rlbr
/
docker-devpi
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

Update README.md

master
M Clark 10 years ago
parent
dbd36b0f9c
commit
3d090ac143
1 changed files with 30 additions and 15 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 45
      README.md

45
README.md
View File

@ -1,19 +1,17 @@
docker-devpi
============
This repository contains a Dockerfile for devpi pypi server
This repository contains a Dockerfile for [devpi pypi server](http://doc.devpi.net/latest/).
http://doc.devpi.net/latest/
Installation
# Installation
`docker pull muccg/docker-devpi`
Quickstart
# Quickstart
Start using
```
```bash
docker run -d --name devpi \
--publish 3141:3141 \
--volume /srv/docker/devpi:/data \
@ -21,22 +19,18 @@ docker run -d --name devpi \
--restart always \
muccg/docker-devpi
```
Devpi creates a user named root by default, its password can be set with DEVPI_PASSWORD environment variable. Please set it, otherwise attacker can *execute arbitrary code* in your application by uploading modified packages.
Please set DEVPI_PASSWORD to a secret otherwise an attacker can *execute arbitrary code* in your application by uploading modified packages.
Persistence
# Persistence
For devpi to preserve its state across container shutdown and startup you should mount a volume at `/data`. The quickstart command already includes this.
Security
# Client side usage
Devpi creates a user named root by default, its password can be set with DEVPI_PASSWORD environment variable. Please set it, otherwise attacker can *execute arbitrary code* in your application by uploading modified packages.
Usage
To use this devpi cache to speed up your dockerfile builds, add pip as an optional cache:
To use this devpi cache to speed up your dockerfile builds, add use this snippit in your dockerfiles. This will add the devpi container an optional cache for pip:
```Dockerfile
# configure apt to not install reccomendations
# Install netcat for ip route
RUN apt-get update \
&& apt-get install -y netcat \
&& rm -rf /var/lib/apt/lists/*
@ -51,3 +45,24 @@ RUN export HOST_IP=$(ip route| awk '/^default/ {print $3}') \
&& cat ~/.pip/pip.conf
```
# Uploading files
```bash
pip wheel --download=packages --wheel-dir=wheelhouse -r requirements.txt
pip install "devpi-client>=2.3.0" \
&& export HOST_IP=$(ip route| awk '/^default/ {print $3}') \
&& if devpi use http://$HOST_IP:3141>/dev/null; then \
devpi use http://$HOST_IP:3141/${DEVPI_USER:-app}/${DEVPI_INDEX:-dev} --set-cfg \
&& devpi login ${DEVPI_USER:-app} --password=$DEVPI_PASSWORD \
&& devpi upload --from-dir --formats=* ./wheelhouse ./packages; \
else \
echo No started devpi container found at http://$HOST_IP:3141; \
fi
```
# Security
Devpi creates a user named root by default, its password can be set with DEVPI_PASSWORD environment variable. Please set it, otherwise attacker can *execute arbitrary code* in your application by uploading modified packages.
For additonal security the argument `--restrict-modify root` has been added so only the root may create users and indexes.
Write Preview
Loading…
Cancel
Save