From 779d1a49dfdc2806ba9fe016a96747a5419f21c2 Mon Sep 17 00:00:00 2001 From: phoenix Date: Thu, 10 Apr 2025 19:55:59 -0400 Subject: [PATCH 1/6] Added docker files Docker is not building --- .dockerignore.yaml | 19 ++++++++++++ Dockerfile | 73 +++++++++++++++++++++++++++++++++++++++++++++ docker-compose.yaml | 54 +++++++++++++++++++++++++++++++++ 3 files changed, 146 insertions(+) create mode 100644 .dockerignore.yaml create mode 100644 Dockerfile create mode 100644 docker-compose.yaml diff --git a/.dockerignore.yaml b/.dockerignore.yaml new file mode 100644 index 0000000..9b144ce --- /dev/null +++ b/.dockerignore.yaml @@ -0,0 +1,19 @@ +# Ignore build artifacts +target/ +pkg/ + +# Ignore git directory +.git/ + +# Ignore environment files (configure via docker-compose instead) +.env* + +# Ignore IDE/editor specific files +.idea/ +.vscode/ + +# Ignore OS specific files +*.DS_Store + +# Add any other files/directories you don't need in the image +# e.g., logs/, tmp/ \ No newline at end of file diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..00ab5b9 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,73 @@ +# Stage 1: Build the application +# Use a specific Rust version for reproducibility. Choose one that matches your development environment. +# Using slim variant for smaller base image +FROM rust:1.86-slim as builder + +# Set the working directory inside the container +WORKDIR /usr/src/app + +# Install build dependencies if needed (e.g., for certain crates like sqlx with native TLS) +# RUN apt-get update && apt-get install -y pkg-config libssl-dev + +# Install build dependencies if needed (e.g., git for cloning) +RUN apt-get update && apt-get install -y --no-install-recommends \ + pkg-config libssl-dev \ + openssh-client git \ + && rm -rf /var/lib/apt/lists/* + +# << --- ADD HOST KEY HERE --- >> +# Replace 'yourgithost.com' with the actual hostname (e.g., github.com) +RUN mkdir -p -m 0700 ~/.ssh && \ + ssh-keyscan git.kundeng.us >> ~/.ssh/known_hosts + +# Copy Cargo manifests +COPY Cargo.toml Cargo.lock ./ + +# Build *only* dependencies to leverage Docker cache +# This dummy build caches dependencies as a separate layer +RUN --mount=type=ssh mkdir src && \ + echo "fn main() {println!(\"if you see this, the build broke\")}" > src/main.rs && \ + cargo build --release --quiet && \ + rm -rf src target/release/deps/icarus_auth* # Clean up dummy build artifacts (replace icarus_auth) + +# Copy the actual source code +COPY src ./src +# If you have other directories like `templates` or `static`, copy them too +# COPY templates ./templates +# COPY static ./static + +# << --- SSH MOUNT ADDED HERE --- >> +# Build *only* dependencies to leverage Docker cache +# This dummy build caches dependencies as a separate layer +# Mount the SSH agent socket for this command +RUN --mount=type=ssh mkdir src && \ + echo "fn main() {println!(\"if you see this, the build broke\")}" > src/main.rs && \ + cargo build --release --quiet && \ + rm -rf src target/release/deps/icarus_auth* # Clean up dummy build artifacts + +# Stage 2: Create the final, smaller runtime image +# Use a minimal base image like debian-slim or even distroless for security/size +FROM debian:bullseye-slim + +# Install runtime dependencies if needed (e.g., SSL certificates) +RUN apt-get update && apt-get install -y ca-certificates libssl-dev && rm -rf /var/lib/apt/lists/* + +# Set the working directory +WORKDIR /usr/local/bin + +# Copy the compiled binary from the builder stage +# Replace 'icarus_auth' with the actual name of your binary (usually the crate name) +COPY --from=builder /usr/src/app/target/release/icarus_auth . + +# Copy other necessary files like .env (if used for runtime config) or static assets +# It's generally better to configure via environment variables in Docker though +# COPY --from=builder /usr/src/app/.env . +# COPY --from=builder /usr/src/app/templates ./templates +# COPY --from=builder /usr/src/app/static ./static + +# Expose the port your Axum app listens on (e.g., 3000 or 8000) +EXPOSE 3000 + +# Set the command to run your application +# Ensure this matches the binary name copied above +CMD ["./icarus_auth"] \ No newline at end of file diff --git