badguardhome/scripts/make/Dockerfile
Ainar Garipov abf8f65f05 Pull request: Remove Docker VOLUME instruction for more flexibility
Merge in DNS/adguard-home from 2589-docker-volumes to master

Squashed commit of the following:

commit 5bff6ffa3138e9c09b786e4ff26fe286daa78c05
Merge: f0e9a74c e71019a1
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Mon Jan 25 14:45:15 2021 +0300

    Merge branch 'master' into 2589-docker-volumes

commit f0e9a74cc3d8baecaac68730b684e65ec3178886
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Mon Jan 25 14:44:07 2021 +0300

    all: doc changes

commit 76e538ca5f086fa99328dc10a05e7ca581457192
Author: Alex Povel <alex.povel@tuhh.de>
Date:   Thu Jan 21 15:07:11 2021 +0100

    Remove Docker VOLUME instruction for more flexibility

    Inheriting from the base image is made easier without
    the VOLUME instruction, since it cannot be reverted.
    All guides contain `--volume` explanations/usage
    examples anyway, so the VOLUME instructions in the
    Dockerfile aren't necessary.

    See also https://stackoverflow.com/a/62068396/11477374 for more
    examples for why that instruction can be harmful.
2021-01-25 18:07:49 +03:00

58 lines
1.7 KiB
Docker

# A docker file for scripts/make/build-docker.sh.
FROM alpine:3.12
ARG BUILD_DATE
ARG VERSION
ARG VCS_REF
LABEL maintainer="AdGuard Team <devteam@adguard.com>" \
org.opencontainers.image.created=$BUILD_DATE \
org.opencontainers.image.url="https://adguard.com/adguard-home.html" \
org.opencontainers.image.source="https://github.com/AdguardTeam/AdGuardHome" \
org.opencontainers.image.version=$VERSION \
org.opencontainers.image.revision=$VCS_REF \
org.opencontainers.image.vendor="AdGuard" \
org.opencontainers.image.title="AdGuard Home" \
org.opencontainers.image.description="Network-wide ads & trackers blocking DNS server" \
org.opencontainers.image.licenses="GPL-3.0"
# Update certificates.
RUN apk --no-cache --update add ca-certificates libcap && \
rm -rf /var/cache/apk/* && \
mkdir -p /opt/adguardhome/conf /opt/adguardhome/work && \
chown -R nobody: /opt/adguardhome
ARG DIST_DIR
ARG TARGETARCH
ARG TARGETOS
ARG TARGETVARIANT
COPY --chown=nobody:nogroup\
./${DIST_DIR}/docker/AdGuardHome_${TARGETOS}_${TARGETARCH}_${TARGETVARIANT}\
/opt/adguardhome/AdGuardHome
RUN setcap 'cap_net_bind_service=+eip' /opt/adguardhome/AdGuardHome
# 53 : DNS
# 67, 68 : DHCP
# 80 : HTTP
# 443 : HTTPS, DNS-over-HTTPS, DNSCrypt
# 784 : DNS-over-QUIC
# 853 : DNS-over-TLS
# 3000 : HTTP alt
# 3001 : HTTP beta
# 5443 : DNSCrypt alt
EXPOSE 53/tcp 53/udp 67/udp 68/udp 80/tcp 443/tcp 443/udp 784/udp\
853/tcp 3000/tcp 3001/tcp 5443/tcp 5443/udp
WORKDIR /opt/adguardhome/work
ENTRYPOINT ["/opt/adguardhome/AdGuardHome"]
CMD [ \
"--no-check-update", \
"-c", "/opt/adguardhome/conf/AdGuardHome.yaml", \
"-h", "0.0.0.0", \
"-w", "/opt/adguardhome/work" \
]