76 lines
1.6 KiB
Docker
76 lines
1.6 KiB
Docker
ARG from_builder=docker.io/golang:1.24-alpine3.21
|
|
ARG from=docker.io/alpine:3.21
|
|
|
|
ARG BUILDPLATFORM
|
|
|
|
FROM --platform=$BUILDPLATFORM ${from_builder} AS build
|
|
|
|
ARG TARGETARCH
|
|
ARG TARGETOS
|
|
ARG GOTOOLCHAIN=local
|
|
|
|
RUN apk update && apk add --no-cache \
|
|
bash \
|
|
git \
|
|
zopfli brotli zstd
|
|
|
|
ENV GOBIN="/go/bin"
|
|
|
|
COPY . .
|
|
|
|
RUN ./build-compress.sh
|
|
|
|
ENV CGO_ENABLED=0
|
|
ENV GOOS=${TARGETOS}
|
|
ENV GOARCH=${TARGETARCH}
|
|
ENV GOTOOLCHAIN=${GOTOOLCHAIN}
|
|
ENV BUILDMODE=pie
|
|
|
|
# riscv64 requires GCC for pie buildmode
|
|
# see https://github.com/golang/go/issues/64875
|
|
RUN if [[ "$GOARCH" == "riscv64" ]]; then export BUILDMODE=exe; fi && \
|
|
go build -v \
|
|
-pgo=auto \
|
|
-trimpath -ldflags='-buildid= -bindnow' -buildmode $BUILDMODE \
|
|
-o "${GOBIN}/go-away" ./cmd/go-away
|
|
|
|
RUN test -e "${GOBIN}/go-away"
|
|
|
|
|
|
FROM ${from}
|
|
|
|
COPY --from=build /go/bin/go-away /bin/go-away
|
|
COPY examples/snippets/ /snippets/
|
|
COPY docker-entrypoint.sh /
|
|
|
|
ENV TZ=UTC
|
|
|
|
ENV GOAWAY_METRICS_BIND=""
|
|
ENV GOAWAY_DEBUG_BIND=""
|
|
|
|
ENV GOAWAY_BIND=":8080"
|
|
ENV GOAWAY_BIND_NETWORK="tcp"
|
|
ENV GOAWAY_SOCKET_MODE="0770"
|
|
ENV GOAWAY_CONFIG=""
|
|
ENV GOAWAY_POLICY="/policy.yml"
|
|
ENV GOAWAY_POLICY_SNIPPETS=""
|
|
ENV GOAWAY_CHALLENGE_TEMPLATE="anubis"
|
|
ENV GOAWAY_CHALLENGE_TEMPLATE_THEME=""
|
|
ENV GOAWAY_CHALLENGE_TEMPLATE_LOGO=""
|
|
ENV GOAWAY_SLOG_LEVEL="WARN"
|
|
ENV GOAWAY_CLIENT_IP_HEADER=""
|
|
ENV GOAWAY_BACKEND_IP_HEADER=""
|
|
ENV GOAWAY_BACKEND=""
|
|
ENV GOAWAY_ACME_AUTOCERT=""
|
|
ENV GOAWAY_CACHE="/cache"
|
|
|
|
|
|
EXPOSE 8080/tcp
|
|
EXPOSE 8080/udp
|
|
EXPOSE 9090/tcp
|
|
EXPOSE 6060/tcp
|
|
|
|
# Use GOAWAY_JWT_PRIVATE_KEY_SEED or JWT_PRIVATE_KEY_SEED secret mount to expose this value to docker
|
|
|
|
ENTRYPOINT ["/docker-entrypoint.sh"]
|