Zac Gaetano
9e3f031f95
- core/webrtc: NewSourceOn(streamID, host, port) allows binding the RTP UDP socket on something other than 127.0.0.1, required when the PoC runs in a container and must accept RTP from LAN publishers. NewSource(streamID, port) stays as a convenience wrapper on 127.0.0.1 for existing tests and tight local tests. - cmd/webrtc-poc: new -rtp-host flag (default 127.0.0.1 for safety). - deploy/docker/Dockerfile: two-stage build, scratch runtime, ~14 MB. - deploy/truenas/docker-compose.yml: host-networked stack template driven by a .env file. Host networking is required for WebRTC ICE to work without NAT rewriting per-candidate. - deploy/truenas/README.md: operator runbook with port picking, bring-up, verification curls, and security notes.
34 lines
932 B
Docker
34 lines
932 B
Docker
# Dockerfile for the Dragon Fork WebRTC PoC (M1).
|
|
#
|
|
# Two-stage:
|
|
# 1. builder: compile a static linux/amd64 binary inside the repo
|
|
# 2. runtime: minimal scratch image with the binary only
|
|
#
|
|
# The PoC has no outbound HTTPS needs and no dynamic libraries, so
|
|
# `scratch` is safe. Image size ~14 MB.
|
|
#
|
|
# The binary's flags (-stream, -rtp-port, -listen, -public-ip) are
|
|
# passed via `command:` in docker-compose (or `docker run ...`).
|
|
|
|
# ---- builder ----
|
|
FROM golang:1.24-alpine AS builder
|
|
|
|
WORKDIR /src
|
|
COPY . .
|
|
|
|
# Static, stripped, no CGO — no shared libs needed in runtime stage.
|
|
ENV CGO_ENABLED=0 GOOS=linux GOARCH=amd64
|
|
RUN go build -trimpath -ldflags="-s -w" \
|
|
-o /out/webrtc-poc \
|
|
./cmd/webrtc-poc
|
|
|
|
# ---- runtime ----
|
|
FROM scratch AS runtime
|
|
|
|
COPY --from=builder /out/webrtc-poc /webrtc-poc
|
|
|
|
# Defaults — override via `command:` or `docker run ...`.
|
|
EXPOSE 8787/tcp
|
|
EXPOSE 10000/udp
|
|
|
|
ENTRYPOINT ["/webrtc-poc"]
|