mirror of
https://github.com/deuill/coreos-home-server.git
synced 2024-09-21 13:40:45 +00:00
Alex Palaistras
faa0420931
This makes container builds more consistent, and therefore more cacheable in relation to other containers. In addition, certificates and keys are now copied to two separate volumes, one containing all certificates (for use in services like `nginx`, which may require unfettered access to certificates) and one containing certificates only for a specific domain, for use in most other cases.
18 lines
741 B
Docker
18 lines
741 B
Docker
FROM docker.io/golang:1.21-bookworm@sha256:1415bb0b25d3bffc0a44dcf9851c20a9f8bbe558095221d931f2e4a4cc3596eb AS builder
|
|
ARG VERSION=v4.14.2 # renovate: datasource=github-releases depName=go-acme/lego
|
|
|
|
WORKDIR /build
|
|
RUN GOBIN=/build/usr/bin go install -v github.com/go-acme/lego/v4/cmd/lego@${VERSION}
|
|
|
|
FROM docker.io/debian:bookworm-slim@sha256:f80c45482c8d147da87613cb6878a7238b8642bcc24fc11bad78c7bec726f340
|
|
RUN apt-get update -y && apt-get upgrade -y && \
|
|
apt-get install -y --no-install-recommends ca-certificates gettext gosu
|
|
|
|
RUN adduser --system --group --uid 10000 --home /var/lib/letsencrypt letsencrypt
|
|
|
|
COPY --from=builder /build /
|
|
COPY container/run-lego /run-lego
|
|
COPY container/run-hook /run-hook
|
|
|
|
ENTRYPOINT ["/run-lego"]
|