-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
86 lines (69 loc) · 2.93 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
#######################################################################################################################
# Build static Mosquitto
#######################################################################################################################
FROM alpine:3.18 as builder
# https://github.com/eclipse/mosquitto/tags
# https://github.com/DaveGamble/cJSON/releases
ENV VERSION=v2.0.18 \
CJSON_VERSION=v1.7.16
# Add unprivileged user
RUN echo "mosquitto:x:1000:1000:mosquitto:/:" > /etc_passwd
RUN apk --no-cache add \
git \
build-base \
openssl-dev \
openssl-libs-static \
cmake \
upx
RUN git clone --depth 1 --branch "${CJSON_VERSION}" https://github.com/DaveGamble/cJSON.git /build/cjson
WORKDIR /build/cjson
# Source: https://github.com/eclipse/mosquitto/blob/master/docker/2.0/Dockerfile#L46
RUN CORES=$(grep -c '^processor' /proc/cpuinfo); \
export MAKEFLAGS="-j$((CORES+1)) -l${CORES}"; \
cmake . \
-DCMAKE_BUILD_TYPE=MinSizeRel \
-DBUILD_SHARED_AND_STATIC_LIBS=OFF \
-DBUILD_SHARED_LIBS=OFF \
-DCJSON_BUILD_SHARED_LIBS=OFF \
-DCJSON_OVERRIDE_BUILD_SHARED_LIBS=OFF \
-DCMAKE_INSTALL_PREFIX=/usr && \
make
RUN git clone --depth 1 --branch "${VERSION}" https://github.com/eclipse/mosquitto.git /mosquitto
WORKDIR /mosquitto/src
# Makeflags source: https://math-linux.com/linux/tip-of-the-day/article/speedup-gnu-make-build-and-compilation-process
# WITH_STATIC_LIBRARIES default no, needed for static compile
# WITH_SHARED_LIBRARIES default yes, needs to be no for static compile
# WITH_MEMORY_TRACKING: disable to use less memory and less cpu
# WITH_ADNS: disable GNU adns support
# WITH_SRV: only used by the client https://www.eclipse.org/lists/mosquitto-dev/msg01391.html
RUN CORES=$(grep -c '^processor' /proc/cpuinfo); \
export MAKEFLAGS="-j$((CORES+1)) -l${CORES}"; \
make \
CFLAGS="-O3 -static -I/build" \
LDFLAGS="-static -L/build/cjson" \
WITH_STATIC_LIBRARIES=yes \
WITH_SHARED_LIBRARIES=no \
WITH_MEMORY_TRACKING=no \
WITH_WEBSOCKETS=no \
WITH_ADNS=no \
WITH_SRV=no
# Minify binaries
# --brute does not work
RUN upx --best /mosquitto/src/mosquitto && \
upx -t /mosquitto/src/mosquitto
#######################################################################################################################
# Final scratch image
#######################################################################################################################
FROM scratch
# Add description
LABEL org.label-schema.description="Static compiled Mosquitto in a scratch container"
# Copy the unprivileged user
COPY --from=builder /etc_passwd /etc/passwd
# Copy static binary
COPY --from=builder /mosquitto/src/mosquitto /mosquitto
# Add default configuration
COPY mosquitto.conf /config/mosquitto.conf
USER mosquitto
ENTRYPOINT ["/mosquitto"]
CMD ["-c", "/config/mosquitto.conf"]
EXPOSE 1883