proofmode 0.9.0

Capture, share, and preserve verifiable photos and videos
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94

# ProofMode Docker Support

ProofMode provides comprehensive Docker support for easy deployment and usage across different platforms.

## Features

- **Multi-architecture support**: Pre-built images for amd64 and arm64
- **Optimized image size**: Multi-stage builds with minimal runtime dependencies
- **Security**: Runs as non-root user with minimal permissions
- **Flexibility**: Configurable via environment variables
- **Health checks**: Built-in health monitoring
- **Docker Compose**: Easy orchestration with optional services

## Quick Start

```bash
# Using the quick-start script
cd docker
./quick-start.sh

# Or manually with Docker
docker pull registry.gitlab.com/guardianproject/proofmode/proofmode-rust:latest
docker run -v $(pwd):/app/input registry.gitlab.com/guardianproject/proofmode/proofmode-rust check /app/input/photo.jpg
```

## Image Details

- **Base**: Debian Bookworm Slim
- **Size**: ~50MB (compressed)
- **User**: runs as uid 1000 (proofmode)
- **Volumes**: `/app/input`, `/app/output`, `/app/config`

## Available Tags

- `latest` - Latest stable release
- `main` - Latest from main branch
- `develop` - Latest development version
- Version tags (e.g., `v0.8.4`)

## Building from Source

```bash
# Build for current architecture
make docker-build

# Build multi-architecture image
make docker-buildx

# Test the image
make docker-test
```

## Environment Variables

| Variable | Description | Default |
|----------|-------------|---------|
| `RUST_LOG` | Logging level | `info` |
| `PROOFMODE_INPUT_DIR` | Input directory | `/app/input` |
| `PROOFMODE_OUTPUT_DIR` | Output directory | `/app/output` |
| `PROOFMODE_CONFIG_DIR` | Config directory | `/app/config` |

## Docker Compose

The project includes a comprehensive `docker-compose.yml` with optional services:

```bash
# Start core service
docker-compose up -d

# With IPFS support
docker-compose --profile with-ipfs up -d

# With PostgreSQL database
docker-compose --profile with-database up -d
```

## CI/CD

GitLab CI automatically builds and publishes Docker images on:
- Push to main branch
- New version tags (v*)

Images are published to:
- GitLab Container Registry: `registry.gitlab.com/guardianproject/proofmode/proofmode-rust`

## Security Considerations

- Container runs as non-root user (uid 1000)
- Read-only root filesystem with specific writable volumes
- No new privileges flag enabled
- Minimal attack surface with only required dependencies
- Regular security scanning with Trivy

For more detailed usage examples, see the [Docker README](docker/README.md).