Merge branch 'master' into feat/add-duckdns-dns-challenge-plugin

JonasAlfredsson · Aug 14, 2024 · cad0481 · cad0481
2 parents 7ee5e3a + 6342ab4
commit cad0481
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 6 deletions.
diff --git a/src/Dockerfile b/src/Dockerfile
@@ -25,6 +25,10 @@ ENV CERTBOT_DNS_AUTHENTICATORS \
 # any real need to cater to other programs/environments.
 ARG PIP_BREAK_SYSTEM_PACKAGES=1
 
+# We need to do some platfrom specific workarounds in the build script, so bring
+# this information in to the build environment.
+ARG TARGETPLATFORM
+
 # Through this we gain the ability to handle certbot upgrades through
 # dependabot pull requests.
 COPY requirements.txt /requirements.txt
@@ -35,7 +39,6 @@ RUN set -ex && \
     apt-get update && \
     apt-get install -y --no-install-recommends \
             build-essential \
-            cargo \
             curl \
             libffi8 \
             libffi-dev \
@@ -46,6 +49,18 @@ RUN set -ex && \
             python3 \
             python3-dev \
     && \
+# Install the latest version of rustc/cargo if we are in an architecture that
+# needs to build the cryptography Python package.
+    if echo "$TARGETPLATFORM" | grep -E -q '^(linux/386|linux/arm64|linux/arm/v7)'; then \
+        curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | /bin/sh -s -- -y \
+# For some reason the rustup script is unable to correctly identify the
+# environment if we are building an i386 image on an x86_64 system, so we need
+# to provide this information manually.
+        $(if [ "$TARGETPLATFORM" = "linux/386" ]; then \
+            echo "--default-host i686-unknown-linux-gnu"; \
+        fi) && \
+        . "$HOME/.cargo/env"; \
+    fi && \
 # Install the latest version of PIP, Setuptools and Wheel.
     curl -L 'https://bootstrap.pypa.io/get-pip.py' | python3 && \
 # Install certbot.
@@ -55,18 +70,19 @@ RUN set -ex && \
 # Remove everything that is no longer necessary.
     apt-get remove --purge -y \
             build-essential \
-            cargo \
             curl \
             libffi-dev \
             libssl-dev \
             pkg-config \
             python3-dev \
     && \
+    if echo "$TARGETPLATFORM" | grep -E -q '^(linux/386|linux/arm64|linux/arm/v7)'; then \
+        rustup self uninstall -y; \
+    fi && \
     apt-get autoremove -y && \
     apt-get clean && \
     rm -rf /var/lib/apt/lists/* && \
     rm -rf /root/.cache && \
-    rm -rf /root/.cargo && \
 # Create new directories and set correct permissions.
     mkdir -p /var/www/letsencrypt && \
     mkdir -p /etc/nginx/user_conf.d && \

diff --git a/src/Dockerfile-alpine b/src/Dockerfile-alpine
@@ -34,7 +34,6 @@ RUN set -ex && \
 # Install packages necessary during the build phase (for all architectures).
     apk add --no-cache \
         bash \
-        cargo \
         curl \
         findutils \
         libffi \
@@ -55,14 +54,12 @@ RUN set -ex && \
     pip3 install $(echo $CERTBOT_DNS_AUTHENTICATORS | sed 's/\(^\| \)/\1certbot-dns-/g') && \
 # Remove everything that is no longer necessary.
     apk del \
-        cargo \
         curl \
         libffi-dev \
         libressl-dev \
         python3-dev \
     && \
     rm -rf /root/.cache && \
-    rm -rf /root/.cargo && \
 # Create new directories and set correct permissions.
     mkdir -p /var/www/letsencrypt && \
     mkdir -p /etc/nginx/user_conf.d && \