Dome/Tuwunel-Interceptor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update dockerfile

Browse Source
This commit is contained in:
Dome
2026-05-05 20:20:43 +02:00
parent 6072d297a6
commit 28a403a0dd
1 changed files with 34 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files
dockerfile
+34 -11
View File
@@ -1,32 +1,55 @@
# -------- Stage 1: base --------
# --------------------------------------------------
# Base Image
# --------------------------------------------------
FROM python:3.11-slim
# -------- Env --------
# --------------------------------------------------
# Environment
# --------------------------------------------------
ENV PYTHONUNBUFFERED=1 \
PYTHONDONTWRITEBYTECODE=1
# -------- System deps (minimal) --------
# --------------------------------------------------
# System Dependencies (minimal)
# --------------------------------------------------
RUN apt-get update && apt-get install -y --no-install-recommends \
curl \
&& rm -rf /var/lib/apt/lists/*
# -------- Workdir --------
# --------------------------------------------------
# Workdir
# --------------------------------------------------
WORKDIR /app
# -------- Dependencies --------
# --------------------------------------------------
# Python Dependencies
# --------------------------------------------------
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt
# -------- App --------
COPY app.py .
# --------------------------------------------------
# App
# --------------------------------------------------
COPY . .
# -------- Non-root user --------
# --------------------------------------------------
# Create cache directory (important!)
# --------------------------------------------------
RUN mkdir -p /app/cache
# --------------------------------------------------
# Security: Non-root user
# --------------------------------------------------
RUN useradd -m appuser
USER appuser
# -------- Healthcheck --------
# --------------------------------------------------
# Healthcheck
# --------------------------------------------------
HEALTHCHECK --interval=30s --timeout=5s --retries=3 \
CMD curl -f http://localhost:5000/healthz || exit 1
# -------- Run --------
CMD ["python", "app.py"]
# --------------------------------------------------
# Start (Production)
# --------------------------------------------------
CMD ["gunicorn", "-w", "2", "-k", "gthread", "-t", "60", "-b", "0.0.0.0:5000", "app:app"]