From 87045603ffeda8bb13f373654d558ce1ec1e4d15 Mon Sep 17 00:00:00 2001 From: liqiang-fit2cloud Date: Wed, 9 Jul 2025 09:59:59 +0800 Subject: [PATCH] build: update Dockerfiles. --- installer/Dockerfile | 17 +++++------------ installer/Dockerfile-base | 8 +++++++- 2 files changed, 12 insertions(+), 13 deletions(-) diff --git a/installer/Dockerfile b/installer/Dockerfile index 64c50a964..af029fa75 100644 --- a/installer/Dockerfile +++ b/installer/Dockerfile @@ -1,4 +1,3 @@ -FROM ghcr.io/1panel-dev/maxkb-vector-model:v2.0.2 AS vector-model FROM node:18-alpine3.18 AS web-build COPY ui ui RUN cd ui && \ @@ -6,6 +5,7 @@ RUN cd ui && \ NODE_OPTIONS="--max-old-space-size=4096" npm run build-only && \ NODE_OPTIONS="--max-old-space-size=4096" npm run build-only-chat && \ find . -maxdepth 1 ! -name '.' ! -name 'dist' ! -name 'public' -exec rm -rf {} + + FROM ghcr.io/1panel-dev/maxkb-base:python3.11-pg17.5 AS stage-build ARG DEPENDENCIES=" \ @@ -17,13 +17,10 @@ RUN apt-get update && \ rm -rf /var/lib/apt/lists/* COPY . /opt/maxkb-app -RUN mkdir -p /opt/maxkb-app /opt/maxkb-app/model && \ - rm -rf /opt/maxkb-app/ui - -COPY --from=web-build ui /opt/maxkb-app/ui WORKDIR /opt/maxkb-app -RUN python3 -m venv /opt/py3 && \ +RUN rm -rf /opt/maxkb-app/ui && \ + python3 -m venv /opt/py3 && \ pip install poetry==2.0.0 --break-system-packages && \ poetry config virtualenvs.create false && \ . /opt/py3/bin/activate && \ @@ -64,15 +61,11 @@ ENV MAXKB_VERSION="${DOCKER_IMAGE_TAG} (build at ${BUILD_AT}, commit: ${GITHUB_C WORKDIR /opt/maxkb-app COPY --from=stage-build /opt/maxkb-app /opt/maxkb-app +COPY --from=web-build ui /opt/maxkb-app/ui COPY --from=stage-build /opt/py3 /opt/py3 -COPY --from=vector-model /opt/maxkb-app/model /opt/maxkb-app/model RUN chmod 755 /tmp && \ - find /opt/maxkb-app -mindepth 1 -not -name 'sandbox' -exec chmod 700 {} + && \ - useradd --no-create-home --home /opt/maxkb-app/sandbox sandbox -g root && \ - chown -R sandbox:root /opt/maxkb-app/sandbox && \ - chmod g-x /usr/local/bin/* /usr/bin/* /bin/* /usr/sbin/* /sbin/* /usr/lib/postgresql/17/bin/* && \ - chmod g+x /usr/local/bin/python* + find /opt/maxkb-app -mindepth 1 -not -name 'sandbox' -exec chmod 700 {} + EXPOSE 8080 VOLUME /opt/maxkb diff --git a/installer/Dockerfile-base b/installer/Dockerfile-base index 105bd3f6b..396ba682a 100644 --- a/installer/Dockerfile-base +++ b/installer/Dockerfile-base @@ -1,7 +1,8 @@ FROM python:3.11-slim-bullseye AS python-stage +FROM ghcr.io/1panel-dev/maxkb-vector-model:v2.0.2 AS vector-model FROM postgres:17.5-bullseye - COPY --from=python-stage /usr/local /usr/local +COPY --from=vector-model /opt/maxkb-app/model /opt/maxkb-app/model COPY installer/*.sh /usr/bin/ COPY installer/init.sql /docker-entrypoint-initdb.d/ @@ -23,6 +24,11 @@ RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \ chmod 755 /usr/bin/start-*.sh && \ find /etc/ -type f ! -path '/etc/resolv.conf' ! -path '/etc/hosts' | xargs chmod g-rx && \ curl -L --connect-timeout 120 -m 1800 https://resource.fit2cloud.com/maxkb/ffmpeg/get-ffmpeg-linux | sh && \ + mkdir -p /opt/maxkb-app/sandbox && \ + useradd --no-create-home --home /opt/maxkb-app/sandbox sandbox -g root && \ + chown -R sandbox:root /opt/maxkb-app/sandbox && \ + chmod g-x /usr/local/bin/* /usr/bin/* /bin/* /usr/sbin/* /sbin/* /usr/lib/postgresql/17/bin/* && \ + chmod g+x /usr/local/bin/python* && \ apt-get clean all && \ rm -rf /var/lib/apt/lists/* /usr/share/doc/* /usr/share/man/* /usr/share/info/* /usr/share/locale/* /usr/share/lintian/* /usr/share/linda/* /var/cache/* /var/log/* /var/tmp/* /tmp/*