile
     environment:
       - LOG_LEVEL=debug
       - LOG_TO_FILE=false
     tty: false
     privileged: true
     volumes:
-      - ./example-certs/server.crt:/certs/server.crt:ro
-      - ./example-certs/server.key:/certs/server.key:ro
-      - ./config-example.toml:/etc/rpxy.toml:ro
+      - ../example-certs/server.crt:/certs/server.crt:ro
+      - ../example-certs/server.key:/certs/server.key:ro
+      - ../config-example.toml:/etc/rpxy.toml:ro
diff --git a/docker-bin/entrypoint.sh b/docker/entrypoint.sh
similarity index 100%
rename from docker-bin/entrypoint.sh
rename to docker/entrypoint.sh