Update Dockerfile
Browse files- Dockerfile +29 -69
Dockerfile
CHANGED
|
@@ -1,50 +1,34 @@
|
|
| 1 |
# =============================================================================
|
| 2 |
-
# Multi-stage Dockerfile for Webscout API Server
|
| 3 |
-
# Optimized for production with security, performance, and size considerations
|
| 4 |
-
# No external docker/ directory required - works with pip/git installations
|
| 5 |
# =============================================================================
|
| 6 |
|
| 7 |
-
#
|
| 8 |
# Stage 1: Builder - Install dependencies and build the application
|
| 9 |
-
#
|
| 10 |
FROM python:3.11-slim as builder
|
| 11 |
|
| 12 |
-
# Set build arguments for flexibility
|
| 13 |
ARG WEBSCOUT_VERSION=latest
|
| 14 |
-
ARG TARGETPLATFORM
|
| 15 |
-
ARG BUILDPLATFORM
|
| 16 |
-
|
| 17 |
-
# Set environment variables for build optimization
|
| 18 |
ENV PYTHONUNBUFFERED=1 \
|
| 19 |
PYTHONDONTWRITEBYTECODE=1 \
|
| 20 |
PIP_NO_CACHE_DIR=1 \
|
| 21 |
PIP_DISABLE_PIP_VERSION_CHECK=1 \
|
| 22 |
PIP_DEFAULT_TIMEOUT=100
|
| 23 |
|
| 24 |
-
# Install build dependencies
|
| 25 |
RUN apt-get update && apt-get install -y --no-install-recommends \
|
| 26 |
-
build-essential \
|
| 27 |
-
|
| 28 |
-
git \
|
| 29 |
-
curl \
|
| 30 |
-
&& rm -rf /var/lib/apt/lists/*
|
| 31 |
|
| 32 |
-
# Create virtual environment for better dependency isolation
|
| 33 |
RUN python -m venv /opt/venv
|
| 34 |
ENV PATH="/opt/venv/bin:$PATH"
|
| 35 |
|
| 36 |
-
# Upgrade pip and install build tools
|
| 37 |
RUN pip install --upgrade pip setuptools wheel
|
| 38 |
|
| 39 |
-
# Install webscout with API dependencies
|
| 40 |
-
# Use specific version if provided, otherwise latest
|
| 41 |
RUN if [ "$WEBSCOUT_VERSION" = "latest" ]; then \
|
| 42 |
-
pip install git+https://github.com/OEvortex/Webscout.git
|
| 43 |
else \
|
| 44 |
-
pip install git+https://github.com/OEvortex/Webscout.git@${WEBSCOUT_VERSION}
|
| 45 |
fi
|
| 46 |
|
| 47 |
-
# Install additional production dependencies
|
| 48 |
RUN pip install \
|
| 49 |
gunicorn[gthread] \
|
| 50 |
uvicorn[standard] \
|
|
@@ -53,93 +37,69 @@ RUN pip install \
|
|
| 53 |
motor \
|
| 54 |
pymongo
|
| 55 |
|
| 56 |
-
#
|
| 57 |
-
# Stage 2: Runtime -
|
| 58 |
-
#
|
| 59 |
FROM python:3.11-slim as runtime
|
| 60 |
|
| 61 |
-
# Set runtime arguments and labels for metadata
|
| 62 |
ARG BUILD_DATE
|
| 63 |
ARG VCS_REF
|
| 64 |
ARG VERSION
|
| 65 |
|
| 66 |
LABEL maintainer="OEvortex" \
|
| 67 |
-
org.label-schema.build-date=$BUILD_DATE \
|
| 68 |
org.label-schema.name="webscout-api" \
|
| 69 |
-
org.label-schema.description="Webscout API Server - OpenAI-compatible LLM proxy" \
|
| 70 |
-
org.label-schema.url="https://github.com/OEvortex/Webscout" \
|
| 71 |
-
org.label-schema.vcs-ref=$VCS_REF \
|
| 72 |
-
org.label-schema.vcs-url="https://github.com/OEvortex/Webscout" \
|
| 73 |
-
org.label-schema.vendor="OEvortex" \
|
| 74 |
org.label-schema.version=$VERSION \
|
| 75 |
-
org.label-schema.
