This PR fixes the currently broken Dockerfile. As referenced via #4, I have pinned the version at Python 3.10 currently due to an out-of-date LXML in the main SimplyTranslateWeb repository.
Dockerfile: instead of using a Debian-based image, we switch to Alpine. We don't need to update and upgrade a docker container usually so we can just pull what we need. In my tests, the current Dockerfile will result in a 1.46 GB image. With these patches, the new Dockerfile will result in a 262.59 MB image; a significant reduction in image size and a faster overall build time.
Docker Compose:
* `user`: this is set to `nobody`, the least privileged account.
* `read_only`: this is set to true, this container doesn't write anything to the filesystem.
* `security_opt`: there's a lot of settings, but the important on is that the container doesn't get any privileges when asking for them.
* `cap_drop`: this drops all capabilities like CHOWN, SETUID, etc.
* `networks`: this puts `simplytranslate` in its own separate bridge network where it cannot talk to other containers.
Co-authored-by: Nullnet Services Administrator <admin@nullnet.services>
Reviewed-on: https://codeberg.org/SimpleWeb/SimplyTranslate-Docker/pulls/5
Co-authored-by: kuantum <kuantum@noreply.codeberg.org>
Co-committed-by: kuantum <kuantum@noreply.codeberg.org>
kuantum