vaultwarden/docker/Dockerfile.alpine

# syntax=docker/dockerfile:1

# This file was generated using a Jinja2 template.
# Please make your changes in `DockerSettings.yaml` or `Dockerfile.j2` and then `make`
# This will generate two Dockerfile's `Dockerfile.debian` and `Dockerfile.alpine`

# Using multistage build:
# 	https://docs.docker.com/develop/develop-images/multistage-build/
# 	https://whitfin.io/speeding-up-rust-docker-builds/

####################### VAULT BUILD IMAGE #######################
# The web-vault digest specifies a particular web-vault build on Docker Hub.
# Using the digest instead of the tag name provides better security,
# as the digest of an image is immutable, whereas a tag name can later
# be changed to point to a malicious image.
#
# To verify the current digest for a given tag name:
# - From https://hub.docker.com/r/vaultwarden/web-vault/tags,
#   click the tag name to view the digest of the image it currently points to.
# - From the command line:
#     $ docker pull docker.io/vaultwarden/web-vault:v2024.5.1
#     $ docker image inspect --format "{{.RepoDigests}}" docker.io/vaultwarden/web-vault:v2024.5.1
#     [docker.io/vaultwarden/web-vault@sha256:4bbfeee86a44fbf2a5a9f6f038946b6931f0a3aa1e8cdcae8805c172d036fa89]
#
# - Conversely, to get the tag name from the digest:
#     $ docker image inspect --format "{{.RepoTags}}" docker.io/vaultwarden/web-vault@sha256:4bbfeee86a44fbf2a5a9f6f038946b6931f0a3aa1e8cdcae8805c172d036fa89
#     [docker.io/vaultwarden/web-vault:v2024.5.1]
#
FROM --platform=linux/amd64 docker.io/vaultwarden/web-vault@sha256:4bbfeee86a44fbf2a5a9f6f038946b6931f0a3aa1e8cdcae8805c172d036fa89 as vault

########################## ALPINE BUILD IMAGES ##########################
## NOTE: The Alpine Base Images do not support other platforms then linux/amd64
## And for Alpine we define all build images here, they will only be loaded when actually used
FROM --platform=linux/amd64 ghcr.io/blackdex/rust-musl:x86_64-musl-stable-1.79.0 as build_amd64
FROM --platform=linux/amd64 ghcr.io/blackdex/rust-musl:aarch64-musl-stable-1.79.0 as build_arm64
FROM --platform=linux/amd64 ghcr.io/blackdex/rust-musl:armv7-musleabihf-stable-1.79.0 as build_armv7
FROM --platform=linux/amd64 ghcr.io/blackdex/rust-musl:arm-musleabi-stable-1.79.0 as build_armv6

########################## BUILD IMAGE ##########################
# hadolint ignore=DL3006
FROM --platform=linux/amd64 build_${TARGETARCH}${TARGETVARIANT} as build
ARG TARGETARCH
ARG TARGETVARIANT
ARG TARGETPLATFORM

SHELL ["/bin/bash", "-o", "pipefail", "-c"]

# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
    LANG=C.UTF-8 \
    TZ=UTC \
    TERM=xterm-256color \
    CARGO_HOME="/root/.cargo" \
    USER="root" \
    # Use PostgreSQL v15 during Alpine/MUSL builds instead of the default v11
    # Debian Bookworm already contains libpq v15
    PQ_LIB_DIR="/usr/local/musl/pq15/lib"


# Create CARGO_HOME folder and don't download rust docs
RUN mkdir -pv "${CARGO_HOME}" && \
    rustup set profile minimal

# Creates a dummy project used to grab dependencies
RUN USER=root cargo new --bin /app
WORKDIR /app

# Environment variables for Cargo on Alpine based builds
RUN echo "export CARGO_TARGET=${RUST_MUSL_CROSS_TARGET}" >> /env-cargo && \
    # Output the current contents of the file
    cat /env-cargo

