diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml index 0285bcd5c..f1e25aaa8 100644 --- a/.github/workflows/container.yml +++ b/.github/workflows/container.yml @@ -149,7 +149,7 @@ jobs: uses: actions/cache@v4 with: # yamllint disable-line rule:line-length - key: "container-mounts-${{ matrix.arch }}-${{ hashFiles('./container/Dockerfile', './container/legacy/Dockerfile') }}" + key: "container-mounts-${{ matrix.arch }}-${{ hashFiles('./container/Dockerfile') }}" restore-keys: "container-mounts-${{ matrix.arch }}-" path: | /var/tmp/buildah-cache/ diff --git a/container/base-builder.yml b/container/base-builder.yml index db84ae2f5..17086116b 100644 --- a/container/base-builder.yml +++ b/container/base-builder.yml @@ -1,14 +1,19 @@ contents: - keyring: - - https://packages.wolfi.dev/os/wolfi-signing.rsa.pub repositories: - - https://packages.wolfi.dev/os + - https://mirrors.edge.kernel.org/alpine/edge/main + - https://mirrors.edge.kernel.org/alpine/edge/community packages: - - wolfi-base + - alpine-base - build-base - - python-3.13-dev + - python3-dev - py3-pip - brotli + # lxml (armv7) + - libxml2-dev + - libxslt-dev + - zlib-dev + # uwsgi + - libffi-dev entrypoint: command: /bin/sh -l @@ -23,3 +28,4 @@ environment: archs: - x86_64 - aarch64 + - armv7 diff --git a/container/base.yml b/container/base.yml index 55fff617a..49341d18e 100644 --- a/container/base.yml +++ b/container/base.yml @@ -1,16 +1,17 @@ contents: - keyring: - - https://packages.wolfi.dev/os/wolfi-signing.rsa.pub repositories: - - https://packages.wolfi.dev/os + - https://mirrors.edge.kernel.org/alpine/edge/main packages: - - wolfi-baselayout + - alpine-baselayout - ca-certificates-bundle - busybox - - python-3.13 + - python3 # healthcheck - wget + # lxml (armv7) + - libxslt # uwsgi + - libxml2 - mailcap entrypoint: @@ -40,7 +41,7 @@ paths: type: directory uid: 977 gid: 977 - permissions: 0o755 + permissions: 0o555 # Config volume - path: /etc/searxng/ @@ -59,3 +60,4 @@ paths: archs: - x86_64 - aarch64 + - armv7 diff --git a/container/legacy/Dockerfile b/container/legacy/Dockerfile deleted file mode 100644 index 3afaa3b4c..000000000 --- a/container/legacy/Dockerfile +++ /dev/null @@ -1,107 +0,0 @@ -FROM docker.io/library/python:3.13-slim AS builder - -RUN apt-get update \ - && apt-get install -y --no-install-recommends \ - build-essential \ - brotli \ - # lxml - libxml2-dev \ - libxslt1-dev \ - zlib1g-dev \ - # uwsgi - libpcre3-dev \ - && rm -rf /var/lib/apt/lists/* - -WORKDIR /usr/local/searxng/ - -COPY ./requirements.txt ./requirements.txt - -RUN --mount=type=cache,id=pip,target=/root/.cache/pip python -m venv ./venv \ - && . ./venv/bin/activate \ - && pip install -r requirements.txt \ - && pip install "uwsgi~=2.0" - -COPY ./searx/ ./searx/ - -ARG TIMESTAMP_SETTINGS=0 - -RUN python -m compileall -q searx \ - && touch -c --date=@$TIMESTAMP_SETTINGS ./searx/settings.yml \ - && find /usr/local/searxng/searx/static \ - \( -name '*.html' -o -name '*.css' -o -name '*.js' -o -name '*.svg' -o -name '*.ttf' -o -name '*.eot' \) \ - -type f -exec gzip -9 -k {} + -exec brotli --best {} + - -ARG SEARXNG_UID=977 -ARG SEARXNG_GID=977 - -RUN grep -m1 root /etc/group > /tmp/.searxng.group \ - && grep -m1 root /etc/passwd > /tmp/.searxng.passwd \ - && echo "searxng:x:$SEARXNG_GID:" >> /tmp/.searxng.group \ - && echo "searxng:x:$SEARXNG_UID:$SEARXNG_GID:searxng:/usr/local/searxng:/bin/bash" >> /tmp/.searxng.passwd - -FROM docker.io/library/python:3.13-slim - -RUN apt-get update \ - && apt-get install -y --no-install-recommends \ - # healthcheck - wget \ - # lxml (ARMv7) - libxslt1.1 \ - # uwsgi - libpcre3 \ - libxml2 \ - mailcap \ - && rm -rf /var/lib/apt/lists/* - -COPY --chown=root:root --from=builder /tmp/.searxng.passwd /etc/passwd -COPY --chown=root:root --from=builder /tmp/.searxng.group /etc/group - -ARG LABEL_DATE="0001-01-01T00:00:00Z" -ARG GIT_URL="unspecified" -ARG SEARXNG_GIT_VERSION="unspecified" -ARG LABEL_VCS_REF="unspecified" -ARG LABEL_VCS_URL="unspecified" - -WORKDIR /usr/local/searxng/ - -COPY --chown=searxng:searxng --from=builder /usr/local/searxng/venv/ ./venv/ -COPY --chown=searxng:searxng --from=builder /usr/local/searxng/searx/ ./searx/ -COPY --chown=searxng:searxng ./container/config/ ./.template/ -COPY --chown=searxng:searxng ./container/entrypoint.sh ./entrypoint.sh - -ARG TIMESTAMP_UWSGI="0" - -RUN touch -c --date=@$TIMESTAMP_UWSGI ./.template/uwsgi.ini - -LABEL org.opencontainers.image.authors="searxng <$GIT_URL>" \ - org.opencontainers.image.created=$LABEL_DATE \ - org.opencontainers.image.description="A privacy-respecting, hackable metasearch engine" \ - org.opencontainers.image.documentation="https://github.com/searxng/searxng-docker" \ - org.opencontainers.image.licenses="AGPL-3.0-or-later" \ - org.opencontainers.image.revision=$LABEL_VCS_REF \ - org.opencontainers.image.source=$LABEL_VCS_URL \ - org.opencontainers.image.title="searxng" \ - org.opencontainers.image.url=$LABEL_VCS_URL \ - org.opencontainers.image.version=$SEARXNG_GIT_VERSION - -ENV CONFIG_PATH=/etc/searxng \ - DATA_PATH=/var/cache/searxng - -ENV SEARXNG_VERSION=$SEARXNG_GIT_VERSION \ - INSTANCE_NAME=searxng \ - AUTOCOMPLETE="" \ - BASE_URL="" \ - BIND_ADDRESS=[::]:8080 \ - SEARXNG_SETTINGS_PATH=$CONFIG_PATH/settings.yml \ - UWSGI_SETTINGS_PATH=$CONFIG_PATH/uwsgi.ini \ - UWSGI_WORKERS=%k \ - UWSGI_THREADS=4 - -VOLUME $CONFIG_PATH -VOLUME $DATA_PATH - -EXPOSE 8080 - -HEALTHCHECK CMD wget --quiet --tries=1 --spider http://localhost:8080/healthz || exit 1 - -ENTRYPOINT ["/usr/local/searxng/entrypoint.sh"] diff --git a/utils/lib_sxng_container.sh b/utils/lib_sxng_container.sh index fd0d072e2..825eb2b88 100644 --- a/utils/lib_sxng_container.sh +++ b/utils/lib_sxng_container.sh @@ -54,7 +54,7 @@ container.build() { platform="linux/$arch" ;; "ARMV7" | "armhf" | "armv7l" | "armv7") - dockerfile="legacy/Dockerfile" + dockerfile="Dockerfile" arch="arm" variant="v7" platform="linux/$arch/$variant"