# PyGuardian Multi-stage Dockerfile # Supports both controller and agent modes FROM python:3.11-slim AS base # Install system dependencies RUN apt-get update && apt-get install -y \ iptables \ iputils-ping \ openssh-client \ curl \ && rm -rf /var/lib/apt/lists/* # Create pyguardian user RUN groupadd -r pyguardian && useradd -r -g pyguardian pyguardian # Set working directory WORKDIR /opt/pyguardian # Copy requirements and install Python dependencies COPY requirements.txt . RUN pip install --no-cache-dir -r requirements.txt # Copy source code COPY src/ ./src/ COPY config/ ./config/ COPY main.py . # Set permissions RUN chown -R pyguardian:pyguardian /opt/pyguardian # Create data and logs directories RUN mkdir -p /opt/pyguardian/data /opt/pyguardian/logs \ && chown -R pyguardian:pyguardian /opt/pyguardian/data /opt/pyguardian/logs # Controller mode FROM base AS controller # Expose API port EXPOSE 8443 # Run as pyguardian user USER pyguardian # Set environment variables ENV PYGUARDIAN_MODE=controller ENV PYTHONPATH=/opt/pyguardian # Health check HEALTHCHECK --interval=30s --timeout=10s --start-period=40s --retries=3 \ CMD curl -f http://localhost:8443/health || exit 1 # Start command CMD ["python", "main.py", "--mode", "controller"] # Agent mode FROM base AS agent # Run as pyguardian user USER pyguardian # Set environment variables ENV PYGUARDIAN_MODE=agent ENV PYTHONPATH=/opt/pyguardian # Health check for agent HEALTHCHECK --interval=60s --timeout=15s --start-period=30s --retries=3 \ CMD python -c "import sys; sys.exit(0)" || exit 1 # Start command CMD ["python", "main.py", "--mode", "agent"] # Standalone mode (default) FROM base AS standalone # Expose API port (optional for standalone) EXPOSE 8443 # Run as pyguardian user USER pyguardian # Set environment variables ENV PYGUARDIAN_MODE=standalone ENV PYTHONPATH=/opt/pyguardian # Health check HEALTHCHECK --interval=30s --timeout=10s --start-period=40s --retries=3 \ CMD python -c "import sys; sys.exit(0)" || exit 1 # Start command CMD ["python", "main.py"]