|
|
|
|
| 76 |
|
| 77 |
-
# Create non-root user for security
|
| 78 |
RUN groupadd --gid 1000 webscout && \
|
| 79 |
useradd --uid 1000 --gid webscout --shell /bin/bash --create-home webscout
|
| 80 |
|
| 81 |
-
# Set production environment variables
|
| 82 |
ENV PYTHONUNBUFFERED=1 \
|
| 83 |
PYTHONDONTWRITEBYTECODE=1 \
|
| 84 |
PYTHONPATH=/app \
|
| 85 |
PATH="/opt/venv/bin:$PATH" \
|
| 86 |
-
# Security settings
|
| 87 |
PYTHONHASHSEED=random \
|
| 88 |
-
# Performance settings
|
| 89 |
MALLOC_ARENA_MAX=2 \
|
| 90 |
-
# Application settings
|
| 91 |
WEBSCOUT_HOST=0.0.0.0 \
|
| 92 |
WEBSCOUT_PORT=7860 \
|
| 93 |
WEBSCOUT_WORKERS=1 \
|
| 94 |
WEBSCOUT_LOG_LEVEL=info \
|
| 95 |
-
# Authentication settings (new)
|
| 96 |
WEBSCOUT_NO_AUTH=true \
|
| 97 |
WEBSCOUT_NO_RATE_LIMIT=true \
|
| 98 |
WEBSCOUT_DATA_DIR=/app/data \
|
| 99 |
-
# FastAPI metadata (new)
|
| 100 |
WEBSCOUT_API_TITLE="Webscout API" \
|
| 101 |
-
WEBSCOUT_API_DESCRIPTION="OpenAI
|
| 102 |
WEBSCOUT_API_VERSION="0.3.0" \
|
| 103 |
WEBSCOUT_API_DOCS_URL="/docs" \
|
| 104 |
WEBSCOUT_API_REDOC_URL="/redoc" \
|
| 105 |
WEBSCOUT_API_OPENAPI_URL="/openapi.json"
|
| 106 |
|
| 107 |
-
# Install only runtime dependencies
|
| 108 |
RUN apt-get update && apt-get install -y --no-install-recommends \
|
| 109 |
-
|
| 110 |
-
|
| 111 |
-
|
| 112 |
-
# Useful for debugging (can be removed for minimal image)
|
| 113 |
-
curl \
|
| 114 |
-
# Health check utilities
|
| 115 |
-
procps \
|
| 116 |
-
&& rm -rf /var/lib/apt/lists/* \
|
| 117 |
-
&& apt-get clean
|
| 118 |
-
|
| 119 |
-
# Copy virtual environment from builder stage
|
| 120 |
COPY --from=builder /opt/venv /opt/venv
|
| 121 |
|
| 122 |
-
# Create application directory and set ownership
|
| 123 |
WORKDIR /app
|
| 124 |
-
RUN chown -R webscout:webscout /app
|
| 125 |
-
|
| 126 |
-
# Copy application files (if building from source)
|
| 127 |
-
# COPY --chown=webscout:webscout . /app
|
| 128 |
-
|
| 129 |
-
# Create directories for logs and data with proper permissions
|
| 130 |
RUN mkdir -p /app/logs /app/data && \
|
| 131 |
-
chown -R webscout:webscout /app
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 132 |
|
| 133 |
-
# Switch to non-root user
|
| 134 |
USER webscout
|
| 135 |
|
| 136 |
-
# Expose port (configurable via environment)
|
| 137 |
EXPOSE $WEBSCOUT_PORT
|
| 138 |
|
| 139 |
-
# Add health check
|
| 140 |
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
|
| 141 |
CMD curl -f http://localhost:${WEBSCOUT_PORT:-8000}/health || exit 1
|
| 142 |
-
|
| 143 |
-
|
| 144 |
-
# Environment variables will be used by the application
|
| 145 |
-
CMD ["python", "-m", "webscout.auth.server"]
|
|
|
|
| 1 |
# =============================================================================
|
| 2 |
+
# Multi-stage Dockerfile for Webscout API Server with Auto-Updater (4hr)
|
|
|
|
|
|
|
| 3 |
# =============================================================================
|
| 4 |
|
| 5 |
+
# -------------------------------------------------------------------
|
| 6 |
# Stage 1: Builder - Install dependencies and build the application
|
| 7 |
+
# -------------------------------------------------------------------
|
| 8 |
FROM python:3.11-slim as builder
|
| 9 |
|
|
|
|
| 10 |
ARG WEBSCOUT_VERSION=latest
|
|
|
|
|
|
|
|
|
|
|
|
|
| 11 |
ENV PYTHONUNBUFFERED=1 \
|
| 12 |
PYTHONDONTWRITEBYTECODE=1 \
|
| 13 |
PIP_NO_CACHE_DIR=1 \
|
| 14 |
PIP_DISABLE_PIP_VERSION_CHECK=1 \
|
| 15 |
PIP_DEFAULT_TIMEOUT=100
|
| 16 |
|
|
|
|
| 17 |
RUN apt-get update && apt-get install -y --no-install-recommends \
|
| 18 |
+
build-essential gcc git curl && \
|
| 19 |
+
rm -rf /var/lib/apt/lists/*