RUN source /env-cargo && \
    rustup target add "${CARGO_TARGET}"

# Copies over *only* your manifests and build files
COPY ./Cargo.* ./rust-toolchain.toml ./build.rs ./

ARG CARGO_PROFILE=release

# Configure the DB ARG as late as possible to not invalidate the cached layers above
# Enable MiMalloc to improve performance on Alpine builds
ARG DB=sqlite,mysql,postgresql,enable_mimalloc

# Builds your dependencies and removes the
# dummy project, except the target folder
# This folder contains the compiled dependencies
RUN source /env-cargo && \
    cargo build --features ${DB} --profile "${CARGO_PROFILE}" --target="${CARGO_TARGET}" && \
    find . -not -path "./target*" -delete

# Copies the complete project
# To avoid copying unneeded files, use .dockerignore
COPY . .

ARG VW_VERSION

# Builds again, this time it will be the actual source files being build
RUN source /env-cargo && \
    # Make sure that we actually build the project by updating the src/main.rs timestamp
    # Also do this for build.rs to ensure the version is rechecked
    touch build.rs src/main.rs && \
    # Create a symlink to the binary target folder to easy copy the binary in the final stage
    cargo build --features ${DB} --profile "${CARGO_PROFILE}" --target="${CARGO_TARGET}" && \
    if [[ "${CARGO_PROFILE}" == "dev" ]] ; then \
        ln -vfsr "/app/target/${CARGO_TARGET}/debug" /app/target/final ; \
    else \
        ln -vfsr "/app/target/${CARGO_TARGET}/${CARGO_PROFILE}" /app/target/final ; \
    fi


######################## RUNTIME IMAGE  ########################
# Create a new stage with a minimal image
# because we already have a binary built
#
# To build these images you need to have qemu binfmt support.
# See the following pages to help install these tools locally
# Ubuntu/Debian: https://wiki.debian.org/QemuUserEmulation
# Arch Linux: https://wiki.archlinux.org/title/QEMU#Chrooting_into_arm/arm64_environment_from_x86_64
#
# Or use a Docker image which modifies your host system to support this.
# The GitHub Actions Workflow uses the same image as used below.
# See: https://github.com/tonistiigi/binfmt
# Usage: docker run --privileged --rm tonistiigi/binfmt --install arm64,arm
# To uninstall: docker run --privileged --rm tonistiigi/binfmt --uninstall 'qemu-*'
#
# We need to add `--platform` here, because of a podman bug: https://github.com/containers/buildah/issues/4742
FROM --platform=$TARGETPLATFORM docker.io/library/alpine:3.20

ENV ROCKET_PROFILE="release" \
    ROCKET_ADDRESS=0.0.0.0 \
    ROCKET_PORT=80 \
    SSL_CERT_DIR=/etc/ssl/certs

# Create data folder and Install needed libraries
RUN mkdir /data && \
    apk --no-cache add \
        ca-certificates \
        curl \
        openssl \
        tzdata

VOLUME /data
EXPOSE 80
EXPOSE 3012

# Copies the files from the context (Rocket.toml file and web-vault)
# and the binary from the "build" stage to the current stage
WORKDIR /

COPY docker/healthcheck.sh docker/start.sh /

COPY --from=vault /web-vault ./web-vault
COPY --from=build /app/target/final/vaultwarden .

