deploy/sandbox: apt 源 build-arg APT_MIRROR(chromium 装得慢)

跟 PIP_INDEX_URL / NPM_REGISTRY 同款:Dockerfile 加 ARG APT_MIRROR,空默
Debian 官方;非空则 sed 替 sources.list[.d/*.sources] 里 deb.debian.org +
security.debian.org 的 host 前缀。

腾讯云轻量 / CVM 上跑:
  --build-arg APT_MIRROR=https://mirrors.cloud.tencent.com

RUN.md 镜像构建段加 APT_MIRROR 行,跟 pip/npm 排一起。

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
caoqianming 2026-05-26 22:01:33 +08:00
parent 23ff996d38
commit 29557cad45
2 changed files with 19 additions and 0 deletions

4
RUN.md
View File

@ -292,6 +292,10 @@ sudo -u zcbot docker build \
# 镜像源走 https,通常不需 --trusted-host;若用 http 源加
# --build-arg PIP_TRUSTED_HOST=<host_without_scheme>
# apt 源同款(chromium + nodejs + npm 体积大,deb.debian.org 境内慢):
# --build-arg APT_MIRROR=https://mirrors.cloud.tencent.com # 腾讯云内网
# --build-arg APT_MIRROR=https://mirrors.aliyun.com # 阿里云
# npm 源同款(@mermaid-js/mermaid-cli + 依赖,境内访问 registry.npmjs.org 也慢):
# --build-arg NPM_REGISTRY=https://mirrors.cloud.tencent.com/npm/ # 腾讯云
# --build-arg NPM_REGISTRY=https://registry.npmmirror.com/ # 阿里(npmmirror)

View File

@ -10,6 +10,21 @@
# --build-arg HOST_UID=$(id -u zcbot) --build-arg HOST_GID=$(id -g zcbot) .
FROM python:3.11-slim
# apt 源可配(同 pip / npm 同款,境内访问 deb.debian.org 慢):
# --build-arg APT_MIRROR=https://mirrors.cloud.tencent.com # 腾讯云内网
# --build-arg APT_MIRROR=https://mirrors.aliyun.com # 阿里云
# 默 Debian 官方源;只替 host 前缀,后面 `/debian` / `/debian-security` 不动
# (mirror 站镜像结构与官方一致)
ARG APT_MIRROR=
RUN if [ -n "${APT_MIRROR}" ]; then \
sed -i \
-e "s|http://deb.debian.org|${APT_MIRROR}|g" \
-e "s|https://deb.debian.org|${APT_MIRROR}|g" \
-e "s|http://security.debian.org|${APT_MIRROR}|g" \
-e "s|https://security.debian.org|${APT_MIRROR}|g" \
/etc/apt/sources.list /etc/apt/sources.list.d/*.sources 2>/dev/null || true; \
fi
# - iptables / ip6tables: init.sh 配 blocklist 需要(NET_ADMIN cap 在 docker run 处加)
# - iproute2: ip 命令(调试 / 排查)
# - netbase: /etc/protocols /etc/services(curl / 多数网络库依赖)