a/docker-compose.yaml b/docker-compose.yaml new file mode 100644 index 0000000..e9ceb9e --- /dev/null +++ b/docker-compose.yaml @@ -0,0 +1,54 @@ +version: '0.3' # Use a recent version + +services: + # Your Rust Application Service + app: + build: . # Tells docker-compose to build the Dockerfile in the current directory + container_name: icarus_auth # Optional: Give the container a specific name + ports: + # Map host port 8000 to container port 3000 (adjust as needed) + # Format: "HOST_PORT:CONTAINER_PORT" + - "8000:3000" + environment: + # Pass environment variables to your Rust application + # RUST_LOG: info # Example: Set log level + # IMPORTANT: Configure DATABASE_URL to connect to the 'db' service + # The hostname 'db' matches the service name defined below. + DATABASE_URL: postgresql://icarus_op_test:mypassword@db:5432/icarus_auth_test + # Add any other environment variables your app needs + # APP_HOST: 0.0.0.0 + # APP_PORT: 3000 + depends_on: + db: + condition: service_healthy # Wait for the DB to be healthy before starting the app + restart: unless-stopped # Optional: Restart policy + + # PostgreSQL Database Service + db: + image: postgres:17-alpine # Use an official Postgres image (Alpine variant is smaller) + container_name: icarus_auth_db # Optional: Give the container a specific name + environment: + # These MUST match the user, password, and database name in the DATABASE_URL above + POSTGRES_USER: icarus_op_test + POSTGRES_PASSWORD: password + POSTGRES_DB: icarus_auth_test + volumes: + # Persist database data using a named volume + - postgres_data:/var/lib/postgresql/data + ports: [] + # Optional: Expose port 5432 ONLY if you need to connect directly from your host machine (e.g., for debugging) + # - "5432:5432" + # pass: + healthcheck: + # Checks if Postgres is ready to accept connections + test: ["CMD-SHELL", "pg_isready -U $$POSTGRES_USER -d $$POSTGRES_DB"] + interval: 10s + timeout: 5s + retries: 5 + start_period: 10s + restart: always # Optional: Restart policy + +# Define the named volume for data persistence +volumes: + postgres_data: + driver: local # Use the default local driver \ No newline at end of file -- 2.43.0 From d968cf8b6b14a2b66a9c4d1dc87ab2547efd2c20 Mon Sep 17 00:00:00 2001 From: phoenix Date: Thu, 10 Apr 2025 20:15:46 -0400 Subject: [PATCH 2/6] Forgot to include this file --- Dockerfile | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 00ab5b9..18d9fa7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -35,15 +35,15 @@ COPY src ./src # If you have other directories like `templates` or `static`, copy them too # COPY templates ./templates # COPY static ./static +COPY .env ./.env +COPY migrations ./migrations # << --- SSH MOUNT ADDED HERE --- >> # Build *only* dependencies to leverage Docker cache # This dummy build caches dependencies as a separate layer # Mount the SSH agent socket for this command -RUN --mount=type=ssh mkdir src && \ - echo "fn main() {println!(\"if you see this, the build broke\")}" > src/main.rs && \ - cargo build --release --quiet && \ - rm -rf src target/release/deps/icarus_auth* # Clean up dummy build artifacts +RUN --mount=type=ssh \ + cargo build --release --quiet # Stage 2: Create the final, smaller runtime image # Use a minimal base image like debian-slim or even distroless for security/size @@ -61,7 +61,8 @@ COPY --from=builder /usr/src/app/target/release/icarus_auth . # Copy other necessary files like .env (if used for runtime config) or static assets # It's generally better to configure via environment variables in Docker though -# COPY --from=builder /usr/src/app/.env . +COPY --from=builder /usr/src/app/.env . +COPY --from=builder /usr/src/app/migrations ./migrations # COPY --from=builder /usr/src/app/templates ./templates # COPY --from=builder /usr/src/app/static ./static -- 2.43.0 From c8ac1025b272cfd490fbf8ae723e04b391b089ae Mon Sep 17 00:00:00 2001 From: phoenix Date: Thu, 10 Apr 2025 20:16:06 -0400 Subject: [PATCH 3/6] Added docker file with instructions --- docker_run.txt | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 docker_run.txt diff --git a/docker_run.txt b/docker_run.txt new file mode 100644 index 0000000..01c5d5c --- /dev/null +++ b/docker_run.txt @@ -0,0 +1,7 @@ + +# Docker stuff +#Build app +docker-compose build --ssh default app + +# Rebuild and bring up +docker-compose up -d --force-recreate app -- 2.43.0 From 7e59b8a852f058af14138729111c7d8c313b0fdf Mon Sep 17 00:00:00 2001 From: phoenix Date: Thu, 10 Apr 2025 20:47:22 -0400 Subject: [PATCH 4/6] App now builds with docker --- Dockerfile | 9 +++++---- docker-compose.yaml | 8 ++++---- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/Dockerfile b/Dockerfile index 18d9fa7..48e6b75 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # Stage 1: Build the application # Use a specific Rust version for reproducibility. Choose one that matches your development environment. # Using slim variant for smaller base image -FROM rust:1.86-slim as builder +FROM rust:1.86 as builder # Set the working directory inside the container WORKDIR /usr/src/app @@ -11,7 +11,8 @@ WORKDIR /usr/src/app # Install build dependencies if needed (e.g., git for cloning) RUN apt-get update && apt-get install -y --no-install-recommends \ - pkg-config libssl-dev \ + pkg-config libssl3 \ + ca-certificates \ openssh-client git \ && rm -rf /var/lib/apt/lists/* @@ -47,10 +48,10 @@ RUN --mount=type=ssh \ # Stage 2: Create the final, smaller runtime image # Use a minimal base image like debian-slim or even distroless for security/size -FROM debian:bullseye-slim +FROM ubuntu:24.04 # Install runtime dependencies if needed (e.g., SSL certificates) -RUN apt-get update && apt-get install -y ca-certificates libssl-dev && rm -rf /var/lib/apt/lists/* +RUN apt-get update && apt-get install -y ca-certificates libssl-dev libssl3 && rm -rf /var/lib/apt/lists/* # Set the working directory WORKDIR /usr/local/bin diff --git a/docker-compose.yaml b/docker-compose.yaml index e9ceb9e..767874f 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -1,4 +1,4 @@ -version: '0.3' # Use a recent version +version: '3.8' # Use a recent version services: # Your Rust Application Service @@ -14,7 +14,7 @@ services: # RUST_LOG: info # Example: Set log level # IMPORTANT: Configure DATABASE_URL to connect to the 'db' service # The hostname 'db' matches the service name defined below. - DATABASE_URL: postgresql://icarus_op_test:mypassword@db:5432/icarus_auth_test + DATABASE_URL: postgresql://icarus_op:password@db:5432/icarus_auth # Add any other environment variables your app needs # APP_HOST: 0.0.0.0 # APP_PORT: 3000 @@ -29,9 +29,9 @@ services: container_name: icarus_auth_db # Optional: Give the container a specific name environment: # These MUST match the user, password, and database name in the DATABASE_URL above - POSTGRES_USER: icarus_op_test + POSTGRES_USER: icarus_op POSTGRES_PASSWORD: password - POSTGRES_DB: icarus_auth_test + POSTGRES_DB: icarus_auth volumes: # Persist database data using a named volume - postgres_data:/var/lib/postgresql/data -- 2.43.0 From 558c9ae04f88cd0127004beb52a9839079925146 Mon Sep 17 00:00:00 2001 From: phoenix Date: Thu, 10 Apr 2025 20:47:46 -0400 Subject: [PATCH 5/6] Updated docker instructions --- docker_run.txt | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/docker_run.txt b/docker_run.txt index 01c5d5c..bc0f021 100644 --- a/docker_run.txt +++ b/docker_run.txt @@ -5,3 +5,9 @@ docker-compose build --ssh default app # Rebuild and bring up docker-compose up -d --force-recreate app + +# Bring it down +docker-compose down -v + +# Pruning +docker system prune -a \ No newline at end of file -- 2.43.0 From 2e1fd2a38fb9196db544711d569928b7425a5a80 Mon Sep 17 00:00:00 2001 From: phoenix Date: Thu, 10 Apr 2025 20:57:05 -0400 Subject: [PATCH 6/6] Using postgres17.4 for docker --- docker-compose.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yaml b/docker-compose.yaml index 767874f..38c1b41 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -25,7 +25,7 @@ services: # PostgreSQL Database Service db: - image: postgres:17-alpine # Use an official Postgres image (Alpine variant is smaller) + image: postgres:17.4-alpine # Use an official Postgres image (Alpine variant is smaller) container_name: icarus_auth_db # Optional: Give the container a specific name environment: # These MUST match the user, password, and database name in the DATABASE_URL above -- 2.43.0