-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
98 lines (72 loc) · 2.32 KB
/
Dockerfile
File metadata and controls
98 lines (72 loc) · 2.32 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
# ============================================
# Stage 1: Frontend Builder
# ============================================
FROM --platform=$BUILDPLATFORM node:20-alpine AS frontend-builder
WORKDIR /build
# Copy package files first for better caching
COPY web/package.json web/package-lock.json* ./
# Install dependencies
RUN npm ci --prefer-offline --no-audit || npm install
# Copy frontend source
COPY web/ ./
# Build frontend
RUN npm run build
# ============================================
# Stage 2: Backend Builder
# ============================================
FROM --platform=$BUILDPLATFORM golang:1.23-alpine AS backend-builder
# 接收目标平台参数
ARG TARGETOS
ARG TARGETARCH
WORKDIR /build
# Install build dependencies
RUN apk add --no-cache git
# Copy go mod files first for better caching
COPY go.mod go.sum ./
RUN go mod download
# Copy source code
COPY . .
# Build binary with optimizations
# 使用 Go 原生交叉编译,而非 QEMU 模拟
RUN CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build \
-trimpath \
-ldflags="-s -w" \
-o bitwarden-backup \
./cmd/server
# ============================================
# Stage 3: Runtime
# ============================================
FROM node:20-alpine AS runtime
# Install runtime dependencies
RUN apk add --no-cache \
ca-certificates \
tzdata
# Install Bitwarden
ARG BW_CLI_VERSION=latest
RUN npm install -g @bitwarden/cli@${BW_CLI_VERSION} && \
npm cache clean --force
# 使用 node:alpine 内置的 node 用户 (UID 1000)
# 无需创建新用户,直接复用
WORKDIR /app
# Create necessary directories
RUN mkdir -p /app/data /app/backups /app/.tmp && \
chown -R node:node /app
# Copy binary from backend builder
COPY --from=backend-builder /build/bitwarden-backup ./
# Copy frontend dist from frontend builder
COPY --from=frontend-builder /build/dist ./web/dist
# Set ownership
RUN chown -R node:node /app
# Switch to non-root user
USER node
# Environment variables
ENV SERVER_PORT=8080
ENV DB_PATH=/app/data/bitwarden-backup.db
ENV APP_ENV=production
# Expose port
EXPOSE 8080
# Health check (optional, uses root endpoint)
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD wget --no-verbose --tries=1 --spider http://localhost:8080/api/servers || exit 1
# Run application
CMD ["./bitwarden-backup"]