54 lines
1.3 KiB
Docker
54 lines
1.3 KiB
Docker
# Rules Engine Dockerfile
|
|
# Event-driven automation rules processor with MQTT and Redis
|
|
|
|
FROM python:3.14-alpine
|
|
|
|
# Prevent Python from writing .pyc files and enable unbuffered output
|
|
ENV PYTHONDONTWRITEBYTECODE=1 \
|
|
PYTHONUNBUFFERED=1 \
|
|
RULES_CONFIG=config/rules.yaml \
|
|
MQTT_BROKER=172.16.2.16 \
|
|
MQTT_PORT=1883 \
|
|
REDIS_HOST=localhost \
|
|
REDIS_PORT=6379 \
|
|
REDIS_DB=8 \
|
|
LOG_LEVEL=INFO
|
|
|
|
# Create non-root user
|
|
RUN addgroup -g 10001 -S app && \
|
|
adduser -u 10001 -S app -G app
|
|
|
|
# Set working directory
|
|
WORKDIR /app
|
|
|
|
# Install system dependencies
|
|
RUN apk add --no-cache \
|
|
gcc \
|
|
musl-dev \
|
|
linux-headers
|
|
|
|
# Install Python dependencies
|
|
COPY apps/rules/requirements.txt /app/requirements.txt
|
|
RUN pip install --no-cache-dir -r requirements.txt
|
|
|
|
# Copy application code
|
|
COPY apps/__init__.py /app/apps/
|
|
COPY apps/rules/ /app/apps/rules/
|
|
COPY packages/ /app/packages/
|
|
COPY config/ /app/config/
|
|
|
|
# Change ownership to non-root user
|
|
RUN chown -R app:app /app
|
|
|
|
# Switch to non-root user
|
|
USER app
|
|
|
|
# Expose no ports (MQTT/Redis client only)
|
|
|
|
# Health check (check if process is running)
|
|
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
|
|
CMD pgrep -f "apps.rules.main" || exit 1
|
|
|
|
# Run the rules engine
|
|
CMD ["python", "-m", "apps.rules.main"]
|