66 lines
1.7 KiB
Docker
66 lines
1.7 KiB
Docker
# 文件传输服务 Docker 镜像 (多阶段构建优化版本)
|
|
FROM python:3.11-slim as builder
|
|
|
|
# 配置阿里云pip镜像源
|
|
RUN pip config set global.index-url https://mirrors.aliyun.com/pypi/simple/ \
|
|
&& pip config set global.trusted-host mirrors.aliyun.com
|
|
|
|
# 安装构建依赖
|
|
COPY requirements.txt /tmp/
|
|
RUN pip install --no-cache-dir --upgrade pip \
|
|
&& pip install --no-cache-dir --user -r /tmp/requirements.txt
|
|
|
|
# 生产镜像
|
|
FROM python:3.11-slim
|
|
|
|
# 设置环境变量
|
|
ENV PYTHONDONTWRITEBYTECODE=1
|
|
ENV PYTHONUNBUFFERED=1
|
|
ENV HOST=0.0.0.0
|
|
ENV PORT=8000
|
|
ENV PATH=/root/.local/bin:$PATH
|
|
|
|
# 配置阿里云apt镜像源
|
|
RUN sed -i 's|http://deb.debian.org|http://mirrors.aliyun.com|g' /etc/apt/sources.list.d/debian.sources \
|
|
&& sed -i 's|http://security.debian.org|http://mirrors.aliyun.com|g' /etc/apt/sources.list.d/debian.sources
|
|
|
|
# 安装运行时依赖
|
|
RUN apt-get update \
|
|
&& apt-get install -y --no-install-recommends \
|
|
curl \
|
|
tini \
|
|
&& rm -rf /var/lib/apt/lists/* \
|
|
&& apt-get clean
|
|
|
|
# 从构建阶段复制Python包
|
|
COPY --from=builder /root/.local /root/.local
|
|
|
|
# 设置工作目录
|
|
WORKDIR /app
|
|
|
|
# 复制应用程序代码
|
|
COPY . .
|
|
|
|
# 创建上传目录并设置权限
|
|
RUN mkdir -p uploads \
|
|
&& chmod 755 uploads
|
|
|
|
# 创建非root用户
|
|
RUN groupadd -r appuser && useradd -r -g appuser appuser \
|
|
&& chown -R appuser:appuser /app
|
|
|
|
# 切换到非root用户
|
|
USER appuser
|
|
|
|
# 暴露端口
|
|
EXPOSE 8000
|
|
|
|
# 健康检查
|
|
HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 \
|
|
CMD curl -f http://localhost:8000/ || exit 1
|
|
|
|
# 使用tini作为init进程
|
|
ENTRYPOINT ["/usr/bin/tini", "--"]
|
|
|
|
# 启动命令
|
|
CMD ["python", "app.py"] |