HEALTHCHECK --interval=60s --timeout=10s CMD ["/healthcheck.sh"]

CMD ["/start.sh"]
Container building changes (#3958) * WIP: Container building changes * Small updates - Updated to rust 1.73.0 - Updated crates - Updated documentation - Added a bake.sh script to make baking easier * Update GitHub Actions Workflow - Updated workflow to use qemu and buildx bake In the future i would like to extract the alpine based binaries and add them as artifacts to the release. * Address review remarks and small updates - Addressed review remarks - Added `podman-bake.sh` script to build Vaultwarden with podman - Updated README - Updated crates - Added `VW_VERSION` support - Added annotations - Updated web-vault to v2023.9.1 2023-10-23 00:18:38 +02:00			`# syntax=docker/dockerfile:1`

			`# This file was generated using a Jinja2 template.`
			# Please make your changes in `DockerSettings.yaml` or `Dockerfile.j2` and then `make`
			# This will generate two Dockerfile's `Dockerfile.debian` and `Dockerfile.alpine`

			`# Using multistage build:`
			`# https://docs.docker.com/develop/develop-images/multistage-build/`
			`# https://whitfin.io/speeding-up-rust-docker-builds/`

			`####################### VAULT BUILD IMAGE #######################`
			`# The web-vault digest specifies a particular web-vault build on Docker Hub.`
			`# Using the digest instead of the tag name provides better security,`
			`# as the digest of an image is immutable, whereas a tag name can later`
			`# be changed to point to a malicious image.`
			`#`
			`# To verify the current digest for a given tag name:`
			`# - From https://hub.docker.com/r/vaultwarden/web-vault/tags,`
			`# click the tag name to view the digest of the image it currently points to.`
			`# - From the command line:`
Update crates, web-vault and GHA (#4648) - Updated all crates including Diesel and the new mysqlclient-sys - Updated the MSRV to v1.78 as that is what Diesel mandates - Added the mimalloc crate as a patch for now to fix armv6 static builds This probably makes #4606 possible - Updated web-vault to v2024.5.1 - Updated GitHub Actions Fixed an issue with the localhost images for extracting the musl binaries. 2024-06-19 13:06:58 +02:00			`# $ docker pull docker.io/vaultwarden/web-vault:v2024.5.1`
			`# $ docker image inspect --format "{{.RepoDigests}}" docker.io/vaultwarden/web-vault:v2024.5.1`
			`# [docker.io/vaultwarden/web-vault@sha256:4bbfeee86a44fbf2a5a9f6f038946b6931f0a3aa1e8cdcae8805c172d036fa89]`
Container building changes (#3958) * WIP: Container building changes * Small updates - Updated to rust 1.73.0 - Updated crates - Updated documentation - Added a bake.sh script to make baking easier * Update GitHub Actions Workflow - Updated workflow to use qemu and buildx bake In the future i would like to extract the alpine based binaries and add them as artifacts to the release. * Address review remarks and small updates - Addressed review remarks - Added `podman-bake.sh` script to build Vaultwarden with podman - Updated README - Updated crates - Added `VW_VERSION` support - Added annotations - Updated web-vault to v2023.9.1 2023-10-23 00:18:38 +02:00			`#`
			`# - Conversely, to get the tag name from the digest:`
Update crates, web-vault and GHA (#4648) - Updated all crates including Diesel and the new mysqlclient-sys - Updated the MSRV to v1.78 as that is what Diesel mandates - Added the mimalloc crate as a patch for now to fix armv6 static builds This probably makes #4606 possible - Updated web-vault to v2024.5.1 - Updated GitHub Actions Fixed an issue with the localhost images for extracting the musl binaries. 2024-06-19 13:06:58 +02:00			`# $ docker image inspect --format "{{.RepoTags}}" docker.io/vaultwarden/web-vault@sha256:4bbfeee86a44fbf2a5a9f6f038946b6931f0a3aa1e8cdcae8805c172d036fa89`
			`# [docker.io/vaultwarden/web-vault:v2024.5.1]`