|
|
|
|
|
|
|
|
|
|
| 20 |
|
|
|
|
| 21 |
RUN python -m venv /opt/venv
|
| 22 |
ENV PATH="/opt/venv/bin:$PATH"
|
| 23 |
|
|
|
|
| 24 |
RUN pip install --upgrade pip setuptools wheel
|
| 25 |
|
|
|
|
|
|
|
| 26 |
RUN if [ "$WEBSCOUT_VERSION" = "latest" ]; then \
|
| 27 |
+
pip install "webscout[api] @ git+https://github.com/OEvortex/Webscout.git"; \
|
| 28 |
else \
|
| 29 |
+
pip install "webscout[api] @ git+https://github.com/OEvortex/Webscout.git@${WEBSCOUT_VERSION}"; \
|
| 30 |
fi
|
| 31 |
|
|
|
|
| 32 |
RUN pip install \
|
| 33 |
gunicorn[gthread] \
|
| 34 |
uvicorn[standard] \
|
|
|
|
| 37 |
motor \
|
| 38 |
pymongo
|
| 39 |
|
| 40 |
+
# -------------------------------------------------------------------
|
| 41 |
+
# Stage 2: Runtime - Minimal secure image with auto-updater
|
| 42 |
+
# -------------------------------------------------------------------
|
| 43 |
FROM python:3.11-slim as runtime
|
| 44 |
|
|
|
|
| 45 |
ARG BUILD_DATE
|
| 46 |
ARG VCS_REF
|
| 47 |
ARG VERSION
|
| 48 |
|
| 49 |
LABEL maintainer="OEvortex" \
|
|
|
|
| 50 |
org.label-schema.name="webscout-api" \
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 51 |
org.label-schema.version=$VERSION \
|
| 52 |
+
org.label-schema.vcs-url="https://github.com/OEvortex/Webscout" \
|
| 53 |
+
org.label-schema.build-date=$BUILD_DATE
|
| 54 |
|
|
|
|
| 55 |
RUN groupadd --gid 1000 webscout && \
|
| 56 |
useradd --uid 1000 --gid webscout --shell /bin/bash --create-home webscout
|
| 57 |
|
|
|
|
| 58 |
ENV PYTHONUNBUFFERED=1 \
|
| 59 |
PYTHONDONTWRITEBYTECODE=1 \
|
| 60 |
PYTHONPATH=/app \
|
| 61 |
PATH="/opt/venv/bin:$PATH" \
|
|
|
|
| 62 |
PYTHONHASHSEED=random \
|
|
|
|
| 63 |
MALLOC_ARENA_MAX=2 \
|
|
|
|
| 64 |
WEBSCOUT_HOST=0.0.0.0 \
|
| 65 |
WEBSCOUT_PORT=7860 \
|
| 66 |
WEBSCOUT_WORKERS=1 \
|
| 67 |
WEBSCOUT_LOG_LEVEL=info \
|
|
|
|
| 68 |
WEBSCOUT_NO_AUTH=true \
|
| 69 |
WEBSCOUT_NO_RATE_LIMIT=true \
|
| 70 |
WEBSCOUT_DATA_DIR=/app/data \
|
|
|
|
| 71 |
WEBSCOUT_API_TITLE="Webscout API" \
|
| 72 |
+
WEBSCOUT_API_DESCRIPTION="OpenAI-compatible LLM API" \
|
| 73 |
WEBSCOUT_API_VERSION="0.3.0" \
|
| 74 |
WEBSCOUT_API_DOCS_URL="/docs" \
|
| 75 |
WEBSCOUT_API_REDOC_URL="/redoc" \
|
| 76 |
WEBSCOUT_API_OPENAPI_URL="/openapi.json"
|
| 77 |
|
|
|
|
| 78 |
RUN apt-get update && apt-get install -y --no-install-recommends \
|
| 79 |
+
git libffi8 libssl3 curl procps && \
|
| 80 |
+
rm -rf /var/lib/apt/lists/* && apt-get clean
|
| 81 |
+
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 82 |
COPY --from=builder /opt/venv /opt/venv
|
| 83 |
|
|
|
|
| 84 |
WORKDIR /app
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 85 |
RUN mkdir -p /app/logs /app/data && \
|
| 86 |
+
chown -R webscout:webscout /app
|
| 87 |
+
|
| 88 |
+
# Auto-update script (every 4 hours) using background process
|
| 89 |
+
RUN echo '#!/bin/bash\n\
|
| 90 |
+
(pip install -U "webscout[api] @ git+https://github.com/OEvortex/Webscout.git" && echo "[INFO] Webscout updated at start") &\n\
|
| 91 |
+
while true; do\n\
|
| 92 |
+
sleep 14400\n\
|
| 93 |
+
echo "[INFO] Auto-updating Webscout..."\n\
|
| 94 |
+
pip install -U "webscout[api] @ git+https://github.com/OEvortex/Webscout.git"\n\
|
| 95 |
+
done &\n\
|
| 96 |
+
exec "$@"' > /entrypoint.sh && chmod +x /entrypoint.sh
|
| 97 |
|
|
|
|
| 98 |
USER webscout
|
| 99 |
|
|
|
|
| 100 |
EXPOSE $WEBSCOUT_PORT
|
| 101 |
|
|
|
|
| 102 |
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
|
| 103 |
CMD curl -f http://localhost:${WEBSCOUT_PORT:-8000}/health || exit 1
|
| 104 |
+
ENTRYPOINT ["/entrypoint.sh"]
|
| 105 |
+
CMD ["python", "-m", "webscout.auth.server"]
|
|
|
|
|
|