orztv
commited on
Commit
·
391bed2
1
Parent(s):
40f180f
update
Browse files- Dockerfile +12 -10
Dockerfile
CHANGED
|
@@ -1,10 +1,8 @@
|
|
| 1 |
FROM nocodb/nocodb:latest
|
| 2 |
|
| 3 |
-
ARG NC_S3_BUCKET_NAME
|
| 4 |
ARG NC_S3_REGION
|
| 5 |
ARG NC_S3_ENDPOINT
|
| 6 |
ARG NC_S3_ACCESS_KEY
|
| 7 |
-
ARG NC_S3_ACCESS_SECRET
|
| 8 |
|
| 9 |
# 创建数据目录、设置权限并安装 PostgreSQL 和 Redis
|
| 10 |
RUN adduser -D -u 1000 nocodb && \
|
|
@@ -27,9 +25,13 @@ RUN adduser -D -u 1000 nocodb && \
|
|
| 27 |
chown -R nocodb:nocodb /etc/redis.conf /var/log/redis /var/run/redis /usr/app/data /var/lib/redis && \
|
| 28 |
apk add --update --no-cache dasel dumb-init nodejs
|
| 29 |
|
| 30 |
-
|
| 31 |
-
|
| 32 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
| 33 |
|
| 34 |
# 复制启动脚本和 Node.js 示例程序并设置权限
|
| 35 |
COPY docker/startup.sh /usr/src/appEntry/startup.sh
|
|
@@ -40,6 +42,7 @@ USER nocodb
|
|
| 40 |
|
| 41 |
WORKDIR /usr/src/app
|
| 42 |
|
|
|
|
| 43 |
ENV LITESTREAM_S3_SKIP_VERIFY=false \
|
| 44 |
LITESTREAM_RETENTION=1440h \
|
| 45 |
LITESTREAM_RETENTION_CHECK_INTERVAL=72h \
|
|
@@ -50,16 +53,15 @@ ENV LITESTREAM_S3_SKIP_VERIFY=false \
|
|
| 50 |
NODE_ENV=production \
|
| 51 |
NC_ALLOW_LOCAL_HOOKS=true \
|
| 52 |
NC_REDIS_URL="redis://:redis_password@localhost:6379/4" \
|
| 53 |
-
S3_BUCKET_NAME=${cat /run/secrets/S3_BUCKET_NAME} \
|
| 54 |
S3_REGION=${NC_S3_REGION} \
|
| 55 |
S3_ENDPOINT=${NC_S3_ENDPOINT} \
|
| 56 |
S3_ACCESS_KEY=${NC_S3_ACCESS_KEY} \
|
| 57 |
-
S3_ACCESS_SECRET=${cat /run/secrets/NC_S3_ACCESS_SECRET} \
|
| 58 |
-
LITESTREAM_S3_BUCKET=${cat /run/secrets/S3_BUCKET_NAME} \
|
| 59 |
LITESTREAM_S3_REGION=${NC_S3_REGION} \
|
| 60 |
LITESTREAM_S3_ENDPOINT=${NC_S3_ENDPOINT} \
|
| 61 |
-
LITESTREAM_S3_ACCESS_KEY_ID=${NC_S3_ACCESS_KEY}
|
| 62 |
-
|
|
|
|
|
|
|
| 63 |
|
| 64 |
EXPOSE 8080
|
| 65 |
|
|
|
|
| 1 |
FROM nocodb/nocodb:latest
|
| 2 |
|
|
|
|
| 3 |
ARG NC_S3_REGION
|
| 4 |
ARG NC_S3_ENDPOINT
|
| 5 |
ARG NC_S3_ACCESS_KEY
|
|
|
|
| 6 |
|
| 7 |
# 创建数据目录、设置权限并安装 PostgreSQL 和 Redis
|
| 8 |
RUN adduser -D -u 1000 nocodb && \
|
|
|
|
| 25 |
chown -R nocodb:nocodb /etc/redis.conf /var/log/redis /var/run/redis /usr/app/data /var/lib/redis && \
|
| 26 |
apk add --update --no-cache dasel dumb-init nodejs
|
| 27 |
|
| 28 |
+
# 使用 secret 获取 S3 bucket 名称和访问密钥
|
| 29 |
+
RUN --mount=type=secret,id=NC_S3_BUCKET_NAME,mode=0444,required=true \
|
| 30 |
+
--mount=type=secret,id=NC_S3_ACCESS_SECRET,mode=0444,required=true \
|
| 31 |
+
echo "S3_BUCKET_NAME=$(cat /run/secrets/NC_S3_BUCKET_NAME)" >> /tmp/s3_env && \
|
| 32 |
+
echo "S3_ACCESS_SECRET=$(cat /run/secrets/NC_S3_ACCESS_SECRET)" >> /tmp/s3_env && \
|
| 33 |
+
echo "LITESTREAM_S3_BUCKET=$(cat /run/secrets/NC_S3_BUCKET_NAME)" >> /tmp/s3_env && \
|
| 34 |
+
echo "LITESTREAM_S3_ACCESS_KEY_ID=$(cat /run/secrets/NC_S3_ACCESS_KEY)" >> /tmp/s3_env
|
| 35 |
|
| 36 |
# 复制启动脚本和 Node.js 示例程序并设置权限
|
| 37 |
COPY docker/startup.sh /usr/src/appEntry/startup.sh
|
|
|
|
| 42 |
|
| 43 |
WORKDIR /usr/src/app
|
| 44 |
|
| 45 |
+
# 设置环境变量,包括从 secret 获取的值
|
| 46 |
ENV LITESTREAM_S3_SKIP_VERIFY=false \
|
| 47 |
LITESTREAM_RETENTION=1440h \
|
| 48 |
LITESTREAM_RETENTION_CHECK_INTERVAL=72h \
|
|
|
|
| 53 |
NODE_ENV=production \
|
| 54 |
NC_ALLOW_LOCAL_HOOKS=true \
|
| 55 |
NC_REDIS_URL="redis://:redis_password@localhost:6379/4" \
|
|
|
|
| 56 |
S3_REGION=${NC_S3_REGION} \
|
| 57 |
S3_ENDPOINT=${NC_S3_ENDPOINT} \
|
| 58 |
S3_ACCESS_KEY=${NC_S3_ACCESS_KEY} \
|
|
|
|
|
|
|
| 59 |
LITESTREAM_S3_REGION=${NC_S3_REGION} \
|
| 60 |
LITESTREAM_S3_ENDPOINT=${NC_S3_ENDPOINT} \
|
| 61 |
+
LITESTREAM_S3_ACCESS_KEY_ID=${NC_S3_ACCESS_KEY}
|
| 62 |
+
|
| 63 |
+
# 从临时文件中读取 secret 值并设置为环境变量
|
| 64 |
+
ENV $(cat /tmp/s3_env | xargs)
|
| 65 |
|
| 66 |
EXPOSE 8080
|
| 67 |
|