Diff
Not logged in
Home Timeline Branches Tags Tickets Wiki Login
Annotate Patch Side-by-side Diff

Differences From Artifact [51328029eb]:

To Artifact [73dfe01bb8]:

1
2

3
4
5



6
7



8
9

10
11
12
13












14
15

16
17
18

19



20






21
22


23
24
25
26










1


2
3
4
5


6
7
8
9

10




11
12
13
14
15
16
17
18
19
20
21
22


23
24


25
26
27
28
29

30
31
32
33
34
35
36

37
38
39



40
41
42
43
44
45
46

-
-
+
-
-

+
+
+
-
-
+
+
+

-
+
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
-
-
+

-
-
+

+
+
+
-
+
+
+
+
+
+

-
+
+

-
-
-
+
+
+
+
+
+
+

###
#   Dockerfile for Fossil
# STAGE 1: Build a static Fossil binary atop Alpine Linux
###
FROM fedora:29

# Avoid the temptation to swap the wget call below out for an ADD URL
# directive.  The URL is fixed for a given release tag, which triggers
# Docker's caching behavior, causing it to reuse that version as long
### Now install some additional parts we will need for the build
RUN dnf update -y && dnf install -y gcc make tcl tcl-devel zlib-devel openssl-devel tar && dnf clean all && groupadd -r fossil -g 433 && useradd -u 431 -r -g fossil -d /opt/fossil -s /sbin/nologin -c "Fossil user" fossil
# as it remains in the cache.  We prefer to rely on the caching of the
# server instance on fossil-scm.org, which will keep these trunk
# tarballs around until the next trunk commit.

### If you want to build "trunk", change the next line accordingly.
FROM alpine:latest AS builder
ENV FOSSIL_INSTALL_VERSION release

RUN curl "https://fossil-scm.org/home/tarball/fossil-src.tar.gz?name=fossil-src&uuid=${FOSSIL_INSTALL_VERSION}" | tar zx
RUN cd fossil-src && ./configure --disable-fusefs --json --with-th1-docs --with-th1-hooks --with-tcl=1 --with-tcl-stubs --with-tcl-private-stubs
WORKDIR /tmp
RUN apk update                                               \
     && apk upgrade --no-cache                               \
     && apk add --no-cache                                   \
         busybox-static gcc make                             \
         musl-dev                                            \
         openssl-dev openssl-libs-static                     \
         zlib-dev zlib-static                                \
     && wget https://fossil-scm.org/home/tarball/src.tar.gz  \
     && tar -xf src.tar.gz                                   \
     && cd src                                               \
     && ./configure --static CFLAGS='-Os -s'                 \
RUN cd fossil-src/src && mv main.c main.c.orig && sed s/\"now\"/0/ <main.c.orig >main.c
RUN cd fossil-src && make && strip fossil && cp fossil /usr/bin && cd .. && rm -rf fossil-src && chmod a+rx /usr/bin/fossil && mkdir -p /opt/fossil && chown fossil:fossil /opt/fossil
     && make -j

### Build is done, remove modules no longer needed
RUN dnf remove -y gcc make zlib-devel tcl-devel openssl-devel tar && dnf clean all
# STAGE 2: Pare that back to the bare essentials.

FROM scratch
ENV JAIL=/jail
WORKDIR ${JAIL}
USER fossil
COPY --from=builder /tmp/src/fossil ${JAIL}/bin/
COPY --from=builder /bin/busybox.static /bin/busybox
RUN [ "/bin/busybox", "--install", "/bin" ]
RUN mkdir -m 700 dev                   \
    && mknod -m 600 dev/null    c 1 3  \
    && mknod -m 600 dev/urandom c 1 9

ENV HOME /opt/fossil
# Now we can run the stripped-down environment in a chroot jail, while
# leaving open the option to debug it live via the Busybox shell.

EXPOSE 8080

CMD ["/usr/bin/fossil", "server", "--create", "--user", "admin", "/opt/fossil/repository.fossil"]
EXPOSE 8080/tcp
CMD [ \
    "bin/fossil", "server", \
    "--create",             \
    "--jsmode", "bundled",  \
    "--user", "admin",      \
    "repo.fossil"]
Fossil version [1205ec86cb] 2025-04-30 16:57:32