Container building changes (#3958) * WIP: Container building changes * Small updates - Updated to rust 1.73.0 - Updated crates - Updated documentation - Added a bake.sh script to make baking easier * Update GitHub Actions Workflow - Updated workflow to use qemu and buildx bake In the future i would like to extract the alpine based binaries and add them as artifacts to the release. * Address review remarks and small updates - Addressed review remarks - Added `podman-bake.sh` script to build Vaultwarden with podman - Updated README - Updated crates - Added `VW_VERSION` support - Added annotations - Updated web-vault to v2023.9.1 2023-10-23 00:18:38 +02:00			`#`
Update crates, web-vault and GHA (#4648) - Updated all crates including Diesel and the new mysqlclient-sys - Updated the MSRV to v1.78 as that is what Diesel mandates - Added the mimalloc crate as a patch for now to fix armv6 static builds This probably makes #4606 possible - Updated web-vault to v2024.5.1 - Updated GitHub Actions Fixed an issue with the localhost images for extracting the musl binaries. 2024-06-19 13:06:58 +02:00			`FROM --platform=linux/amd64 docker.io/vaultwarden/web-vault@sha256:4bbfeee86a44fbf2a5a9f6f038946b6931f0a3aa1e8cdcae8805c172d036fa89 as vault`
Container building changes (#3958) * WIP: Container building changes * Small updates - Updated to rust 1.73.0 - Updated crates - Updated documentation - Added a bake.sh script to make baking easier * Update GitHub Actions Workflow - Updated workflow to use qemu and buildx bake In the future i would like to extract the alpine based binaries and add them as artifacts to the release. * Address review remarks and small updates - Addressed review remarks - Added `podman-bake.sh` script to build Vaultwarden with podman - Updated README - Updated crates - Added `VW_VERSION` support - Added annotations - Updated web-vault to v2023.9.1 2023-10-23 00:18:38 +02:00
			`########################## ALPINE BUILD IMAGES ##########################`
			`## NOTE: The Alpine Base Images do not support other platforms then linux/amd64`
			`## And for Alpine we define all build images here, they will only be loaded when actually used`
Update rust and remove unused header values (#4645) * Update rust and remove unused header values * Missed one unused var 2024-06-16 22:05:17 +02:00			`FROM --platform=linux/amd64 ghcr.io/blackdex/rust-musl:x86_64-musl-stable-1.79.0 as build_amd64`
			`FROM --platform=linux/amd64 ghcr.io/blackdex/rust-musl:aarch64-musl-stable-1.79.0 as build_arm64`
			`FROM --platform=linux/amd64 ghcr.io/blackdex/rust-musl:armv7-musleabihf-stable-1.79.0 as build_armv7`
			`FROM --platform=linux/amd64 ghcr.io/blackdex/rust-musl:arm-musleabi-stable-1.79.0 as build_armv6`
Container building changes (#3958) * WIP: Container building changes * Small updates - Updated to rust 1.73.0 - Updated crates - Updated documentation - Added a bake.sh script to make baking easier * Update GitHub Actions Workflow - Updated workflow to use qemu and buildx bake In the future i would like to extract the alpine based binaries and add them as artifacts to the release. * Address review remarks and small updates - Addressed review remarks - Added `podman-bake.sh` script to build Vaultwarden with podman - Updated README - Updated crates - Added `VW_VERSION` support - Added annotations - Updated web-vault to v2023.9.1 2023-10-23 00:18:38 +02:00
			`########################## BUILD IMAGE ##########################`
			`# hadolint ignore=DL3006`
			`FROM --platform=linux/amd64 build_${TARGETARCH}${TARGETVARIANT} as build`
			`ARG TARGETARCH`
			`ARG TARGETVARIANT`
			`ARG TARGETPLATFORM`

			`SHELL ["/bin/bash", "-o", "pipefail", "-c"]`

			`# Build time options to avoid dpkg warnings and help with reproducible builds.`
			`ENV DEBIAN_FRONTEND=noninteractive \`
			`LANG=C.UTF-8 \`
			`TZ=UTC \`
			`TERM=xterm-256color \`
			`CARGO_HOME="/root/.cargo" \`
			`USER="root" \`
			`# Use PostgreSQL v15 during Alpine/MUSL builds instead of the default v11`
			`# Debian Bookworm already contains libpq v15`
			`PQ_LIB_DIR="/usr/local/musl/pq15/lib"`


