-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
98 lines (75 loc) · 3.63 KB
/
Dockerfile
File metadata and controls
98 lines (75 loc) · 3.63 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
# syntax=docker/dockerfile:latest
################################################################################
# AirGuard app builder
################################################################################
FROM docker.io/debian:13 AS airguard-builder
# Enable APT package caching
RUN rm -f /etc/apt/apt.conf.d/docker-clean && \
echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache
ENV TZ=Etc/UTC
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
apt-get update && \
apt-get install -y --no-install-recommends \
openjdk-21-jdk-headless \
patch \
sdkmanager
ENV ANDROID_HOME=/opt/android-sdk
RUN --mount=type=bind,source=./airguard,target=/airguard,rw \
yes | sdkmanager --licenses && \
cd /airguard/airguard-upstream && \
patch -p1 ../privacyshield.patch && \
./gradlew build -x lint --no-daemon && \
cp -av app/build/outputs/apk/debug/app-debug.apk /airguard.apk
################################################################################
# FindmyPy wheel builder
################################################################################
FROM docker.io/python:3.12-slim AS findmy-builder
# Enable APT package caching
RUN rm -f /etc/apt/apt.conf.d/docker-clean && \
echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' > /etc/apt/apt.conf.d/keep-cache
ENV TZ=Etc/UTC
RUN --mount=type=cache,target=/var/cache/apt,sharing=locked \
--mount=type=cache,target=/var/lib/apt,sharing=locked \
apt-get update && \
apt-get install -y --no-install-recommends \
patch
RUN --mount=type=bind,source=./findmy,target=/findmy,rw \
pip install --root-user-action=ignore --upgrade pip build && \
cd /findmy/findmypy-upstream && \
patch -p1 ../privacyshield.patch && \
python -m build --wheel --outdir /
################################################################################
# Relay firmware builder
################################################################################
FROM docker.io/espressif/idf:v5.2 AS firmware-builder
RUN --mount=type=bind,source=./relay-fw/src,target=/relay-fw,rw \
. ${IDF_PATH}/export.sh && \
cd /relay-fw && \
idf.py build && \
cp -av build/bootloader/bootloader.bin /bootloader.bin && \
cp -av build/partition_table/partition-table.bin /partition-table.bin && \
cp -av build/relay-fw.bin /relay-fw.bin
################################################################################
# Export the built artifacts to the host
################################################################################
FROM docker.io/debian:13 AS exporter
# Copy built artifacts from the respective builders
COPY --from=airguard-builder /airguard.apk /artifacts/airguard.apk
COPY --from=findmy-builder /*.whl /artifacts/
COPY --from=firmware-builder /*.bin /artifacts/
# Copy the artifacts to the host, assuming /mnt is a bind mount
CMD ["/bin/bash", "-c", "cp -av /artifacts/* /mnt/"]
################################################################################
# Server runner
################################################################################
FROM docker.io/python:3.12-slim AS server
RUN --mount=type=bind,source=./server,target=/server,ro \
cd /server && \
pip install --root-user-action=ignore --upgrade pip && \
pip install --root-user-action=ignore --requirement requirements.txt && \
mkdir -p /data
COPY --chmod=0755 ./server/server.py /server.py
EXPOSE 8000
VOLUME /data
CMD ["/server.py", "--sqlitedb", "/data/privacyshield.db", "--port", "8000"]