singbox-proxy-manager/Dockerfile.release at main · cheluen/singbox-proxy-manager · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
FROM debian:bookworm-slim

ARG SINGBOX_VERSION=1.12.12
ARG TARGETARCH

RUN apt-get update && apt-get install -y --no-install-recommends \
    ca-certificates \
    curl \
    jq \
    && ARCH="${TARGETARCH}" \
    && if [ -z "$ARCH" ]; then ARCH="$(dpkg --print-architecture)"; fi \
    && case "${ARCH}" in \
         amd64) SINGBOX_ARCH="amd64" ;; \
         arm64) SINGBOX_ARCH="arm64" ;; \
         *) echo "Unsupported TARGETARCH: ${ARCH}" >&2; exit 1 ;; \
       esac \
    && ASSET="sing-box-${SINGBOX_VERSION}-linux-${SINGBOX_ARCH}.tar.gz" \
    && curl -fL -o "/tmp/${ASSET}" "https://github.com/SagerNet/sing-box/releases/download/v${SINGBOX_VERSION}/${ASSET}" \
    && GH_API_URL="https://api.github.com/repos/SagerNet/sing-box/releases/tags/v${SINGBOX_VERSION}" \
    && GH_BODY="$(mktemp)" \
    && GH_HEADERS="$(mktemp)" \
    && GH_STATUS="$(curl -sS -D "$GH_HEADERS" -o "$GH_BODY" -w "%{http_code}" "$GH_API_URL" || true)" \
    && if [ "$GH_STATUS" != "200" ]; then \
        echo "ERROR: failed to fetch sing-box release metadata from GitHub API (api.github.com)." >&2; \
        echo "URL: $GH_API_URL" >&2; \
        echo "HTTP status: $GH_STATUS" >&2; \
        echo "Hint: your build environment may be blocking api.github.com or hitting GitHub API rate limits." >&2; \
        echo "GitHub rate limit headers:" >&2; \
        grep -i '^x-ratelimit' "$GH_HEADERS" >&2 || true; \
        echo "Response body (first 2000 bytes):" >&2; \
        head -c 2000 "$GH_BODY" >&2 || true; \
        echo >&2; \
        exit 1; \
      fi \
    && DIGEST="$(jq -r --arg asset "${ASSET}" '.assets[] | select(.name==$asset) | .digest' "$GH_BODY")" \
    && rm -f "$GH_BODY" "$GH_HEADERS" \
    && if [ -z "$DIGEST" ] || [ "$DIGEST" = "null" ]; then \
        echo "ERROR: failed to find digest for asset '$ASSET' in GitHub release metadata." >&2; \
        exit 1; \
      fi \
    && DIGEST="${DIGEST#sha256:}" \
    && echo "${DIGEST}  /tmp/${ASSET}" | sha256sum -c - \
    && tar -xzf "/tmp/${ASSET}" -C /tmp \
    && mv /tmp/sing-box-*/sing-box /usr/local/bin/ \
    && chmod +x /usr/local/bin/sing-box \
    && rm -rf /tmp/sing-box* \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/*

WORKDIR /app
COPY release-binaries/ /app/release-binaries/

RUN ARCH="${TARGETARCH}" \
    && if [ -z "$ARCH" ]; then ARCH="$(dpkg --print-architecture)"; fi \
    && case "${ARCH}" in \
      amd64) BIN="/app/release-binaries/singbox-proxy-manager-linux-amd64" ;; \
      arm64) BIN="/app/release-binaries/singbox-proxy-manager-linux-arm64" ;; \
      *) echo "Unsupported TARGETARCH: ${ARCH}" >&2; exit 1 ;; \
    esac \
    && test -f "$BIN" \
    && cp "$BIN" /app/singbox-proxy-manager \
    && chmod +x /app/singbox-proxy-manager \
    && rm -rf /app/release-binaries \
    && mkdir -p /app/config

ENV PORT=30000
ENV CONFIG_DIR=/app/config
ENV TZ=UTC+8
ENV ADMIN_PASSWORD=

EXPOSE 30000
VOLUME ["/app/config"]
CMD ["/app/singbox-proxy-manager"]