			`# Create CARGO_HOME folder and don't download rust docs`
Optimize Dockerfiles (#4532) Move some ARGs closer to the build stage (potentially improving caching) Remove redundant COPY commands Remove redundant RUN command Move CARGO_HOME's "&&" operator to the first line (improves consistency) 2024-05-19 20:32:36 +02:00			`RUN mkdir -pv "${CARGO_HOME}" && \`
			`rustup set profile minimal`
Container building changes (#3958) * WIP: Container building changes * Small updates - Updated to rust 1.73.0 - Updated crates - Updated documentation - Added a bake.sh script to make baking easier * Update GitHub Actions Workflow - Updated workflow to use qemu and buildx bake In the future i would like to extract the alpine based binaries and add them as artifacts to the release. * Address review remarks and small updates - Addressed review remarks - Added `podman-bake.sh` script to build Vaultwarden with podman - Updated README - Updated crates - Added `VW_VERSION` support - Added annotations - Updated web-vault to v2023.9.1 2023-10-23 00:18:38 +02:00
			`# Creates a dummy project used to grab dependencies`
			`RUN USER=root cargo new --bin /app`
			`WORKDIR /app`

Add extra (unsupported) container build arch's (#4524) There was a PR (#4370) to add i686/i386 support for Vaultwarden. That specific PR was not a viable way of adding this. This PR adds extra architectures for Debian based containers which we will not support by default. Those images will not be build and pushed to our container registries. Added the following architectures: - linux/386 - linux/ppc64le - linux/s390x Again, there will be no major support for these architectures, but it will allow people who use these architectures to build a Debian based binary more easily 2024-04-27 21:51:14 +02:00			`# Environment variables for Cargo on Alpine based builds`
Container building changes (#3958) * WIP: Container building changes * Small updates - Updated to rust 1.73.0 - Updated crates - Updated documentation - Added a bake.sh script to make baking easier * Update GitHub Actions Workflow - Updated workflow to use qemu and buildx bake In the future i would like to extract the alpine based binaries and add them as artifacts to the release. * Address review remarks and small updates - Addressed review remarks - Added `podman-bake.sh` script to build Vaultwarden with podman - Updated README - Updated crates - Added `VW_VERSION` support - Added annotations - Updated web-vault to v2023.9.1 2023-10-23 00:18:38 +02:00			`RUN echo "export CARGO_TARGET=${RUST_MUSL_CROSS_TARGET}" >> /env-cargo && \`
			`# Output the current contents of the file`
			`cat /env-cargo`

			`RUN source /env-cargo && \`
			`rustup target add "${CARGO_TARGET}"`

Optimize Dockerfiles (#4532) Move some ARGs closer to the build stage (potentially improving caching) Remove redundant COPY commands Remove redundant RUN command Move CARGO_HOME's "&&" operator to the first line (improves consistency) 2024-05-19 20:32:36 +02:00			`# Copies over only your manifests and build files`
			`COPY ./Cargo.* ./rust-toolchain.toml ./build.rs ./`

Container building changes (#3958) * WIP: Container building changes * Small updates - Updated to rust 1.73.0 - Updated crates - Updated documentation - Added a bake.sh script to make baking easier * Update GitHub Actions Workflow - Updated workflow to use qemu and buildx bake In the future i would like to extract the alpine based binaries and add them as artifacts to the release. * Address review remarks and small updates - Addressed review remarks - Added `podman-bake.sh` script to build Vaultwarden with podman - Updated README - Updated crates - Added `VW_VERSION` support - Added annotations - Updated web-vault to v2023.9.1 2023-10-23 00:18:38 +02:00			`ARG CARGO_PROFILE=release`

