Update Dockerfile
Browse files- Dockerfile +18 -66
Dockerfile
CHANGED
|
@@ -1,66 +1,18 @@
|
|
| 1 |
-
|
| 2 |
-
FROM alpine:3.20
|
| 3 |
-
|
| 4 |
-
|
| 5 |
-
|
| 6 |
-
|
| 7 |
-
|
| 8 |
-
|
| 9 |
-
|
| 10 |
-
|
| 11 |
-
|
| 12 |
-
|
| 13 |
-
|
| 14 |
-
|
| 15 |
-
|
| 16 |
-
|
| 17 |
-
|
| 18 |
-
|
| 19 |
-
# Vite 只认编译期变量的 VITE_ 前缀
|
| 20 |
-
ENV VITE_VERSION=$VERSION
|
| 21 |
-
RUN npm run build
|
| 22 |
-
|
| 23 |
-
# ---------- 2) 构建后端(Go 1.23) ----------
|
| 24 |
-
FROM golang:1.23-alpine3.20 AS go-builder
|
| 25 |
-
ARG VERSION=1.0.0
|
| 26 |
-
ENV GO111MODULE=on \
|
| 27 |
-
CGO_ENABLED=0 \
|
| 28 |
-
GOOS=linux \
|
| 29 |
-
GOTOOLCHAIN=auto
|
| 30 |
-
WORKDIR /build
|
| 31 |
-
|
| 32 |
-
# 先缓存依赖
|
| 33 |
-
COPY --from=src /src/go.mod ./
|
| 34 |
-
COPY --from=src /src/go.sum ./
|
| 35 |
-
RUN go mod download
|
| 36 |
-
|
| 37 |
-
# 复制全部后端源码
|
| 38 |
-
COPY --from=src /src ./
|
| 39 |
-
# 注入前端产物
|
| 40 |
-
COPY --from=web-builder /build/web/dist ./web/dist
|
| 41 |
-
|
| 42 |
-
# 更小二进制 + 注入版本
|
| 43 |
-
RUN go build -trimpath -ldflags "-s -w -X gpt-load/internal/version.Version=${VERSION}" -o gpt-load
|
| 44 |
-
|
| 45 |
-
# ---------- 3) 运行阶段 ----------
|
| 46 |
-
FROM alpine:3.20
|
| 47 |
-
|
| 48 |
-
# 可选:非 root
|
| 49 |
-
RUN addgroup -S app && adduser -S app -G app
|
| 50 |
-
|
| 51 |
-
WORKDIR /app
|
| 52 |
-
# socat 用于将 HF 注入的 $PORT 转发到 3001(如果程序没适配 $PORT)
|
| 53 |
-
RUN apk add --no-cache ca-certificates tzdata socat && update-ca-certificates
|
| 54 |
-
|
| 55 |
-
COPY --from=go-builder /build/gpt-load /app/gpt-load
|
| 56 |
-
|
| 57 |
-
# 启动脚本:负责端口转发
|
| 58 |
-
COPY ./run.sh /app/run.sh
|
| 59 |
-
RUN chmod +x /app/run.sh
|
| 60 |
-
|
| 61 |
-
# HF 通常注入 PORT=7860,这里给个默认值兜底
|
| 62 |
-
ENV PORT=7860
|
| 63 |
-
EXPOSE 7860
|
| 64 |
-
|
| 65 |
-
USER app
|
| 66 |
-
ENTRYPOINT ["/app/run.sh"]
|
|
|
|
| 1 |
+
@@
|
| 2 |
+
FROM alpine:3.20
|
| 3 |
+
|
| 4 |
+
RUN addgroup -S app && adduser -S app -G app
|
| 5 |
+
WORKDIR /app
|
| 6 |
+
-RUN apk add --no-cache ca-certificates tzdata socat && update-ca-certificates
|
| 7 |
+
+RUN apk add --no-cache ca-certificates tzdata socat && update-ca-certificates
|
| 8 |
+
|
| 9 |
+
COPY --from=go-builder /build/gpt-load /app/gpt-load
|
| 10 |
+
+## 关键:为非 root 账户准备可写目录
|
| 11 |
+
+RUN mkdir -p /app/data && chown -R app:app /app
|
| 12 |
+
|
| 13 |
+
COPY ./run.sh /app/run.sh
|
| 14 |
+
RUN chmod +x /app/run.sh
|
| 15 |
+
@@
|
| 16 |
+
-USER app
|
| 17 |
+
+USER app
|
| 18 |
+
ENTRYPOINT ["/app/run.sh"]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|