github-personal/firezone
1
0
Fork 0
mirror of https://github.com/outbackdingo/firezone.git synced 2026-01-27 18:18:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
93ca701896c1a5cccf318ae18820a7ff751bd94e
firezone/rust/Dockerfile
Thomas Eizinger cf2470ba1e test(iperf): install iptables rule inside of container (#9880) 
In Docker environments, applying iptables rules to filter
container-container traffic on the Docker bridged network is not
reliable, leading to direct connections being established in our relayed
tests. To fix this, we insert the rules directly from the client
container itself.

---------

Co-authored-by: Jamil Bou Kheir <jamilbk@users.noreply.github.com>
2025-07-16 10:29:33 +00:00

61 lines
1.7 KiB
Docker
Raw Blame History

ARG ALPINE_VERSION="3.20"
ARG PACKAGE
# Base image which is used to run the application binary
FROM alpine:${ALPINE_VERSION} AS runtime_base
ENV LANG=C.UTF-8 \
TERM=xterm \
RUST_BACKTRACE=1 \
RUST_LOG=info
WORKDIR /bin
## curl is needed to run tests (`main` runs CI against `release` images) and `firezone-relay` needs `curl` in its entry script.
RUN apk add --no-cache curl
# Gateway specific runtime base image
FROM runtime_base AS runtime_firezone-gateway
## iptables are needed only by gateway for masquerading
RUN apk add --no-cache iptables ip6tables
COPY ./docker-init-gateway.sh ./docker-init.sh
# Relay specific runtime base image
FROM runtime_base AS runtime_firezone-relay
COPY ./docker-init-relay.sh ./docker-init.sh
# Headless-client specific runtime base image
FROM runtime_base AS runtime_firezone-headless-client
COPY ./docker-init.sh ./docker-init.sh
# HTTP test server specific runtime base image
FROM runtime_base AS runtime_http-test-server
COPY ./docker-init.sh ./docker-init.sh
# Funnel package specific base image back into `runtime`
ARG PACKAGE
FROM runtime_${PACKAGE} AS runtime
ARG PACKAGE
ENTRYPOINT ["docker-init.sh"]
ENV PACKAGE=${PACKAGE}
CMD ${PACKAGE}
# Build an image for GitHub Actions which includes debug asserts and more test utilities
FROM runtime AS debug
RUN apk add --no-cache iperf3 bind-tools iproute2 jq procps iptables
## Build first with `cargo build --target ${TARGET} -p ${PACKAGE} && mv /target/${TARGET}/debug/${PACKAGE} .`
ARG PACKAGE
COPY ${PACKAGE} .
# Build a production image from including a binary compiled on the host
FROM runtime AS release
## Build first with `cargo build --target ${TARGET} -p ${PACKAGE} --release && mv /target/${TARGET}/release/${PACKAGE} .`
ARG PACKAGE
COPY ${PACKAGE} .
Reference in New Issue View Git Blame Copy Permalink