mirror of
https://github.com/kristoferssolo/Axium.git
synced 2025-10-21 16:00:34 +00:00
67 lines
1.8 KiB
Docker
67 lines
1.8 KiB
Docker
# --- Stage 1: Builder Stage ---
|
|
FROM rust:1.84-alpine AS builder
|
|
|
|
WORKDIR /app
|
|
|
|
# Install required build dependencies for Rust and SQLx
|
|
RUN apk add --no-cache \
|
|
pkgconfig \
|
|
openssl-dev \
|
|
sqlite-dev \
|
|
build-base \
|
|
cmake \
|
|
curl \
|
|
ninja-build \
|
|
clang \
|
|
&& rm -rf /var/cache/apk/*
|
|
|
|
# Cache dependencies (from Cargo.toml and Cargo.lock) to speed up future builds
|
|
COPY Cargo.toml ./
|
|
RUN cargo fetch
|
|
|
|
# Copy the source code for the application
|
|
COPY src src/
|
|
|
|
# Set SQLX_OFFLINE to true for offline SQLx compilation
|
|
ENV SQLX_OFFLINE=true
|
|
|
|
# Copy the pre-generated SQLx metadata for offline mode
|
|
COPY .sqlx .sqlx/
|
|
|
|
# Copy the migrations folder
|
|
COPY migrations migrations/
|
|
|
|
# Build the application in release mode
|
|
RUN cargo build --release --locked --no-default-features
|
|
|
|
# Strip debug symbols to reduce binary size
|
|
RUN strip /app/target/release/Axium
|
|
|
|
# --- Stage 2: Runtime Stage ---
|
|
FROM alpine:latest
|
|
|
|
# Install runtime dependencies only (ca-certificates, openssl)
|
|
RUN apk add --no-cache \
|
|
ca-certificates \
|
|
openssl \
|
|
&& rm -rf /var/cache/apk/*
|
|
|
|
# Create non-root user for security purposes
|
|
RUN adduser -D -u 1001 appuser
|
|
|
|
WORKDIR /app
|
|
|
|
# Copy the built binary from the builder stage
|
|
COPY --from=builder /app/target/release/Axium .
|
|
|
|
# Ensure the .env file and other app files have the correct ownership and permissions
|
|
RUN chown -R appuser:appuser /app
|
|
|
|
# Switch to the non-root user
|
|
USER appuser
|
|
|
|
# Expose the application port (default 3000)
|
|
EXPOSE 3000
|
|
|
|
# Run the application when the container starts
|
|
CMD ["./Axium"] |