mirror of
https://github.com/certbot/certbot.git
synced 2026-01-23 07:20:55 +03:00
64a00d37bb
Changes: - uses debian:jessie as base image (more lightweight) - .dockerignore .git/.tox to speed up build process considerably - more caching-aware Dockerfile - copy current directory instead of git cloning the repo inside the container - /etc/letsencrypt and /var/lib/letsencrypt volumes; no need for "if os.environ.get" hack bootstrap script for debian had to be adjusted, as lsb_release is not present in debian:jessie image.
56 lines
2.0 KiB
Docker
56 lines
2.0 KiB
Docker
FROM buildpack-deps:jessie
|
|
MAINTAINER Jakub Warmuz <jakub@warmuz.org>
|
|
|
|
# You neccesarily have to bind to 443@host as well! (ACME spec)
|
|
EXPOSE 443
|
|
|
|
# TODO: make sure --config-dir and --work-dir cannot be changed
|
|
# through the CLI (letsencrypt-docker wrapper that uses standalone
|
|
# authenticator and text mode only?)
|
|
VOLUME /etc/letsencrypt /var/lib/letsencrypt
|
|
|
|
WORKDIR /opt/letsencrypt
|
|
|
|
# no need to mkdir anything:
|
|
# https://docs.docker.com/reference/builder/#copy
|
|
# If <dest> doesn't exist, it is created along with all missing
|
|
# directories in its path.
|
|
|
|
# The following copies too much than we need...
|
|
#COPY . /opt/letsencrypt/
|
|
|
|
COPY bootstrap/debian.sh /opt/letsencrypt/src/
|
|
RUN /opt/letsencrypt/src/debian.sh newer && \
|
|
apt-get clean && \
|
|
rm -rf /var/lib/apt/lists/* \
|
|
/tmp/* \
|
|
/var/tmp/*
|
|
|
|
# the above is not likely to change, so by putting it further up the
|
|
# Dockerfile we make sure we cache as much as possible
|
|
|
|
|
|
COPY setup.py README.rst CHANGES.rst MANIFEST.in /opt/letsencrypt/src/
|
|
|
|
# all above files are necessary for setup.py, however, package source
|
|
# code directory has to be copied separately to a subdirectory...
|
|
# https://docs.docker.com/reference/builder/#copy: "If <src> is a
|
|
# directory, the entire contents of the directory are copied,
|
|
# including filesystem metadata. Note: The directory itself is not
|
|
# copied, just its contents." Order again matters, three files are far
|
|
# more likely to be cached than the whole project directory
|
|
|
|
COPY letsencrypt /opt/letsencrypt/src/letsencrypt/
|
|
|
|
|
|
RUN virtualenv --no-site-packages -p python2 /opt/letsencrypt && \
|
|
/opt/letsencrypt/bin/pip install -e /opt/letsencrypt/src
|
|
|
|
# install in editable mode (-e) to save space: it's not possible to
|
|
# "rm -rf /opt/letsencrypt/src" (it's stays in the underlaying image);
|
|
# this might also help in debugging: you can "docker run --entrypoint
|
|
# bash" and investigate, apply patches, etc.
|
|
|
|
# TODO: is --text really necessary?
|
|
ENTRYPOINT [ "/opt/letsencrypt/bin/letsencrypt", "--text" ]
|