| # debian.sh --arch 'amd64' out/ 'trixie' '@1765152000' |
| RUN /bin/sh -c set -eux; apt-get update; apt-get install -y --no-install-recommends ca-certificates curl gnupg netbase sq wget ; apt-get dist-clean # buildkit |
| RUN /bin/sh -c set -eux; apt-get update; apt-get install -y --no-install-recommends git mercurial openssh-client subversion procps ; apt-get dist-clean # buildkit |
| RUN /bin/sh -c set -ex; apt-get update; apt-get install -y --no-install-recommends autoconf automake bzip2 default-libmysqlclient-dev dpkg-dev file g++ gcc imagemagick libbz2-dev libc6-dev libcurl4-openssl-dev libdb-dev libevent-dev libffi-dev libgdbm-dev libglib2.0-dev libgmp-dev libjpeg-dev libkrb5-dev liblzma-dev libmagickcore-dev libmagickwand-dev libmaxminddb-dev libncurses5-dev libncursesw5-dev libpng-dev libpq-dev libreadline-dev libsqlite3-dev libssl-dev libtool libwebp-dev libxml2-dev libxslt-dev libyaml-dev make patch unzip xz-utils zlib1g-dev ; apt-get dist-clean # buildkit |
| ENV PATH=/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin |
| ENV LANG=C.UTF-8 |
| RUN /bin/sh -c set -eux; apt-get update; apt-get install -y --no-install-recommends libbluetooth-dev tk-dev uuid-dev ; apt-get dist-clean # buildkit |
| ENV GPG_KEY=7169605F62C751356D054A26A821E680E5FA6305 |
| ENV PYTHON_VERSION=3.12.12 |
| ENV PYTHON_SHA256=fb85a13414b028c49ba18bbd523c2d055a30b56b18b92ce454ea2c51edc656c4 |
| RUN /bin/sh -c set -eux; wget -O python.tar.xz "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz"; echo "$PYTHON_SHA256 *python.tar.xz" | sha256sum -c -; wget -O python.tar.xz.asc "https://www.python.org/ftp/python/${PYTHON_VERSION%%[a-z]*}/Python-$PYTHON_VERSION.tar.xz.asc"; GNUPGHOME="$(mktemp -d)"; export GNUPGHOME; gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$GPG_KEY"; gpg --batch --verify python.tar.xz.asc python.tar.xz; gpgconf --kill all; rm -rf "$GNUPGHOME" python.tar.xz.asc; mkdir -p /usr/src/python; tar --extract --directory /usr/src/python --strip-components=1 --file python.tar.xz; rm python.tar.xz; cd /usr/src/python; gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; ./configure --build="$gnuArch" --enable-loadable-sqlite-extensions --enable-optimizations --enable-option-checking=fatal --enable-shared $(test "${gnuArch%%-*}" != 'riscv64' && echo '--with-lto') --with-ensurepip ; nproc="$(nproc)"; EXTRA_CFLAGS="$(dpkg-buildflags --get CFLAGS)"; LDFLAGS="$(dpkg-buildflags --get LDFLAGS)"; arch="$(dpkg --print-architecture)"; arch="${arch##*-}"; case "$arch" in amd64|arm64) EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer"; ;; i386) ;; *) EXTRA_CFLAGS="${EXTRA_CFLAGS:-} -fno-omit-frame-pointer"; ;; esac; make -j "$nproc" "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" "LDFLAGS=${LDFLAGS:-}" ; rm python; make -j "$nproc" "EXTRA_CFLAGS=${EXTRA_CFLAGS:-}" "LDFLAGS=${LDFLAGS:--Wl},-rpath='\$\$ORIGIN/../lib'" python ; make install; bin="$(readlink -ve /usr/local/bin/python3)"; dir="$(dirname "$bin")"; mkdir -p "/usr/share/gdb/auto-load/$dir"; cp -vL Tools/gdb/libpython.py "/usr/share/gdb/auto-load/$bin-gdb.py"; cd /; rm -rf /usr/src/python; find /usr/local -depth \( \( -type d -a \( -name test -o -name tests -o -name idle_test \) \) -o \( -type f -a \( -name '*.pyc' -o -name '*.pyo' -o -name 'libpython*.a' \) \) \) -exec rm -rf '{}' + ; ldconfig; export PYTHONDONTWRITEBYTECODE=1; python3 --version; pip3 --version # buildkit |
| RUN /bin/sh -c set -eux; for src in idle3 pip3 pydoc3 python3 python3-config; do dst="$(echo "$src" | tr -d 3)"; [ -s "/usr/local/bin/$src" ]; [ ! -e "/usr/local/bin/$dst" ]; ln -svT "$src" "/usr/local/bin/$dst"; done # buildkit |
| CMD ["python3"] |
| RUN /bin/sh -c apt-get update && apt-get install -y gcc libldap2-dev libsasl2-dev libssl-dev python3-dev # buildkit |
| COPY requirements.txt . # buildkit |
| RUN /bin/sh -c pip install --upgrade pip setuptools wheel # buildkit |
| RUN /bin/sh -c apt-get update && apt-get install -y libssl-dev # buildkit |
| RUN /bin/sh -c pip install --no-cache-dir pyOpenSSL # buildkit |
| RUN /bin/sh -c pip install --no-cache-dir gunicorn # buildkit |
| RUN /bin/sh -c pip install --no-cache-dir eventlet # buildkit |
| RUN /bin/sh -c pip install --no-cache-dir redis # buildkit |
| RUN /bin/sh -c pip install --no-cache-dir geoip2 # buildkit |
| RUN /bin/sh -c pip install --no-cache-dir -r requirements.txt # buildkit |
| COPY . . # buildkit |
| EXPOSE [6001/tcp] |
| LABEL com.centurylinklabs.watchtower.enable=true |
| ENV MAXMIND_LICENSE_KEY=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 |
| ENV GEOLITE2_DB_PATH=/app/GeoLite2-City.mmdb |
| RUN /bin/sh -c set -eux; ARCHIVE=/tmp/GeoLite2-City.tar.gz; DESTDIR=/app; mkdir -p "$DESTDIR"; if [ -n "${MAXMIND_LICENSE_KEY:-}" ]; then echo "Attempting GeoLite2 download..."; if curl -fsSL -H "User-Agent: Docker" "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=${MAXMIND_LICENSE_KEY}&suffix=tar.gz" -o "$ARCHIVE"; then echo "Download succeeded"; else echo "Download failed — skipping extraction (existing /app will be used)"; rm -f "$ARCHIVE" || true; fi; else echo "MAXMIND_LICENSE_KEY not set — skipping download"; fi; if [ -s "$ARCHIVE" ]; then echo "Archive present, extracting GeoLite2-City.mmdb to $DESTDIR"; tar --strip-components=1 -xzf "$ARCHIVE" -C "$DESTDIR" --wildcards '*/GeoLite2-City.mmdb'; rm -f "$ARCHIVE"; else echo "No archive to extract; leaving existing $DESTDIR as-is"; fi # buildkit |
| RUN /bin/sh -c python init_keys.py # buildkit |
| CMD ["python" "-m" "gunicorn" "-w" "4" "--worker-class" "eventlet" "--preload" "-b" "0.0.0.0:6001" "app:app" "--reload"] |
