Erste lauffähige Version
This commit is contained in:
@@ -0,0 +1,86 @@
|
||||
# =============================================================================
|
||||
# Multi-Stage: builder → dev → runtime
|
||||
# Dev-Image enthält zusätzlich debugpy, ipython, django-debug-toolbar.
|
||||
# =============================================================================
|
||||
|
||||
# ---------- Stage 1: Build ----------------------------------------------------
|
||||
FROM python:3.12-slim-bookworm AS builder
|
||||
|
||||
ENV PYTHONDONTWRITEBYTECODE=1 \
|
||||
PYTHONUNBUFFERED=1 \
|
||||
PIP_NO_CACHE_DIR=1 \
|
||||
PIP_DISABLE_PIP_VERSION_CHECK=1
|
||||
|
||||
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
build-essential libpq-dev gcc \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
WORKDIR /build
|
||||
COPY requirements.txt requirements-dev.txt ./
|
||||
RUN pip wheel --wheel-dir=/wheels -r requirements.txt -r requirements-dev.txt
|
||||
|
||||
|
||||
# ---------- Common Runtime Base ----------------------------------------------
|
||||
FROM python:3.12-slim-bookworm AS runtime-base
|
||||
|
||||
ARG APP_UID=1000
|
||||
ARG APP_GID=1000
|
||||
|
||||
ENV PYTHONDONTWRITEBYTECODE=1 \
|
||||
PYTHONUNBUFFERED=1 \
|
||||
PIP_NO_CACHE_DIR=1 \
|
||||
PYTHONPATH=/app
|
||||
|
||||
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
libpq5 \
|
||||
libreoffice libreoffice-writer \
|
||||
fonts-liberation fonts-dejavu \
|
||||
tini curl \
|
||||
&& apt-get clean \
|
||||
&& rm -rf /var/lib/apt/lists/* /var/cache/apt/* /tmp/*
|
||||
|
||||
RUN groupadd -g ${APP_GID} app && \
|
||||
useradd -u ${APP_UID} -g ${APP_GID} -m -s /bin/bash app
|
||||
|
||||
WORKDIR /app
|
||||
COPY --from=builder /wheels /wheels
|
||||
|
||||
|
||||
# ---------- Stage 2a: Runtime (Production) ------------------------------------
|
||||
FROM runtime-base AS runtime
|
||||
|
||||
COPY requirements.txt .
|
||||
RUN pip install --no-index --find-links=/wheels -r requirements.txt && \
|
||||
rm -rf /wheels
|
||||
|
||||
COPY --chown=app:app . /app/
|
||||
RUN mkdir -p /app/staticfiles /app/media && chown -R app:app /app
|
||||
USER app
|
||||
EXPOSE 8000
|
||||
ENTRYPOINT ["/usr/bin/tini", "--", "/app/entrypoint.sh"]
|
||||
CMD ["gunicorn", "config.wsgi:application", \
|
||||
"--bind", "0.0.0.0:8000", \
|
||||
"--workers", "3", "--threads", "2", \
|
||||
"--worker-class", "gthread", "--worker-tmp-dir", "/tmp", \
|
||||
"--access-logfile", "-", "--error-logfile", "-", \
|
||||
"--timeout", "120"]
|
||||
|
||||
|
||||
# ---------- Stage 2b: Dev -----------------------------------------------------
|
||||
FROM runtime-base AS dev
|
||||
|
||||
# Dev-Tools für Container & VS Code
|
||||
RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
git bash-completion vim less procps iputils-ping \
|
||||
&& apt-get clean && rm -rf /var/lib/apt/lists/*
|
||||
|
||||
COPY requirements.txt requirements-dev.txt ./
|
||||
RUN pip install --no-index --find-links=/wheels -r requirements.txt -r requirements-dev.txt && \
|
||||
rm -rf /wheels
|
||||
|
||||
# Code wird im Dev via Volume gemountet; nichts kopieren.
|
||||
RUN mkdir -p /app/staticfiles /app/media && chown -R app:app /app
|
||||
USER app
|
||||
EXPOSE 8000 5678
|
||||
ENTRYPOINT ["/usr/bin/tini", "--", "/app/entrypoint.sh"]
|
||||
CMD ["python", "manage.py", "runserver", "0.0.0.0:8000"]
|
||||
Reference in New Issue
Block a user