topaLE
/
vaultwarden
mirror of https://github.com/dani-garcia/vaultwarden
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2578 Commits
2 Branches
74 Tags
43 MiB
 
 
 
 
 
 
Tree: a85417d25b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'a85417d25b'
${ noResults }
vaultwarden/docker
BlackDex a85417d25b
Small updates 		2 years ago
..
DockerSettings.yaml Small updates 2 years ago
Dockerfile.alpine Small updates 2 years ago
Dockerfile.debian Small updates 2 years ago
Dockerfile.j2 Small updates 2 years ago
Makefile WIP: Container building changes 2 years ago
README.md Small updates 2 years ago
bake.sh Small updates 2 years ago
docker-bake.hcl Small updates 2 years ago
healthcheck.sh Take `ROCKET_ADDRESS` into account in the Docker healthcheck 3 years ago
render_template WIP: Container building changes 2 years ago
start.sh Update deps and Alpine image 3 years ago

README.md

Vaultwarden Container Building

To build and release new testing and stable releases of Vaultwarden we use docker buildx bake.
This can be used locally by running the command your self, but it is also used by GitHub Actions.

This makes it easier for us to test and maintain the different architectures we provide.
We also just have two Dockerfile's one for Debian and one for Alpine based images.
With just these two files we can build both Debian and Alpine images for the following platforms:

  • amd64 (linux/amd64)
  • arm64 (linux/arm64)
  • armv7 (linux/arm/v7)
  • armv6 (linux/arm/v6)

To build these containers you need to enable QEMU binfmt support to be able to run/emulate architectures which are different then your host.
This ensures the container build process can run binaries from other architectures.

NOTE: Run all the examples below from the root of the repo.

How to install QEMU binfmt support

This is different per host OS, but most support this in some way.

Ubuntu/Debian

apt install binfmt-support qemu-user-static

Arch Linux (others based upon it)

pacman -S qemu-user-static qemu-user-static-binfmt

Fedora

dnf install qemu-user-static

Others

There also is an option to use an other docker container to provide support for this.

# To install and activate
docker run --privileged --rm tonistiigi/binfmt --install arm64,arm
# To unistall
docker run --privileged --rm tonistiigi/binfmt --uninstall 'qemu-*'

Single architecture container building

You can build a container per supported architecture as long as you have QEMU binfmt support installed on your system.

# Default bake triggers a Debian build using the hosts architecture
docker buildx bake --file docker/docker-bake.hcl

# Bake Debian ARM64 using a debug build
CARGO_PROFILE=dev \
SOURCE_COMMIT="$(git rev-parse HEAD)" \
docker buildx bake --file docker/docker-bake.hcl debian-arm64

# Bake Alpine ARMv6 as a release build
SOURCE_COMMIT="$(git rev-parse HEAD)" \
docker buildx bake --file docker/docker-bake.hcl alpine-armv6

Local Multi Architecture container building

Start the the initialization, this only needs to be done once.

# Create and use a new buildx builder instance which connects to the host network
docker buildx create --name vaultwarden --use --driver-opt network=host

# Validate it runs
docker buildx inspect --bootstrap

# Create a local container registry directly reachable on the localhost
docker run -d --name registry --network host registry:2

After that is done, you should be able to build and push to the local registry.
Use the following command with the modified variables to bake the Alpine images.
Replace alpine with debian if you want to build the debian multi arch images.

# Start a buildx bake using a debug build
CARGO_PROFILE=dev \
SOURCE_COMMIT="$(git rev-parse HEAD)" \
CONTAINER_REGISTRIES="localhost:5000/vaultwarden/server" \
docker buildx bake --file docker/docker-bake.hcl alpine-multi

Using the bake.sh script

To make it a bit more easier to trigger a build, there also is a bake.sh script.
This script calls docker buildx bake with all the right parameters and also generates the SOURCE_COMMIT and SOURCE_VERSION variables.
This script can be called from both the repo root or within the docker directory.

So, if you want to build a Multi Arch Alpine container pushing to your localhost registry you can run this from within the docker directory. (Just make sure you executed the initialization steps above first)

CONTAINER_REGISTRIES="localhost:5000/vaultwarden/server" \
./bake.sh alpine-multi

Or if you want to just build a Debian container from the repo root, you can run this.

docker/bake.sh

Variables supported

Variable default description
CARGO_PROFILE null Which cargo profile to use. null means what is defined in the Dockerfile
DB null Which features to build. null means what is defined in the Dockerfile
SOURCE_REPOSITORY_URL null The source repository form where this build is triggered
SOURCE_COMMIT null The commit hash of the current commit for this build
SOURCE_VERSION null The current exact tag of this commit, else the last tag and the first 8 chars of the source commit
BASE_TAGS testing Tags to be used. Can be a comma separated value like "latest,1.29.2"
CONTAINER_REGISTRIES vaultwarden/server Comma separated value of container registries. Like ghcr.io/dani-garcia/vaultwarden,docker.io/vaultwarden/server