Dockerfile.multi-stage 2.31 KB
Newer Older
Ian Fijolek's avatar
Ian Fijolek committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42
# Unpack vault assets
FROM alpine:3.10 as vault

RUN apk add --no-cache --upgrade \
        curl \
        tar

RUN mkdir /web-vault
WORKDIR /web-vault

# SHELL ["/bin/ash", "-eo", "pipefail", "-c"]

ENV VAULT_VERSION "v2.11.0"
ENV URL "https://github.com/dani-garcia/bw_web_builds/releases/download/$VAULT_VERSION/bw_web_$VAULT_VERSION.tar.gz"

RUN curl -L $URL | tar xz
RUN ls

# Build server binary
FROM rust:1.36 as build

RUN apt-get update && apt-get install -y \
        --no-install-recommends \
        curl \
        tar \
        libmariadb-dev \
        && rm -rf /var/lib/apt/lists/*

ENV BW_VERSION "master"
ENV URL "https://github.com/dani-garcia/bitwarden_rs/archive/${BW_VERSION}.tar.gz"
RUN curl -L $URL | tar xz
RUN mv /bitwarden_rs-$BW_VERSION /src

WORKDIR /src

RUN cargo build --features mysql --release

# Get ldap sync binary
FROM "vividboarder/bitwarden_rs_ldap:alpine" as bitwarden_ldap

FROM cloudron/base:1.0.0@sha256:147a648a068a2e746644746bbfb42eb7a50d682437cead3c67c933c546357617

43 44 45 46
RUN apt-get update && apt-get install -y \
    --no-install-recommends libmariadbclient-dev \
    && rm -fr /var/lib/apt/lists/*

Ian Fijolek's avatar
Ian Fijolek committed
47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75
ENV ROCKET_ENV "staging"
ENV ROCKET_PORT=3000
ENV ROCKET_WORKERS=10
ENV DATA_FOLDER=/app/data
ENV CONFIG_FILE=/app/data/config.json

ENV SIGNUPS_ALLOWED=false
ENV INVITATIONS_ALLOWED=true
ENV WEBSOCKET_ENABLED=true

RUN mkdir -p /app/data
VOLUME /app/data
EXPOSE 80
EXPOSE 3012

# configure apache
RUN rm /etc/apache2/sites-enabled/*
RUN sed -e 's,^ErrorLog.*,ErrorLog "|/bin/cat",' -i /etc/apache2/apache2.conf
RUN a2disconf other-vhosts-access-log
COPY apache.conf /etc/apache2/sites-enabled/bitwarden.conf
RUN a2enmod ldap authnz_ldap proxy proxy_http proxy_wstunnel rewrite

# Copies Bitwarden files from build images
COPY --from=vault /web-vault /app/code/web-vault
COPY --from=build /src/target/release/bitwarden_rs /app/code/
COPY --from=build /src/Rocket.toml /app/code/
COPY --from=bitwarden_ldap /usr/local/bin/bitwarden_rs_ldap /app/code/
ENV RUST_BACKTRACE=1

76 77 78 79
# configure supervisor
ADD supervisor/ /etc/supervisor/conf.d/
RUN sed -e 's,^logfile=.*$,logfile=/run/supervisord.log,' -i /etc/supervisor/supervisord.conf

Ian Fijolek's avatar
Ian Fijolek committed
80 81 82 83 84 85
WORKDIR /app/code
COPY start.sh /app/code/start.sh
COPY ldap_sync.sh /app/code/ldap_sync.sh
COPY ldap_config.template.toml /app/code/ldap_config.template.toml

CMD [ "/app/code/start.sh" ]