alee/fieldwitness
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
490f9d4a1d
fieldwitness/deploy/docker/Dockerfile
Aaron D. Lee 490f9d4a1d Rebrand SooSeF to FieldWitness 
Complete project rebrand for better positioning in the press freedom
and digital security space. FieldWitness communicates both field
deployment and evidence testimony — appropriate for the target audience
of journalists, NGOs, and human rights organizations.

Rename mapping:
- soosef → fieldwitness (package, CLI, all imports)
- soosef.stegasoo → fieldwitness.stego
- soosef.verisoo → fieldwitness.attest
- ~/.soosef/ → ~/.fwmetadata/ (innocuous data dir name)
- SOOSEF_DATA_DIR → FIELDWITNESS_DATA_DIR
- SoosefConfig → FieldWitnessConfig
- SoosefError → FieldWitnessError

Also includes:
- License switch from MIT to GPL-3.0
- C2PA bridge module (Phase 0-2 MVP): cert.py, export.py, vendor_assertions.py
- README repositioned to lead with provenance/federation, stego backgrounded
- Threat model skeleton at docs/security/threat-model.md
- Planning docs: docs/planning/c2pa-integration.md, docs/planning/gtm-feasibility.md

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-02 15:05:13 -04:00

82 lines
2.8 KiB
Docker
Raw Blame History

# FieldWitness Federation Server
# Multi-stage build for minimal image size.
#
# Tier 2: Org server (full features — web UI, attestation, federation, stego)
# docker build -t fieldwitness-server .
# docker run -v fieldwitness-data:/data -p 5000:5000 -p 8000:8000 fieldwitness-server
#
# Tier 3: Federation relay (attestation + federation only, no stego, no web UI)
# docker build --target relay -t fieldwitness-relay .
# docker run -v relay-data:/data -p 8000:8000 fieldwitness-relay
# === Stage 1: Build dependencies ===
FROM python:3.12-slim-bookworm AS builder
RUN apt-get update && apt-get install -y --no-install-recommends \
gcc g++ gfortran \
libjpeg62-turbo-dev zlib1g-dev libffi-dev libssl-dev \
libopenblas-dev \
&& rm -rf /var/lib/apt/lists/*
WORKDIR /build
COPY . .
# Install into a virtual environment for clean copying
RUN python -m venv /opt/fieldwitness-env \
&& /opt/fieldwitness-env/bin/pip install --no-cache-dir \
".[web,cli,attest,stego-dct,api,federation]"
# === Stage 2: Federation relay (minimal) ===
FROM python:3.12-slim-bookworm AS relay
RUN apt-get update && apt-get install -y --no-install-recommends \
libjpeg62-turbo libopenblas0 \
&& rm -rf /var/lib/apt/lists/* \
&& useradd -m -s /bin/bash fieldwitness
COPY --from=builder /opt/fieldwitness-env /opt/fieldwitness-env
ENV PATH="/opt/fieldwitness-env/bin:$PATH" \
FIELDWITNESS_DATA_DIR=/data \
PYTHONUNBUFFERED=1
VOLUME /data
EXPOSE 8000
USER fieldwitness
# Federation relay: only the attest API with federation endpoints
CMD ["uvicorn", "fieldwitness.attest.api:app", "--host", "0.0.0.0", "--port", "8000"]
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s \
CMD python -c "import urllib.request; urllib.request.urlopen('http://localhost:8000/health')"
# === Stage 3: Full org server ===
FROM python:3.12-slim-bookworm AS server
RUN apt-get update && apt-get install -y --no-install-recommends \
libjpeg62-turbo libopenblas0 \
&& rm -rf /var/lib/apt/lists/* \
&& useradd -m -s /bin/bash fieldwitness
COPY --from=builder /opt/fieldwitness-env /opt/fieldwitness-env
# Copy frontend templates and static assets
COPY frontends/ /opt/fieldwitness-env/lib/python3.12/site-packages/frontends/
ENV PATH="/opt/fieldwitness-env/bin:$PATH" \
FIELDWITNESS_DATA_DIR=/data \
PYTHONUNBUFFERED=1
VOLUME /data
EXPOSE 5000 8000
USER fieldwitness
# Init on first run, then start web UI (HTTPS by default with self-signed cert).
# Use --no-https explicitly if running behind a TLS-terminating reverse proxy.
CMD ["sh", "-c", "fieldwitness init 2>/dev/null; fieldwitness serve --host 0.0.0.0"]
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s \
CMD python -c "import urllib.request; urllib.request.urlopen('http://localhost:5000/health')"
Reference in New Issue View Git Blame Copy Permalink