X-Git-Url: http://these/git/?a=blobdiff_plain;f=docker%2FDockerfile;h=02c2e572c9e7c69f4744ca7b3836c3eec1ba191e;hb=HEAD;hp=4da87a1d8416aee32802c27657910bae0c08eb8d;hpb=6f513793cbd8e7427812638335b55dbb0547ffec;p=lemmy.git

diff --git a/docker/Dockerfile b/docker/Dockerfile
index 4da87a1d..02c2e572 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -1,7 +1,10 @@
-FROM clux/muslrust:1.67.0 as builder
+FROM clux/muslrust:1.70.0 as builder
 WORKDIR /app
 ARG CARGO_BUILD_TARGET=x86_64-unknown-linux-musl
 
+# comma-seperated list of features to enable
+ARG CARGO_BUILD_FEATURES=default
+
 # This can be set to release using --build-arg
 ARG RUST_RELEASE_MODE="debug"
 
@@ -13,14 +16,15 @@ COPY . .
 RUN --mount=type=cache,target=/app/target \
     if [ "$RUST_RELEASE_MODE" = "debug" ] ; then \
       echo "pub const VERSION: &str = \"$(git describe --tag)\";" > "crates/utils/src/version.rs" \
-      && cargo build --target ${CARGO_BUILD_TARGET} \
+      && cargo build --target ${CARGO_BUILD_TARGET} --features ${CARGO_BUILD_FEATURES} \
       && cp ./target/$CARGO_BUILD_TARGET/$RUST_RELEASE_MODE/lemmy_server /app/lemmy_server; \
     fi
 
 # Release mode build
 RUN \
     if [ "$RUST_RELEASE_MODE" = "release" ] ; then \
-      cargo build --target ${CARGO_BUILD_TARGET} --release \
+      echo "pub const VERSION: &str = \"$(git describe --tag)\";" > "crates/utils/src/version.rs" \
+      && cargo build --target ${CARGO_BUILD_TARGET} --features ${CARGO_BUILD_FEATURES} --release \
       && cp ./target/$CARGO_BUILD_TARGET/$RUST_RELEASE_MODE/lemmy_server /app/lemmy_server; \
     fi
 
@@ -28,10 +32,14 @@ RUN \
 FROM alpine:3 as lemmy
 
 # Install libpq for postgres
-RUN apk add libpq
+RUN apk add --no-cache libpq
 
 # Copy resources
 COPY --from=builder /app/lemmy_server /app/lemmy
 
-EXPOSE 8536
+# Create non-privileged user
+RUN adduser -h /app -s sh -S -u 1000 lemmy
+RUN chown -R lemmy /app
+USER lemmy
+
 CMD ["/app/lemmy"]