Markus Pesch
2434615258
Adapt the Makefile and Dockerfile for a multi-stage build of the container image. It is now not anymore required to have go locally installed to build the container image. Inside the multi-stage build, the newly create make install command will be executed. The compbiled files will than be copied to a new base image with less dependencies. Further improvement would be to use instead of debian:10 scratch, because the application does not have any C dependencies (CGO_ENABLED=0). Additionally it is not possible to build the container image with alternative container runtimes like podman instead of docker. make build/container-image CONTAINER_RUNTIME=podman The used base image names are now defined as fully qualified image names (with registry host), to support local container registry mirror configurations.
23 lines
551 B
Desktop File
23 lines
551 B
Desktop File
[Unit]
|
|
Description=Prometheus exporter for fail2ban metrics
|
|
Requires=network-online.target
|
|
After=network-online.target
|
|
|
|
[Service]
|
|
EnvironmentFile=/etc/conf.d/EXECUTABLE
|
|
ExecStart=/usr/bin/EXECUTABLE
|
|
ExecReload=/bin/kill -HUP $MAINPID
|
|
Restart=on-failure
|
|
RestartSec=5s
|
|
|
|
NoNewPrivileges=true
|
|
|
|
# NOTE: Would be great to create and use a dedicated user/group via
|
|
# sysusers.conf to access the fail2ban socket, but currently it is no possible
|
|
# without manual configuration of the fail2ban daemon.
|
|
User=root
|
|
Group=root
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|