-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathDockerfile.prod
More file actions
166 lines (134 loc) · 4.56 KB
/
Dockerfile.prod
File metadata and controls
166 lines (134 loc) · 4.56 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
# Production Dockerfile for OpenMVG/OpenMVS Go Application
# Multi-stage build optimized for security, size, and performance
# ------------------------------
# Stage 1: Build OpenMVG/OpenMVS
# ------------------------------
FROM ubuntu:22.04 AS cv_builder
ENV DEBIAN_FRONTEND=noninteractive
ARG DEBIAN_FRONTEND=noninteractive
RUN echo 'Acquire::ForceIPv4 "true";' > /etc/apt/apt.conf.d/99force-ipv4
ENV TZ=UTC
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
RUN sed -i'' 's/archive\.ubuntu\.com/us\.archive\.ubuntu\.com/' /etc/apt/sources.list
# Install only build dependencies
# Seperate for cache issues
RUN apt-get -y update
RUN apt-get install -y --no-install-recommends \
cmake build-essential git ca-certificates \
python3-dev libboost-system-dev libboost-filesystem-dev \
libboost-program-options-dev libboost-serialization-dev \
libboost-iostreams-dev \
libopencv-dev \
libpng-dev \
libjpeg-dev libtiff-dev libglu1-mesa-dev \
libglew-dev libglfw3-dev coinor-libclp-dev libceres-dev \
libcgal-dev libcgal-qt5-dev graphviz liblemon-dev \
pkg-config && \
rm -rf /var/lib/apt/lists/*
# Build VCG library
RUN git clone --depth=1 https://github.com/cdcseacave/VCG.git /vcglib
# Build OpenMVG
RUN git clone --recursive --depth=1 https://github.com/openMVG/openMVG.git /openMVG && \
mkdir -p /openMVG_build && cd /openMVG_build && \
cmake -DCMAKE_BUILD_TYPE=RELEASE \
-DCMAKE_INSTALL_PREFIX=/usr/local \
-DOpenMVG_BUILD_EXAMPLES=OFF \
-DOpenMVG_USE_RERUN=OFF \
/openMVG/src && \
make -j$(nproc) && \
make install
# Build OpenMVS
RUN git clone --branch develop --depth=1 https://github.com/cdcseacave/openMVS.git /openMVS && \
sed -i 's|<CGAL/AABB_traits_3.h>|<CGAL/AABB_tree.h>|g' /openMVS/libs/MVS/SceneReconstruct.cpp && \
sed -i 's|<CGAL/AABB_triangle_primitive_3.h>|<CGAL/AABB_triangle_primitive.h>|g' /openMVS/libs/MVS/SceneReconstruct.cpp && \
mkdir -p /openMVS_build && cd /openMVS_build && \
cmake -DCMAKE_BUILD_TYPE=RELEASE \
-DCMAKE_INSTALL_PREFIX=/usr/local \
-DOpenMVG_DIR=/usr/local/lib/cmake/openmvg \
-DVCG_ROOT=/vcglib \
/openMVS && \
make -j$(nproc) && \
make install
# ------------------------------
# Stage 2: Build Go Application
# ------------------------------
FROM golang:1.24.3-alpine AS go_builder
# Install git for Go modules (if needed)
RUN apk add --no-cache git ca-certificates
WORKDIR /app
# Copy go mod files first for better caching
COPY go.mod go.sum ./
RUN go mod download
# Copy source code
COPY . .
# Build the Go application
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build \
-ldflags='-w -s -extldflags "-static"' \
-a -installsuffix cgo \
-o server .
# ------------------------------
# Stage 3: Build Blender (minimal)
# ------------------------------
FROM linuxserver/blender:4.4.3 AS blender_builder
# ------------------------------
# Stage 4: Production Runtime
# ------------------------------
FROM alpine:3.22 AS final
# Create non-root user
RUN addgroup -S appuser && adduser -S -G appuser -s /sbin/nologin appuser
# Install runtime dependencies
RUN apk add --no-cache \
boost-dev \
cgal \
# ceres \
curl \
glew \
glfw \
glu \
jpeg \
libgomp \
libpng \
libstdc++ \
mesa \
opencv \
tiff \
tzdata \
wget
# xorg-server
# Copy OpenMVG/OpenMVS binaries and libraries
COPY --from=cv_builder /usr/local/bin/open* /usr/local/bin/
COPY --from=cv_builder /usr/local/lib/open* /usr/local/lib/
# Copy Blender (only essential parts)
COPY --from=blender_builder /blender /opt/blender
ENV PATH="/opt/blender:$PATH"
# Copy Go application
COPY --from=go_builder /app/server /usr/local/bin/server
WORKDIR /app
# Copy utilities
COPY ./bin /app/bin
# Update library cache
RUN ldconfig || true
# Create app directory with proper permissions
RUN mkdir -p /app /app/data /app/logs && \
chown -R appuser:appuser /app && \
chown -R appuser:appuser /usr/local/bin
# Copy entrypoint script
COPY --chown=appuser:appuser ./entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
# Set environment variables
ENV PATH="/usr/local/bin:/usr/local/bin/OpenMVS:/opt/blender:$PATH" \
PORT=3333 \
GIN_MODE=release \
LOG_LEVEL=info \
BLENDER_PATH=/usr/local/bin/blender \
TZ=UTC
# Switch to non-root user
USER appuser
# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \
CMD curl -f http://localhost:${PORT}/health || exit 1
# Expose port
EXPOSE 3333
# Use proper entrypoint
ENTRYPOINT ["/entrypoint.sh"]
CMD ["/usr/local/bin/server"]