forked from visibilityspots/dockerfile-cloudflared
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
41 lines (28 loc) · 1.32 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
ARG ARCH
FROM golang:alpine as gobuild
ARG GOARCH
ARG GOARM
RUN apk update; \
apk add git gcc build-base; \
go get -v github.com/cloudflare/cloudflared/cmd/cloudflared
WORKDIR /go/src/github.com/cloudflare/cloudflared/cmd/cloudflared
RUN GOARCH=${GOARCH} GOARM=${GOARM} go build ./
FROM multiarch/alpine:${ARCH}-latest-stable
LABEL maintainer="Jan Collijs"
ENV DNS1 1.1.1.1
ENV UPSTREAM1 https://${DNS1}/dns-query
ENV DNS2 1.0.0.1
ENV UPSTREAM2 https://${DNS2}/dns-query
ENV PORT 5054
ENV ADDRESS 0.0.0.0
ENV METRICS 127.0.0.1:8080
RUN echo 'http://dl-cdn.alpinelinux.org/alpine/latest-stable/main' > /etc/apk/repositories ; \
echo 'http://dl-cdn.alpinelinux.org/alpine/latest-stable/community' >> /etc/apk/repositories; \
adduser -S cloudflared; \
apk add --no-cache ca-certificates bind-tools libcap; \
rm -rf /var/cache/apk/*;
COPY --from=gobuild /go/src/github.com/cloudflare/cloudflared/cmd/cloudflared/cloudflared /usr/local/bin/cloudflared
RUN setcap CAP_NET_BIND_SERVICE+eip /usr/local/bin/cloudflared
HEALTHCHECK --interval=5s --timeout=3s --start-period=5s CMD nslookup -po=${PORT} cloudflare.com 127.0.0.1 || exit 1
USER cloudflared
CMD ["/bin/sh", "-c", "/usr/local/bin/cloudflared proxy-dns --address ${ADDRESS} --port ${PORT} --metrics ${METRICS} --upstream ${UPSTREAM1} --upstream ${UPSTREAM2}"]