-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
42 lines (32 loc) · 1.23 KB
/
Copy pathDockerfile
File metadata and controls
42 lines (32 loc) · 1.23 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
# syntax=docker/dockerfile:1
# PacketLab — 多阶段构建
# 阶段1: 构建含 pcap (CGO) 的二进制,运行时仅需 libpcap
FROM golang:1.25-bookworm AS builder
# 网卡抓包需要 libpcap 开发头文件
RUN apt-get update && apt-get install -y --no-install-recommends \
libpcap-dev gcc \
&& rm -rf /var/lib/apt/lists/*
WORKDIR /src
COPY go.mod go.sum ./
RUN go mod download
COPY . .
# 启用 CGO 以获得完整 pcap 网卡抓包支持
ARG CGO_ENABLED=1
ENV CGO_ENABLED=${CGO_ENABLED} GOOS=linux GOARCH=amd64
RUN go build -trimpath -ldflags="-s -w" -o /out/packetlab ./cmd/proxy/
# ---- 运行时镜像 ----
FROM debian:bookworm-slim
# 运行时仅需 libpcap 运行库(非 dev 包)
RUN apt-get update && apt-get install -y --no-install-recommends \
ca-certificates libpcap0.8 \
&& rm -rf /var/lib/apt/lists/*
WORKDIR /app
COPY --from=builder /out/packetlab /app/packetlab
# 数据 & 证书持久化目录
RUN mkdir -p /root/.packetlab/certs
VOLUME ["/root/.packetlab"]
# 代理端口 8080,Web/API 端口 9090
EXPOSE 8080 9090
ENTRYPOINT ["/app/packetlab"]
# 默认参数:启动代理 + Web,网卡抓包需显式 --capture(且容器需 NET_ADMIN/CAP_NET_RAW)
CMD ["--proxy-port", "8080", "--api-port", "9090"]