Optimize Dockerfiles (#4532) Move some ARGs closer to the build stage (potentially improving caching) Remove redundant COPY commands Remove redundant RUN command Move CARGO_HOME's "&&" operator to the first line (improves consistency) 2024-05-19 20:32:36 +02:00			`# Configure the DB ARG as late as possible to not invalidate the cached layers above`
			`# Enable MiMalloc to improve performance on Alpine builds`
			`ARG DB=sqlite,mysql,postgresql,enable_mimalloc`
Container building changes (#3958) * WIP: Container building changes * Small updates - Updated to rust 1.73.0 - Updated crates - Updated documentation - Added a bake.sh script to make baking easier * Update GitHub Actions Workflow - Updated workflow to use qemu and buildx bake In the future i would like to extract the alpine based binaries and add them as artifacts to the release. * Address review remarks and small updates - Addressed review remarks - Added `podman-bake.sh` script to build Vaultwarden with podman - Updated README - Updated crates - Added `VW_VERSION` support - Added annotations - Updated web-vault to v2023.9.1 2023-10-23 00:18:38 +02:00
			`# Builds your dependencies and removes the`
			`# dummy project, except the target folder`
			`# This folder contains the compiled dependencies`
			`RUN source /env-cargo && \`
			`cargo build --features ${DB} --profile "${CARGO_PROFILE}" --target="${CARGO_TARGET}" && \`
			`find . -not -path "./target*" -delete`

			`# Copies the complete project`
			`# To avoid copying unneeded files, use .dockerignore`
			`COPY . .`

Optimize Dockerfiles (#4532) Move some ARGs closer to the build stage (potentially improving caching) Remove redundant COPY commands Remove redundant RUN command Move CARGO_HOME's "&&" operator to the first line (improves consistency) 2024-05-19 20:32:36 +02:00			`ARG VW_VERSION`

Container building changes (#3958) * WIP: Container building changes * Small updates - Updated to rust 1.73.0 - Updated crates - Updated documentation - Added a bake.sh script to make baking easier * Update GitHub Actions Workflow - Updated workflow to use qemu and buildx bake In the future i would like to extract the alpine based binaries and add them as artifacts to the release. * Address review remarks and small updates - Addressed review remarks - Added `podman-bake.sh` script to build Vaultwarden with podman - Updated README - Updated crates - Added `VW_VERSION` support - Added annotations - Updated web-vault to v2023.9.1 2023-10-23 00:18:38 +02:00			`# Builds again, this time it will be the actual source files being build`
			`RUN source /env-cargo && \`
			`# Make sure that we actually build the project by updating the src/main.rs timestamp`
Fix the version string (#4153) For some reason still not known, the `.git` directory was not copied into the container. I think buildkit (buildx) did this by default before, and stopped this with newer versions. This PR fixes this by also touching `build.rs` besides `src/main.rs`. This PR also updates Rust to v1.74.1 and some crates, including the latest version of Alpine 3.19. Fixes #4150 2023-12-09 23:04:33 +01:00			`# Also do this for build.rs to ensure the version is rechecked`
			`touch build.rs src/main.rs && \`
Container building changes (#3958) * WIP: Container building changes * Small updates - Updated to rust 1.73.0 - Updated crates - Updated documentation - Added a bake.sh script to make baking easier * Update GitHub Actions Workflow - Updated workflow to use qemu and buildx bake In the future i would like to extract the alpine based binaries and add them as artifacts to the release. * Address review remarks and small updates - Addressed review remarks - Added `podman-bake.sh` script to build Vaultwarden with podman - Updated README - Updated crates - Added `VW_VERSION` support - Added annotations - Updated web-vault to v2023.9.1 2023-10-23 00:18:38 +02:00			`# Create a symlink to the binary target folder to easy copy the binary in the final stage`
			`cargo build --features ${DB} --profile "${CARGO_PROFILE}" --target="${CARGO_TARGET}" && \`
			`if [[ "${CARGO_PROFILE}" == "dev" ]] ; then \`
			`ln -vfsr "/app/target/${CARGO_TARGET}/debug" /app/target/final ; \`
			`else \`
			`ln -vfsr "/app/target/${CARGO_TARGET}/${CARGO_PROFILE}" /app/target/final ; \`
			`fi`


