docker multi-images

This commit is contained in:
Jun Kurihara 2023-01-20 22:12:51 +09:00
commit c4ba156ea1
No known key found for this signature in database
GPG key ID: 48ADFD173ED22B03
10 changed files with 138 additions and 12 deletions

View file

@ -3,3 +3,4 @@ bench/
.vscode/ .vscode/
.private/ .private/
.github/ .github/
example-certs/

View file

@ -26,11 +26,19 @@ jobs:
username: ${{ secrets.DOCKERHUB_USERNAME }} username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }} password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Build and push - name: Build and push x86_64
uses: docker/build-push-action@v3 uses: docker/build-push-action@v3
with: with:
context: . context: .
push: true push: true
tags: | tags: |
${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}:latest ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}:latest
file: ./Dockerfile file: ./docker/amd64/Dockerfile
- name: Build and push x86_64
uses: docker/build-push-action@v3
with:
context: .
push: true
tags: |
${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}:slim, ${{ secrets.DOCKERHUB_USERNAME }}/${{ env.IMAGE_NAME }}:latest-slim
file: ./docker/amd64-slim/Dockerfile

View file

@ -1,6 +1,6 @@
MIT License MIT License
Copyright (c) 2022 Jun Kurihara Copyright (c) 2023 Jun Kurihara
Permission is hereby granted, free of charge, to any person obtaining a copy Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal of this software and associated documentation files (the "Software"), to deal

View file

@ -221,7 +221,7 @@ You can also use [docker image](https://hub.docker.com/r/jqtype/rpxy) instead of
- `LOG_LEVEL=debug|info|warn|error`: Log level - `LOG_LEVEL=debug|info|warn|error`: Log level
- `LOG_TO_FILE=true|false`: Enable logging to the log file `/var/log/rpxy/rpxy.log` using `logrotate`. You should mount `/var/log/rpxy` via docker volume option if enabled. - `LOG_TO_FILE=true|false`: Enable logging to the log file `/var/log/rpxy/rpxy.log` using `logrotate`. You should mount `/var/log/rpxy` via docker volume option if enabled.
Other than them, all you need is to mount your `config.toml` as `/etc/rpxy.toml` and certificates/private keys as you like through the docker volume option. See [`docker-compose.yml`](./docker-compose.yml) for the detailed configuration. Note that the file path of keys and certificates must be ones in your docker container. Other than them, all you need is to mount your `config.toml` as `/etc/rpxy.toml` and certificates/private keys as you like through the docker volume option. See [`docker/docker-compose.yml`](./docker/docker-compose.yml) for the detailed configuration. Note that the file path of keys and certificates must be ones in your docker container.
## Example ## Example

View file

@ -10,15 +10,15 @@ COPY . /tmp/
ENV RUSTFLAGS "-C link-arg=-s" ENV RUSTFLAGS "-C link-arg=-s"
# RUN update-ca-certificates 2> /dev/null || true
RUN echo "Building rpxy from source" && \ RUN echo "Building rpxy from source" && \
cargo build --release && \ cargo build --release && \
musl-strip --strip-all /tmp/target/${TARGET_DIR}/release/rpxy musl-strip --strip-all /tmp/target/${TARGET_DIR}/release/rpxy
######################################## ########################################
FROM alpine:latest as runner FROM alpine:latest as runner
LABEL maintainer="Jun Kurihara"
ENV TAG_NAME=amd64-slim
ENV TARGET_DIR=x86_64-unknown-linux-musl ENV TARGET_DIR=x86_64-unknown-linux-musl
ENV RUNTIME_DEPS logrotate ca-certificates ENV RUNTIME_DEPS logrotate ca-certificates
@ -29,8 +29,8 @@ RUN apk add --no-cache ${RUNTIME_DEPS} && \
touch /var/log/rpxy/rpxy.log touch /var/log/rpxy/rpxy.log
COPY --from=builder /tmp/target/${TARGET_DIR}/release/rpxy /opt/rpxy/sbin/rpxy COPY --from=builder /tmp/target/${TARGET_DIR}/release/rpxy /opt/rpxy/sbin/rpxy
COPY docker-bin/run.sh / COPY ./docker/${TAG_NAME}/run.sh /
COPY docker-bin/entrypoint.sh / COPY ./docker/entrypoint.sh /
RUN chmod 755 /run.sh && \ RUN chmod 755 /run.sh && \
chmod 755 /entrypoint.sh chmod 755 /entrypoint.sh

