Dome/Tuwunel-Interceptor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update dockerfile

Browse Source
This commit is contained in:
Dome
2026-05-05 20:20:43 +02:00
parent 6072d297a6
commit 28a403a0dd
1 changed files with 34 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files
dockerfile
+34 -11
View File
@@ -1,32 +1,55 @@
# -------- Stage 1: base -------- # --------------------------------------------------
# Base Image
# --------------------------------------------------
FROM python:3.11-slim FROM python:3.11-slim
# -------- Env -------- # --------------------------------------------------
# Environment
# --------------------------------------------------
ENV PYTHONUNBUFFERED=1 \ ENV PYTHONUNBUFFERED=1 \
PYTHONDONTWRITEBYTECODE=1 PYTHONDONTWRITEBYTECODE=1
# -------- System deps (minimal) -------- # --------------------------------------------------
# System Dependencies (minimal)
# --------------------------------------------------
RUN apt-get update && apt-get install -y --no-install-recommends \ RUN apt-get update && apt-get install -y --no-install-recommends \
curl \ curl \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
# -------- Workdir -------- # --------------------------------------------------
# Workdir
# --------------------------------------------------
WORKDIR /app WORKDIR /app
# -------- Dependencies -------- # --------------------------------------------------
# Python Dependencies
# --------------------------------------------------
COPY requirements.txt . COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt RUN pip install --no-cache-dir -r requirements.txt
# -------- App -------- # --------------------------------------------------
COPY app.py . # App
# --------------------------------------------------
COPY . .
# -------- Non-root user -------- # --------------------------------------------------
# Create cache directory (important!)
# --------------------------------------------------
RUN mkdir -p /app/cache
# --------------------------------------------------
# Security: Non-root user
# --------------------------------------------------
RUN useradd -m appuser RUN useradd -m appuser
USER appuser USER appuser
# -------- Healthcheck -------- # --------------------------------------------------
# Healthcheck
# --------------------------------------------------
HEALTHCHECK --interval=30s --timeout=5s --retries=3 \ HEALTHCHECK --interval=30s --timeout=5s --retries=3 \
CMD curl -f http://localhost:5000/healthz || exit 1 CMD curl -f http://localhost:5000/healthz || exit 1
# -------- Run -------- # --------------------------------------------------
CMD ["python", "app.py"] # Start (Production)
# --------------------------------------------------
CMD ["gunicorn", "-w", "2", "-k", "gthread", "-t", "60", "-b", "0.0.0.0:5000", "app:app"]