43 lines
1.0 KiB
Docker
43 lines
1.0 KiB
Docker
## Build stage
|
|
FROM golang:1.24-alpine AS builder
|
|
|
|
WORKDIR /src
|
|
|
|
# Install build dependencies (none needed for static build) and enable static build
|
|
ENV CGO_ENABLED=0 GOOS=linux GOARCH=amd64
|
|
|
|
# Cache go modules
|
|
COPY app/web/go.mod ./app/web/
|
|
RUN cd app/web && go mod download
|
|
|
|
# Copy source
|
|
COPY app/web/ ./app/web/
|
|
|
|
# Build
|
|
RUN cd app/web && go build -o /out/freemoto-web ./
|
|
|
|
## Runtime stage
|
|
FROM alpine:3.20
|
|
|
|
WORKDIR /app/web
|
|
|
|
# Add CA certificates for any outbound HTTPS (future-proofing)
|
|
RUN apk add --no-cache ca-certificates tzdata wget
|
|
|
|
# Copy binary and static files
|
|
COPY --from=builder /out/freemoto-web /app/web/freemoto-web
|
|
COPY app/web/static/ /app/web/static/
|
|
|
|
# Use non-root user
|
|
RUN adduser -S -D -H -h /nonexistent appuser && \
|
|
chown -R appuser:appuser /app
|
|
USER appuser
|
|
|
|
ENV PORT=8080
|
|
EXPOSE 8080
|
|
|
|
# Simple healthcheck against /healthz
|
|
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
|
|
CMD wget -qO- http://127.0.0.1:${PORT}/healthz || exit 1
|
|
|
|
ENTRYPOINT ["/app/web/freemoto-web"] |