scriptos/keywarden
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity
Files
fe31ef5a3c0c09b361c5dfae1a5961b827ef432a
keywarden/Dockerfile
scriptos eb1f4e0738
All checks were successful
PR Tests / Lint, Build & Test (pull_request) Successful in 6m7s
Details
Security Scan / Go Vulnerability Check (pull_request) Successful in 5m33s
Details
fix: bump Go from 1.26.1 to 1.26.2 to resolve stdlib vulnerabilities
2026-04-08 20:09:40 +02:00

48 lines
1.2 KiB
Docker
Raw Blame History

# Keywarden - Centralized SSH Key Management and Deployment
# Multi-stage build for minimal image size
# Stage 1: Build
FROM golang:1.26.2-alpine AS builder
RUN apk add --no-cache gcc musl-dev sqlite-dev
WORKDIR /build
COPY go.mod go.sum ./
RUN go mod download
COPY . .
ARG VERSION=dev
RUN CGO_ENABLED=1 GOOS=linux go build -o keywarden -ldflags="-s -w -X main.Version=${VERSION}" ./cmd/keywarden/
# Stage 2: Runtime
FROM alpine:3.21
RUN apk add --no-cache ca-certificates sqlite-libs tzdata curl su-exec
RUN addgroup -S keywarden && adduser -S keywarden -G keywarden
WORKDIR /app
COPY --from=builder /build/keywarden .
COPY entrypoint.sh .
RUN mkdir -p /data/keys /data/master /data/avatars && \
chown -R keywarden:keywarden /data /app && \
chmod +x /app/entrypoint.sh
ENV KEYWARDEN_PORT=8080
ENV KEYWARDEN_DB_PATH=/data/keywarden.db
ENV KEYWARDEN_DATA_DIR=/data
ENV KEYWARDEN_KEYS_DIR=/data/keys
ENV KEYWARDEN_MASTER_DIR=/data/master
ENV KEYWARDEN_ENCRYPTION_KEY=change-me-encryption-key-32chars
EXPOSE 8080
VOLUME ["/data"]
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
CMD curl -f http://localhost:${KEYWARDEN_PORT:-8080}/api/health || exit 1
ENTRYPOINT ["/app/entrypoint.sh"]
Reference in New Issue View Git Blame Copy Permalink