steerdock/Dockerfile at master · silvancoder/steerdock · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
# Multi-stage optimized Dockerfile for SteerDock
# SteerDock 多阶段优化 Dockerfile

# Stage 1: Frontend Build
FROM node:20-alpine AS frontend-builder

WORKDIR /app/frontend

# Copy package files
COPY frontend/package.json ./

# Set mirrors for China network optimization
ENV ELECTRON_MIRROR=https://npmmirror.com/mirrors/electron/

# Install dependencies with retry mechanism
RUN npm config set registry https://registry.npmmirror.com && \
    npm config set fetch-timeout 300000 && \
    npm config set fetch-retries 5 && \
    npm config set fetch-retry-mintimeout 20000 && \
    npm config set fetch-retry-maxtimeout 120000 && \
    npm cache clean --force && \
    (npm install --no-audit --no-fund --legacy-peer-deps || \
     (echo "Retrying with official registry..." && \
      npm config set registry https://registry.npmjs.org && \
      npm install --no-audit --no-fund --legacy-peer-deps))

# Copy source code
COPY frontend/ ./

# Build frontend
RUN npm run build

# Stage 2: Backend Build
FROM golang:1.24-alpine AS backend-builder

# Install build dependencies
RUN apk add --no-cache git ca-certificates tzdata

WORKDIR /app/backend

# Set Go proxy for China network
ENV GOPROXY=https://goproxy.cn,direct
ENV GOSUMDB=sum.golang.google.cn

# Copy go mod files
COPY backend/go.mod backend/go.sum ./

# Download dependencies with proxy settings
RUN go mod download

# Copy source code
COPY backend/ ./

# Build binary with optimizations and timeout
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build \
    -a -installsuffix cgo \
    -ldflags='-w -s -extldflags "-static"' \
    -o steerdock . || \
    (echo "Build failed, retrying..." && \
     go clean -cache && \
     CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build \
     -ldflags='-w -s' -o steerdock .)

# Stage 3: Final minimal image with dual services
FROM nginx:alpine

# Install runtime dependencies
RUN apk --no-cache add ca-certificates tzdata curl supervisor

# Create non-root user
RUN addgroup -g 1001 -S steerdock && \
    adduser -S steerdock -u 1001 -G steerdock

# Create app directory
WORKDIR /app

# Copy timezone data
COPY --from=backend-builder /usr/share/zoneinfo /usr/share/zoneinfo

# Copy CA certificates
COPY --from=backend-builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/

# Copy built backend binary
COPY --from=backend-builder /app/backend/steerdock ./steerdock

# Copy frontend build to nginx directory
COPY --from=frontend-builder /app/frontend/dist /usr/share/nginx/html

# Create nginx config for frontend with WebSocket support
RUN echo 'server {' > /etc/nginx/conf.d/default.conf && \
    echo '    listen 5151;' >> /etc/nginx/conf.d/default.conf && \
    echo '    server_name localhost;' >> /etc/nginx/conf.d/default.conf && \
    echo '    root /usr/share/nginx/html;' >> /etc/nginx/conf.d/default.conf && \
    echo '    index index.html;' >> /etc/nginx/conf.d/default.conf && \
    echo '    location / {' >> /etc/nginx/conf.d/default.conf && \
    echo '        try_files $uri $uri/ /index.html;' >> /etc/nginx/conf.d/default.conf && \
    echo '    }' >> /etc/nginx/conf.d/default.conf && \
    echo '    location /api {' >> /etc/nginx/conf.d/default.conf && \
    echo '        proxy_pass http://localhost:8383;' >> /etc/nginx/conf.d/default.conf && \
    echo '        proxy_http_version 1.1;' >> /etc/nginx/conf.d/default.conf && \
    echo '        proxy_set_header Upgrade $http_upgrade;' >> /etc/nginx/conf.d/default.conf && \
    echo '        proxy_set_header Connection "upgrade";' >> /etc/nginx/conf.d/default.conf && \
    echo '        proxy_set_header Host $host;' >> /etc/nginx/conf.d/default.conf && \
    echo '        proxy_set_header X-Real-IP $remote_addr;' >> /etc/nginx/conf.d/default.conf && \
    echo '        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;' >> /etc/nginx/conf.d/default.conf && \
    echo '        proxy_read_timeout 86400;' >> /etc/nginx/conf.d/default.conf && \
    echo '    }' >> /etc/nginx/conf.d/default.conf && \
    echo '}' >> /etc/nginx/conf.d/default.conf

# Create supervisor config directory and config file
RUN mkdir -p /etc/supervisor/conf.d && \
    printf '[supervisord]\nnodaemon=true\nuser=root\n\n[program:nginx]\ncommand=nginx -g "daemon off;"\nautostart=true\nautorestart=true\nstdout_logfile=/dev/stdout\nstdout_logfile_maxbytes=0\nstderr_logfile=/dev/stderr\nstderr_logfile_maxbytes=0\n\n[program:steerdock]\ncommand=/app/steerdock\ndirectory=/app\nautostart=true\nautorestart=true\nstdout_logfile=/dev/stdout\nstdout_logfile_maxbytes=0\nstderr_logfile=/dev/stderr\nstderr_logfile_maxbytes=0\n' > /etc/supervisor/conf.d/supervisord.conf

# Create necessary directories and set permissions
RUN mkdir -p /app/config /app/logs && \
    chown -R steerdock:steerdock /app && \
    chmod +x /app/steerdock

# Health check for both services
HEALTHCHECK --interval=30s --timeout=10s --start-period=10s --retries=3 \
    CMD curl -f http://localhost:5151/ && curl -f http://localhost:8383/health/live || exit 1

# Expose both ports
EXPOSE 5151 8383

# Set environment variables
ENV GIN_MODE=release
ENV PORT=8383

# Run supervisor to manage both services
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]

# Metadata
LABEL org.opencontainers.image.title="SteerDock"
LABEL org.opencontainers.image.description="Enterprise-grade Docker management platform"
LABEL org.opencontainers.image.vendor="SteerDock Team"
LABEL org.opencontainers.image.source="https://github.com/steerdock/steerdock"
LABEL org.opencontainers.image.documentation="https://github.com/steerdock/steerdock/blob/main/README.md"