Files
Wormhole/Dockerfile
T
rose_cat707 612d68f56f feat: Wormhole 内网穿透与反向代理网关
Go + Vue 管理台,SQLite 持久化;支持隧道/域名穿透、域名转发插件链、访客认证、
IP 规则、API Key、Docker 单镜像部署;配置通过 Web 系统设置管理,无需 YAML 文件。

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-06-23 12:15:02 +08:00

76 lines
2.1 KiB
Docker

# Wormhole 统一镜像(server / agent 同一二进制,启动命令区分角色)
#
# 构建:
# docker build -t wormhole:latest .
#
# 服务端:
# docker run -d --name wormhole \
# -p 8529:8529 -p 8528:8528 -p 8081:8081 -p 8443:8443 \
# -v wormhole-data:/app/data \
# wormhole:latest
#
# Agent:
# docker run -d --name wormhole-agent --network host \
# wormhole:latest agent -server <服务端IP>:8528 -key <verify_key>
# syntax=docker/dockerfile:1
FROM --platform=$BUILDPLATFORM node:20-alpine AS web-builder
WORKDIR /src/web
COPY web/package.json web/package-lock.json ./
RUN npm ci --registry=https://registry.npmmirror.com
COPY web/ ./
RUN npm run build
FROM --platform=$BUILDPLATFORM golang:1.24-alpine AS go-builder
ARG TARGETARCH
RUN apk add --no-cache gcc musl-dev curl tar \
&& if [ "$TARGETARCH" = "amd64" ]; then \
curl -fsSL https://musl.cc/x86_64-linux-musl-cross.tgz -o /tmp/cross.tgz \
&& tar -xzf /tmp/cross.tgz -C /usr/local \
&& rm /tmp/cross.tgz; \
fi
WORKDIR /src
COPY go.mod go.sum go.env ./
RUN --mount=type=cache,target=/go/pkg/mod \
GOPROXY=https://goproxy.cn,direct go mod download
COPY cmd/ ./cmd/
COPY internal/ ./internal/
COPY web/embed.go ./web/
COPY --from=web-builder /src/web/dist ./web/dist
RUN --mount=type=cache,target=/go/pkg/mod \
--mount=type=cache,target=/root/.cache/go-build \
set -eu; \
export CGO_ENABLED=1 GOOS=linux GOARCH="$TARGETARCH" GOPROXY=https://goproxy.cn,direct; \
if [ "$TARGETARCH" = "amd64" ]; then \
export CC=/usr/local/x86_64-linux-musl-cross/bin/x86_64-linux-musl-gcc; \
fi; \
go build -ldflags="-w -s" -o /wormhole ./cmd/wormhole
FROM alpine:3.20@sha256:d9e853e87e55526f6b2917df91a2115c36dd7c696a35be12163d44e6e2a4b6bc
RUN apk add --no-cache ca-certificates tzdata \
&& addgroup -S wormhole \
&& adduser -S wormhole -G wormhole
WORKDIR /app
COPY --from=go-builder /wormhole /usr/local/bin/wormhole
RUN mkdir -p /app/data \
&& chown -R wormhole:wormhole /app
USER wormhole
VOLUME ["/app/data"]
EXPOSE 8529 8528 8081 8443
ENTRYPOINT ["/usr/local/bin/wormhole"]
CMD ["server"]