From 29557cad453ab0f4ef09e18f6c0fe33940f5d2d2 Mon Sep 17 00:00:00 2001 From: caoqianming Date: Tue, 26 May 2026 22:01:33 +0800 Subject: [PATCH] =?UTF-8?q?deploy/sandbox:=20apt=20=E6=BA=90=20build-arg?= =?UTF-8?q?=20APT=5FMIRROR(chromium=20=E8=A3=85=E5=BE=97=E6=85=A2)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 跟 PIP_INDEX_URL / NPM_REGISTRY 同款:Dockerfile 加 ARG APT_MIRROR,空默 Debian 官方;非空则 sed 替 sources.list[.d/*.sources] 里 deb.debian.org + security.debian.org 的 host 前缀。 腾讯云轻量 / CVM 上跑: --build-arg APT_MIRROR=https://mirrors.cloud.tencent.com RUN.md 镜像构建段加 APT_MIRROR 行,跟 pip/npm 排一起。 Co-Authored-By: Claude Opus 4.7 (1M context) --- RUN.md | 4 ++++ deploy/sandbox/Dockerfile | 15 +++++++++++++++ 2 files changed, 19 insertions(+) diff --git a/RUN.md b/RUN.md index dc392b5..ab8f1aa 100644 --- a/RUN.md +++ b/RUN.md @@ -292,6 +292,10 @@ sudo -u zcbot docker build \ # 镜像源走 https,通常不需 --trusted-host;若用 http 源加 # --build-arg PIP_TRUSTED_HOST= +# apt 源同款(chromium + nodejs + npm 体积大,deb.debian.org 境内慢): +# --build-arg APT_MIRROR=https://mirrors.cloud.tencent.com # 腾讯云内网 +# --build-arg APT_MIRROR=https://mirrors.aliyun.com # 阿里云 + # npm 源同款(@mermaid-js/mermaid-cli + 依赖,境内访问 registry.npmjs.org 也慢): # --build-arg NPM_REGISTRY=https://mirrors.cloud.tencent.com/npm/ # 腾讯云 # --build-arg NPM_REGISTRY=https://registry.npmmirror.com/ # 阿里(npmmirror) diff --git a/deploy/sandbox/Dockerfile b/deploy/sandbox/Dockerfile index 86e5544..d380558 100644 --- a/deploy/sandbox/Dockerfile +++ b/deploy/sandbox/Dockerfile @@ -10,6 +10,21 @@ # --build-arg HOST_UID=$(id -u zcbot) --build-arg HOST_GID=$(id -g zcbot) . FROM python:3.11-slim +# apt 源可配(同 pip / npm 同款,境内访问 deb.debian.org 慢): +# --build-arg APT_MIRROR=https://mirrors.cloud.tencent.com # 腾讯云内网 +# --build-arg APT_MIRROR=https://mirrors.aliyun.com # 阿里云 +# 默 Debian 官方源;只替 host 前缀,后面 `/debian` / `/debian-security` 不动 +# (mirror 站镜像结构与官方一致) +ARG APT_MIRROR= +RUN if [ -n "${APT_MIRROR}" ]; then \ + sed -i \ + -e "s|http://deb.debian.org|${APT_MIRROR}|g" \ + -e "s|https://deb.debian.org|${APT_MIRROR}|g" \ + -e "s|http://security.debian.org|${APT_MIRROR}|g" \ + -e "s|https://security.debian.org|${APT_MIRROR}|g" \ + /etc/apt/sources.list /etc/apt/sources.list.d/*.sources 2>/dev/null || true; \ + fi + # - iptables / ip6tables: init.sh 配 blocklist 需要(NET_ADMIN cap 在 docker run 处加) # - iproute2: ip 命令(调试 / 排查) # - netbase: /etc/protocols /etc/services(curl / 多数网络库依赖)