diff options
Diffstat (limited to 'Dockerfile')
| -rw-r--r-- | Dockerfile | 170 |
1 files changed, 79 insertions, 91 deletions
diff --git a/Dockerfile b/Dockerfile index 7cbada370..1e2d8a227 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,104 +1,92 @@ -FROM --platform=$TARGETPLATFORM docker.io/library/python:3.13-slim AS builder - -RUN apt-get update \ - && apt-get install -y --no-install-recommends \ - build-essential \ - brotli \ - # lxml - libxml2-dev \ - libxslt1-dev \ - zlib1g-dev \ - # uwsgi - libpcre3-dev \ - && rm -rf /var/lib/apt/lists/* - -WORKDIR /usr/local/searxng/ - -COPY ./requirements.txt ./requirements.txt - -RUN --mount=type=cache,id=pip,target=$HOME/.cache/pip python -m venv ./venv \ - && . ./venv/bin/activate \ - && pip install -r requirements.txt \ - && pip install "uwsgi~=2.0" - -COPY ./searx/ ./searx/ - -ARG TIMESTAMP_SETTINGS=0 -ARG TIMESTAMP_UWSGI=0 - -RUN python -m compileall -q searx \ - && touch -c --date=@$TIMESTAMP_SETTINGS ./searx/settings.yml \ - && touch -c --date=@$TIMESTAMP_UWSGI ./dockerfiles/uwsgi.ini \ - && find /usr/local/searxng/searx/static \ - \( -name '*.html' -o -name '*.css' -o -name '*.js' -o -name '*.svg' -o -name '*.ttf' -o -name '*.eot' \) \ - -type f -exec gzip -9 -k {} + -exec brotli --best {} + +FROM alpine:3.20 +ENTRYPOINT ["/sbin/tini","--","/usr/local/searxng/dockerfiles/docker-entrypoint.sh"] +EXPOSE 8080 +VOLUME /etc/searxng -ARG SEARXNG_UID=977 ARG SEARXNG_GID=977 +ARG SEARXNG_UID=977 -RUN grep -m1 root /etc/group > /tmp/.searxng.group \ - && grep -m1 root /etc/passwd > /tmp/.searxng.passwd \ - && echo "searxng:x:$SEARXNG_GID:" >> /tmp/.searxng.group \ - && echo "searxng:x:$SEARXNG_UID:$SEARXNG_GID:searxng:/usr/local/searxng:/bin/bash" >> /tmp/.searxng.passwd - -FROM --platform=$TARGETPLATFORM docker.io/library/python:3.13-slim - -RUN apt-get update \ - && apt-get install -y --no-install-recommends \ - # uwsgi - libpcre3 \ - libxml2 \ - mailcap \ - && rm -rf /var/lib/apt/lists/* - -COPY --chown=root:root --from=builder /tmp/.searxng.passwd /etc/passwd -COPY --chown=root:root --from=builder /tmp/.searxng.group /etc/group - -ARG LABEL_DATE="0001-01-01T00:00:00Z" -ARG GIT_URL="unspecified" -ARG SEARXNG_GIT_VERSION="unspecified" -ARG LABEL_VCS_REF="unspecified" -ARG LABEL_VCS_URL="unspecified" - -WORKDIR /usr/local/searxng/ - -COPY --chown=searxng:searxng --from=builder /usr/local/searxng/venv/ ./venv/ -COPY --chown=searxng:searxng --from=builder /usr/local/searxng/searx/ ./searx/ -COPY --chown=searxng:searxng ./dockerfiles/ ./dockerfiles/ - -LABEL org.opencontainers.image.authors="searxng <$GIT_URL>" \ - org.opencontainers.image.created=$LABEL_DATE \ - org.opencontainers.image.description="A privacy-respecting, hackable metasearch engine" \ - org.opencontainers.image.documentation="https://github.com/searxng/searxng-docker" \ - org.opencontainers.image.licenses="AGPL-3.0-or-later" \ - org.opencontainers.image.revision=$LABEL_VCS_REF \ - org.opencontainers.image.source=$LABEL_VCS_URL \ - org.opencontainers.image.title="searxng" \ - org.opencontainers.image.url=$LABEL_VCS_URL \ - org.opencontainers.image.version=$SEARXNG_GIT_VERSION - -ENV CONFIG_PATH=/etc/searxng \ - DATA_PATH=/var/cache/searxng +RUN addgroup -g ${SEARXNG_GID} searxng && \ + adduser -u ${SEARXNG_UID} -D -h /usr/local/searxng -s /bin/sh -G searxng searxng -ENV SEARXNG_VERSION=$SEARXNG_GIT_VERSION \ - INSTANCE_NAME=searxng \ - AUTOCOMPLETE="" \ - BASE_URL="" \ +ENV INSTANCE_NAME=searxng \ + AUTOCOMPLETE= \ + BASE_URL= \ BIND_ADDRESS=[::]:8080 \ - MORTY_KEY="" \ - MORTY_URL="" \ - SEARXNG_SETTINGS_PATH=$CONFIG_PATH/settings.yml \ - UWSGI_SETTINGS_PATH=$CONFIG_PATH/uwsgi.ini \ + MORTY_KEY= \ + MORTY_URL= \ + SEARXNG_SETTINGS_PATH=/etc/searxng/settings.yml \ + UWSGI_SETTINGS_PATH=/etc/searxng/uwsgi.ini \ UWSGI_WORKERS=%k \ UWSGI_THREADS=4 -VOLUME $CONFIG_PATH -VOLUME $DATA_PATH +WORKDIR /usr/local/searxng -EXPOSE 8080 +COPY requirements.txt ./requirements.txt -USER searxng:searxng +RUN apk add --no-cache -t build-dependencies \ + build-base \ + py3-setuptools \ + python3-dev \ + libffi-dev \ + libxslt-dev \ + libxml2-dev \ + openssl-dev \ + tar \ + git \ + && apk add --no-cache \ + ca-certificates \ + python3 \ + py3-pip \ + libxml2 \ + libxslt \ + openssl \ + tini \ + uwsgi \ + uwsgi-python3 \ + brotli \ + && pip3 install --break-system-packages --no-cache -r requirements.txt \ + && apk del build-dependencies \ + && rm -rf /root/.cache + +COPY --chown=searxng:searxng dockerfiles ./dockerfiles +COPY --chown=searxng:searxng searx ./searx + +ARG TIMESTAMP_SETTINGS=0 +ARG TIMESTAMP_UWSGI=0 +ARG VERSION_GITCOMMIT=unknown + +RUN su searxng -c "/usr/bin/python3 -m compileall -q searx" \ + && touch -c --date=@${TIMESTAMP_SETTINGS} searx/settings.yml \ + && touch -c --date=@${TIMESTAMP_UWSGI} dockerfiles/uwsgi.ini \ + && find /usr/local/searxng/searx/static -a \( -name '*.html' -o -name '*.css' -o -name '*.js' \ + -o -name '*.svg' -o -name '*.ttf' -o -name '*.eot' \) \ + -type f -exec gzip -9 -k {} \+ -exec brotli --best {} \+ HEALTHCHECK CMD wget --quiet --tries=1 --spider http://localhost:8080/healthz || exit 1 -ENTRYPOINT ["/usr/local/searxng/dockerfiles/docker-entrypoint.sh"] +# Keep these arguments at the end to prevent redundant layer rebuilds +ARG LABEL_DATE= +ARG GIT_URL=unknown +ARG SEARXNG_GIT_VERSION=unknown +ARG SEARXNG_DOCKER_TAG=unknown +ARG LABEL_VCS_REF= +ARG LABEL_VCS_URL= +LABEL maintainer="searxng <${GIT_URL}>" \ + description="A privacy-respecting, hackable metasearch engine." \ + version="${SEARXNG_GIT_VERSION}" \ + org.label-schema.schema-version="1.0" \ + org.label-schema.name="searxng" \ + org.label-schema.version="${SEARXNG_GIT_VERSION}" \ + org.label-schema.url="${LABEL_VCS_URL}" \ + org.label-schema.vcs-ref=${LABEL_VCS_REF} \ + org.label-schema.vcs-url=${LABEL_VCS_URL} \ + org.label-schema.build-date="${LABEL_DATE}" \ + org.label-schema.usage="https://github.com/searxng/searxng-docker" \ + org.opencontainers.image.title="searxng" \ + org.opencontainers.image.version="${SEARXNG_DOCKER_TAG}" \ + org.opencontainers.image.url="${LABEL_VCS_URL}" \ + org.opencontainers.image.revision=${LABEL_VCS_REF} \ + org.opencontainers.image.source=${LABEL_VCS_URL} \ + org.opencontainers.image.created="${LABEL_DATE}" \ + org.opencontainers.image.documentation="https://github.com/searxng/searxng-docker" |