55
docker/amd64/Dockerfile Normal file
View file

@ -0,0 +1,55 @@
FROM ubuntu:22.04 AS base
LABEL maintainer="Jun Kurihara"
SHELL ["/bin/sh", "-x", "-c"]
ENV SERIAL 2
########################################
FROM base as builder
ENV CFLAGS=-Ofast
ENV BUILD_DEPS curl make ca-certificates build-essential
WORKDIR /tmp
COPY . /tmp/
ENV RUSTFLAGS "-C link-arg=-s"
RUN update-ca-certificates 2> /dev/null || true
RUN apt-get update && apt-get install -qy --no-install-recommends $BUILD_DEPS && \
curl -sSf https://sh.rustup.rs | bash -s -- -y --default-toolchain stable && \
export PATH="$HOME/.cargo/bin:$PATH" && \
echo "Building rpxy from source" && \
cargo build --release && \
strip --strip-all /tmp/target/release/rpxy
########################################
FROM base AS runner
ENV TAG_NAME=amd64
ENV RUNTIME_DEPS logrotate ca-certificates
RUN apt-get update && \
apt-get install -qy --no-install-recommends $RUNTIME_DEPS && \
apt-get -qy clean && \
apt-get -qy autoremove &&\
rm -fr /tmp/* /var/tmp/* /var/cache/apt/* /var/lib/apt/lists/* /var/log/apt/* /var/log/*.log &&\
mkdir -p /opt/rpxy/sbin &&\
mkdir -p /var/log/rpxy && \
touch /var/log/rpxy/rpxy.log
COPY --from=builder /tmp/target/release/rpxy /opt/rpxy/sbin/rpxy
COPY ./docker/${TAG_NAME}/run.sh /
COPY ./docker/entrypoint.sh /
RUN chmod 755 /run.sh && \
chmod 755 /entrypoint.sh
EXPOSE 80 443
CMD ["/entrypoint.sh"]
ENTRYPOINT ["/entrypoint.sh"]

61
docker/amd64/run.sh Normal file
View file

@ -0,0 +1,61 @@
#!/usr/bin/env sh
LOG_FILE=/var/log/rpxy/rpxy.log
CONFIG_FILE=/etc/rpxy.toml
LOG_SIZE=10M
LOG_NUM=10
# logrotate
if [ $LOGROTATE_NUM ]; then
LOG_NUM=${LOGROTATE_NUM}
fi
if [ $LOGROTATE_SIZE ]; then
LOG_SIZE=${LOGROTATE_SIZE}
fi
cat > /etc/logrotate.conf << EOF
# see "man logrotate" for details
# rotate log files weekly
weekly
# use the adm group by default, since this is the owning group
# of /var/log/syslog.
su root adm
# keep 4 weeks worth of backlogs
rotate 4
# create new (empty) log files after rotating old ones
create
# use date as a suffix of the rotated file
#dateext
# uncomment this if you want your log files compressed
#compress
# packages drop log rotation information into this directory
include /etc/logrotate.d
# system-specific logs may be also be configured here.
EOF
cat > /etc/logrotate.d/rpxy << EOF
${LOG_FILE} {
dateext
daily
missingok
rotate ${LOG_NUM}
notifempty
compress
delaycompress
dateformat -%Y-%m-%d-%s
size ${LOG_SIZE}
copytruncate
}
EOF
cp -p /etc/cron.daily/logrotate /etc/cron.hourly/
service cron start
# debug level logging
if [ -z $LOG_LEVEL ]; then
LOG_LEVEL=info
fi
echo "rpxy: Logging with level ${LOG_LEVEL}"
RUST_LOG=${LOG_LEVEL} /opt/rpxy/sbin/rpxy --config ${CONFIG_FILE}

View file

@ -8,13 +8,14 @@ services:
- 127.0.0.1:8080:8080 - 127.0.0.1:8080:8080
- 127.0.0.1:8443:8443 - 127.0.0.1:8443:8443
build: build:
context: ./ context: ../
dockerfile: ./docker/amd64/Dockerfile
environment: environment:
- LOG_LEVEL=debug - LOG_LEVEL=debug
- LOG_TO_FILE=false - LOG_TO_FILE=false
tty: false tty: false
privileged: true privileged: true
volumes: volumes:
- ./example-certs/server.crt:/certs/server.crt:ro - ../example-certs/server.crt:/certs/server.crt:ro
- ./example-certs/server.key:/certs/server.key:ro - ../example-certs/server.key:/certs/server.key:ro
- ./config-example.toml:/etc/rpxy.toml:ro - ../config-example.toml:/etc/rpxy.toml:ro