			`######################## RUNTIME IMAGE ########################`
			`# Create a new stage with a minimal image`
			`# because we already have a binary built`
			`#`
			`# To build these images you need to have qemu binfmt support.`
			`# See the following pages to help install these tools locally`
			`# Ubuntu/Debian: https://wiki.debian.org/QemuUserEmulation`
			`# Arch Linux: https://wiki.archlinux.org/title/QEMU#Chrooting_into_arm/arm64_environment_from_x86_64`
			`#`
			`# Or use a Docker image which modifies your host system to support this.`
			`# The GitHub Actions Workflow uses the same image as used below.`
			`# See: https://github.com/tonistiigi/binfmt`
			`# Usage: docker run --privileged --rm tonistiigi/binfmt --install arm64,arm`
			`# To uninstall: docker run --privileged --rm tonistiigi/binfmt --uninstall 'qemu-*'`
			`#`
			# We need to add `--platform` here, because of a podman bug: https://github.com/containers/buildah/issues/4742
Update Alpine to version 3.20 (#4583) - needed to add double quotes, otherwise it was parsed as 3.2 instead of 3.20 2024-05-25 15:19:53 +02:00			`FROM --platform=$TARGETPLATFORM docker.io/library/alpine:3.20`
Container building changes (#3958) * WIP: Container building changes * Small updates - Updated to rust 1.73.0 - Updated crates - Updated documentation - Added a bake.sh script to make baking easier * Update GitHub Actions Workflow - Updated workflow to use qemu and buildx bake In the future i would like to extract the alpine based binaries and add them as artifacts to the release. * Address review remarks and small updates - Addressed review remarks - Added `podman-bake.sh` script to build Vaultwarden with podman - Updated README - Updated crates - Added `VW_VERSION` support - Added annotations - Updated web-vault to v2023.9.1 2023-10-23 00:18:38 +02:00
			`ENV ROCKET_PROFILE="release" \`
			`ROCKET_ADDRESS=0.0.0.0 \`
			`ROCKET_PORT=80 \`
			`SSL_CERT_DIR=/etc/ssl/certs`

			`# Create data folder and Install needed libraries`
			`RUN mkdir /data && \`
			`apk --no-cache add \`
			`ca-certificates \`
			`curl \`
			`openssl \`
			`tzdata`

			`VOLUME /data`
			`EXPOSE 80`
			`EXPOSE 3012`

			`# Copies the files from the context (Rocket.toml file and web-vault)`
			`# and the binary from the "build" stage to the current stage`
			`WORKDIR /`

Optimize Dockerfiles (#4532) Move some ARGs closer to the build stage (potentially improving caching) Remove redundant COPY commands Remove redundant RUN command Move CARGO_HOME's "&&" operator to the first line (improves consistency) 2024-05-19 20:32:36 +02:00			`COPY docker/healthcheck.sh docker/start.sh /`
Container building changes (#3958) * WIP: Container building changes * Small updates - Updated to rust 1.73.0 - Updated crates - Updated documentation - Added a bake.sh script to make baking easier * Update GitHub Actions Workflow - Updated workflow to use qemu and buildx bake In the future i would like to extract the alpine based binaries and add them as artifacts to the release. * Address review remarks and small updates - Addressed review remarks - Added `podman-bake.sh` script to build Vaultwarden with podman - Updated README - Updated crates - Added `VW_VERSION` support - Added annotations - Updated web-vault to v2023.9.1 2023-10-23 00:18:38 +02:00
			`COPY --from=vault /web-vault ./web-vault`
			`COPY --from=build /app/target/final/vaultwarden .`

			`HEALTHCHECK --interval=60s --timeout=10s CMD ["/healthcheck.sh"]`

			`CMD ["/start.sh"]`