From 69075df6ee9a5c54c317671314f8cf1ce3057820 Mon Sep 17 00:00:00 2001 From: Ambrose Chua Date: Mon, 9 Oct 2017 20:03:30 +0800 Subject: [PATCH] Move to a custom build --- Dockerfile | 55 +++++++++++++++++++++++++++++++++++++++++++---------- README.md | 10 +--------- hooks/build | 6 ++++++ 3 files changed, 52 insertions(+), 19 deletions(-) create mode 100755 hooks/build diff --git a/Dockerfile b/Dockerfile index 9e3e88a..4d47335 100755 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,42 @@ -FROM debian:stable as fetch +# +# Build stage by @abiosoft https://github.com/abiosoft/caddy-docker +# +FROM golang:1.9-alpine as build + +ARG version="0.10.10" +ARG plugins="" + +RUN apk add --no-cache git + +# caddy +RUN git clone https://github.com/mholt/caddy -b "v${version}" /go/src/github.com/mholt/caddy \ + && cd /go/src/github.com/mholt/caddy \ + && git checkout -b "v${version}" + +# plugin helper +RUN go get -v github.com/abiosoft/caddyplug/caddyplug + +# plugins +RUN for plugin in $(echo $plugins | tr "," " "); do \ + go get -v $(caddyplug package $plugin); \ + printf "package caddyhttp\nimport _ \"$(caddyplug package $plugin)\"" > \ + /go/src/github.com/mholt/caddy/caddyhttp/$plugin.go ; \ + done + +# builder dependency +RUN git clone https://github.com/caddyserver/builds /go/src/github.com/caddyserver/builds + +# build +RUN cd /go/src/github.com/mholt/caddy/caddy \ + && git checkout -f \ + && go run build.go \ + && mv caddy /go/bin + + +# +# Compress Caddy with upx +# +FROM debian:stable as compress RUN apt-get update && apt install -y --no-install-recommends \ tar \ @@ -6,22 +44,19 @@ RUN apt-get update && apt install -y --no-install-recommends \ curl \ ca-certificates -RUN curl --silent --show-error --fail --location -o - \ - "https://caddyserver.com/download/linux/amd64" \ - | tar --no-same-owner -C /usr/bin/ -xz caddy - RUN curl --silent --show-error --fail --location -o - \ "https://github.com/upx/upx/releases/download/v3.94/upx-3.94-amd64_linux.tar.xz" \ | tar --no-same-owner -C /usr/bin/ -xJ \ --strip-components 1 upx-3.94-amd64_linux/upx -RUN ls -l /usr/bin/caddy +COPY --from=build /go/bin/caddy /usr/bin/caddy RUN /usr/bin/upx --ultra-brute /usr/bin/caddy -RUN ls -l /usr/bin/caddy - RUN /usr/bin/caddy -version +# +# Final image +# FROM scratch LABEL org.label-schema.build-date=$BUILD_DATE @@ -30,8 +65,8 @@ LABEL org.label-schema.vcs-url="https://github.com/productionwentdown/caddy" LABEL org.label-schema.version=$VERSION LABEL org.label-schema.schema-version="1.0" -COPY --from=fetch /usr/bin/caddy /bin/caddy -COPY --from=fetch /etc/ssl/certs/ca-certificates.crt +COPY --from=compress /usr/bin/caddy /bin/caddy +COPY --from=compress /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt COPY Caddyfile /etc/Caddyfile ENV CADDYPATH=/etc/.caddy diff --git a/README.md b/README.md index a4bf60c..0eaa74f 100755 --- a/README.md +++ b/README.md @@ -3,13 +3,5 @@ A tiny 4MB Caddy image compressed with [UPX](https://github.com/upx/upx). -# Caveats +[![](https://images.microbadger.com/badges/image/productionwentdown/caddy.svg)](https://microbadger.com/images/productionwentdown/caddy "Get your own image badge on microbadger.com") -Since this image is `FROM scratch`, it does not have the certificates -necessary to connect to external HTTPS servers, including Let's Encrypt's -ACME server. This means that automatic TLS will not work in this Docker -image. - -TODO: add [ca-certificates.crt](https://curl.haxx.se/ca/cacert.pem) in /etc/ssl/certs/ - -TODO: tag specific versions of Caddy diff --git a/hooks/build b/hooks/build new file mode 100755 index 0000000..9f36580 --- /dev/null +++ b/hooks/build @@ -0,0 +1,6 @@ +#!/bin/bash + +docker build \ + --build-arg VCS_REF=`git rev-parse — short HEAD` \ + --build-arg BUILD_DATE=`date -u +”%Y-%m-%dT%H:%M:%SZ”` \ + -t $IMAGE_NAME .