From 779d1a49dfdc2806ba9fe016a96747a5419f21c2 Mon Sep 17 00:00:00 2001 From: phoenix Date: Thu, 10 Apr 2025 19:55:59 -0400 Subject: [PATCH] Added docker files Docker is not building --- .dockerignore.yaml | 19 ++++++++++++ Dockerfile | 73 +++++++++++++++++++++++++++++++++++++++++++++ docker-compose.yaml | 54 +++++++++++++++++++++++++++++++++ 3 files changed, 146 insertions(+) create mode 100644 .dockerignore.yaml create mode 100644 Dockerfile create mode 100644 docker-compose.yaml diff --git a/.dockerignore.yaml b/.dockerignore.yaml new file mode 100644 index 0000000..9b144ce --- /dev/null +++ b/.dockerignore.yaml @@ -0,0 +1,19 @@ +# Ignore build artifacts +target/ +pkg/ + +# Ignore git directory +.git/ + +# Ignore environment files (configure via docker-compose instead) +.env* + +# Ignore IDE/editor specific files +.idea/ +.vscode/ + +# Ignore OS specific files +*.DS_Store + +# Add any other files/directories you don't need in the image +# e.g., logs/, tmp/ \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..00ab5b9 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,73 @@ +# Stage 1: Build the application +# Use a specific Rust version for reproducibility. Choose one that matches your development environment. +# Using slim variant for smaller base image +FROM rust:1.86-slim as builder + +# Set the working directory inside the container +WORKDIR /usr/src/app + +# Install build dependencies if needed (e.g., for certain crates like sqlx with native TLS) +# RUN apt-get update && apt-get install -y pkg-config libssl-dev + +# Install build dependencies if needed (e.g., git for cloning) +RUN apt-get update && apt-get install -y --no-install-recommends \ + pkg-config libssl-dev \ + openssh-client git \ + && rm -rf /var/lib/apt/lists/* + +# << --- ADD HOST KEY HERE --- >> +# Replace 'yourgithost.com' with the actual hostname (e.g., github.com) +RUN mkdir -p -m 0700 ~/.ssh && \ + ssh-keyscan git.kundeng.us >> ~/.ssh/known_hosts + +# Copy Cargo manifests +COPY Cargo.toml Cargo.lock ./ + +# Build *only* dependencies to leverage Docker cache +# This dummy build caches dependencies as a separate layer +RUN --mount=type=ssh mkdir src && \ + echo "fn main() {println!(\"if you see this, the build broke\")}" > src/main.rs && \ + cargo build --release --quiet && \ + rm -rf src target/release/deps/icarus_auth* # Clean up dummy build artifacts (replace icarus_auth) + +# Copy the actual source code +COPY src ./src +# If you have other directories like `templates` or `static`, copy them too +# COPY templates ./templates +# COPY static ./static + +# << --- SSH MOUNT ADDED HERE --- >> +# Build *only* dependencies to leverage Docker cache +# This dummy build caches dependencies as a separate layer +# Mount the SSH agent socket for this command +RUN --mount=type=ssh mkdir src && \ + echo "fn main() {println!(\"if you see this, the build broke\")}" > src/main.rs && \ + cargo build --release --quiet && \ + rm -rf src target/release/deps/icarus_auth* # Clean up dummy build artifacts + +# Stage 2: Create the final, smaller runtime image +# Use a minimal base image like debian-slim or even distroless for security/size +FROM debian:bullseye-slim + +# Install runtime dependencies if needed (e.g., SSL certificates) +RUN apt-get update && apt-get install -y ca-certificates libssl-dev && rm -rf /var/lib/apt/lists/* + +# Set the working directory +WORKDIR /usr/local/bin + +# Copy the compiled binary from the builder stage +# Replace 'icarus_auth' with the actual name of your binary (usually the crate name) +COPY --from=builder /usr/src/app/target/release/icarus_auth . + +# Copy other necessary files like .env (if used for runtime config) or static assets +# It's generally better to configure via environment variables in Docker though +# COPY --from=builder /usr/src/app/.env . +# COPY --from=builder /usr/src/app/templates ./templates +# COPY --from=builder /usr/src/app/static ./static + +# Expose the port your Axum app listens on (e.g., 3000 or 8000) +EXPOSE 3000 + +# Set the command to run your application +# Ensure this matches the binary name copied above +CMD ["./icarus_auth"] \ No newline at end of file diff --git a/docker-compose.yaml b/docker-compose.yaml new file mode 100644 index 0000000..e9ceb9e --- /dev/null +++ b/docker-compose.yaml @@ -0,0 +1,54 @@ +version: '0.3' # Use a recent version + +services: + # Your Rust Application Service + app: + build: . # Tells docker-compose to build the Dockerfile in the current directory + container_name: icarus_auth # Optional: Give the container a specific name + ports: + # Map host port 8000 to container port 3000 (adjust as needed) + # Format: "HOST_PORT:CONTAINER_PORT" + - "8000:3000" + environment: + # Pass environment variables to your Rust application + # RUST_LOG: info # Example: Set log level + # IMPORTANT: Configure DATABASE_URL to connect to the 'db' service + # The hostname 'db' matches the service name defined below. + DATABASE_URL: postgresql://icarus_op_test:mypassword@db:5432/icarus_auth_test + # Add any other environment variables your app needs + # APP_HOST: 0.0.0.0 + # APP_PORT: 3000 + depends_on: + db: + condition: service_healthy # Wait for the DB to be healthy before starting the app + restart: unless-stopped # Optional: Restart policy + + # PostgreSQL Database Service + db: + image: postgres:17-alpine # Use an official Postgres image (Alpine variant is smaller) + container_name: icarus_auth_db # Optional: Give the container a specific name + environment: + # These MUST match the user, password, and database name in the DATABASE_URL above + POSTGRES_USER: icarus_op_test + POSTGRES_PASSWORD: password + POSTGRES_DB: icarus_auth_test + volumes: + # Persist database data using a named volume + - postgres_data:/var/lib/postgresql/data + ports: [] + # Optional: Expose port 5432 ONLY if you need to connect directly from your host machine (e.g., for debugging) + # - "5432:5432" + # pass: + healthcheck: + # Checks if Postgres is ready to accept connections + test: ["CMD-SHELL", "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"] + interval: 10s + timeout: 5s + retries: 5 + start_period: 10s + restart: always # Optional: Restart policy + +# Define the named volume for data persistence +volumes: + postgres_data: + driver: local # Use the default local driver \ No newline at end of file