itsscb/filebrowser
1
0
Fork 0
mirror of https://github.com/filebrowser/filebrowser.git synced 2025-07-13 11:30:36 +00:00
Code Issues Packages Projects Releases 1 Wiki Activity

build: lightweight busybox-based container build (#5285)

Browse Source
This commit is contained in:
outlook84 2025-07-13 14:37:20 +08:00 committed by GitHub
parent 1a5c83bcfe
commit 5c5942d995
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 56 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
.goreleaser.yml
View File

@ -40,17 +40,6 @@ archives:
- goos: windows
formats: ["zip"]
upx:
- enabled: true
goos:
- linux
- darwin
goarch:
- amd64
- arm64
compress: "best"
lzma: true
dockers:
# Alpine docker images
- dockerfile: Dockerfile

36
Dockerfile
View File

@ -1,23 +1,37 @@
FROM alpine:3.22
## Multistage build: First stage fetches dependencies
FROM alpine:3.22 AS fetcher
# install and copy ca-certificates, mailcap, and tini-static; download JSON.sh
RUN apk update && \
apk --no-cache add ca-certificates mailcap jq tini
apk --no-cache add ca-certificates mailcap tini-static && \
wget -O /JSON.sh https://raw.githubusercontent.com/dominictarr/JSON.sh/0d5e5c77365f63809bf6e77ef44a1f34b0e05840/JSON.sh
# Make user and create necessary directories
## Second stage: Use lightweight BusyBox image for final runtime environment
FROM busybox:1.37.0-musl
# Define non-root user UID and GID
ENV UID=1000
ENV GID=1000
# Create user group and user
RUN addgroup -g $GID user && \
adduser -D -u $UID -G user user && \
mkdir -p /config /database /srv && \
chown -R user:user /config /database /srv
adduser -D -u $UID -G user user
# Copy files and set permissions
COPY filebrowser /bin/filebrowser
COPY docker/common/ /
COPY docker/alpine/ /
# Copy binary, scripts, and configurations into image with proper ownership
COPY --chown=user:user filebrowser /bin/filebrowser
COPY --chown=user:user docker/common/ /
COPY --chown=user:user docker/alpine/ /
COPY --chown=user:user --from=fetcher /sbin/tini-static /bin/tini
COPY --from=fetcher /JSON.sh /JSON.sh
COPY --from=fetcher /etc/ca-certificates.conf /etc/ca-certificates.conf
COPY --from=fetcher /etc/ca-certificates /etc/ca-certificates
COPY --from=fetcher /etc/mime.types /etc/mime.types
COPY --from=fetcher /etc/ssl /etc/ssl
RUN chown -R user:user /bin/filebrowser /defaults healthcheck.sh init.sh
# Create data directories, set ownership, and ensure healthcheck script is executable
RUN mkdir -p /config /database /srv && \
chown -R user:user /config /database /srv \
&& chmod +x /healthcheck.sh
# Define healthcheck script
HEALTHCHECK --start-period=2s --interval=5s --timeout=3s CMD /healthcheck.sh

9
docker/alpine/healthcheck.sh Normal file
View File

@ -0,0 +1,9 @@
#!/bin/sh
set -e
PORT=${FB_PORT:-$(cat /tmp/FB_CONFIG | sh /JSON.sh | grep '\["port"\]' | awk '{print $2}')}
ADDRESS=${FB_ADDRESS:-$(cat /tmp/FB_CONFIG | sh /JSON.sh | grep '\["address"\]' | awk '{print $2}' | sed 's/"//g')}
ADDRESS=${ADDRESS:-localhost}
wget -q --spider http://$ADDRESS:$PORT/health || exit 1

31
docker/alpine/init.sh
View File

@ -7,19 +7,32 @@ if [ ! -f "/config/settings.json" ]; then
cp -a /defaults/settings.json /config/settings.json
fi
# Deal with the case where user does not provide a config argument
has_config_arg=0
# Extract config file path from arguments
config_file=""
next_is_config=0
for arg in "$@"; do
case "$arg" in
--config|--config=*|-c|-c=*)
has_config_arg=1
if [ "$next_is_config" -eq 1 ]; then
config_file="$arg"
break
;;
fi
case "$arg" in
-c|--config)
next_is_config=1
;;
-c=*|--config=*)
config_file="${arg#*=}"
break
;;
esac
done
if [ "$has_config_arg" -eq 0 ]; then
set -- --config=/config/settings.json "$@"
fi
# If no config argument is provided, set the default and add it to the args
if [ -z "$config_file" ]; then
config_file="/config/settings.json"
set -- --config=/config/settings.json "$@"
fi
# Create a symlink to the config file for compatibility with the healthcheck script
ln -s "$config_file" /tmp/FB_CONFIG
exec filebrowser "$@"