In case of Intel Graphics repository (repositories.intel.com) is unavailable in your region (like in Ukraine now)
root@server6:~/ollama-cpu-docker# wget https://repositories.intel.com/gpu/intel-graphics.key --2025-05-31 15:32:26-- https://repositories.intel.com/gpu/intel-graphics.key Resolving repositories.intel.com (repositories.intel.com)... 18.66.233.105, 18.66.233.19, 18.66.233.129, ... Connecting to repositories.intel.com (repositories.intel.com)|18.66.233.105|:443... connected. HTTP request sent, awaiting response... 403 Forbidden 2025-05-31 15:32:27 ERROR 403: Forbidden.
https_proxy may be used like in example below
http://proxy.example.com:3128/ to be replaced with proxy address and port that is open for you
# SD.Next IPEX Dockerfile
# docs: <https://github.com/vladmandic/sdnext/wiki/Docker>
# base image
FROM ubuntu:noble
# metadata
LABEL org.opencontainers.image.vendor="SD.Next"
LABEL org.opencontainers.image.authors="liutyi.info"
LABEL org.opencontainers.image.url="https://github.com/vladmandic/sdnext/"
LABEL org.opencontainers.image.documentation="https://github.com/vladmandic/sdnext/wiki/Docker"
LABEL org.opencontainers.image.source="https://github.com/vladmandic/sdnext/"
LABEL org.opencontainers.image.licenses="AGPL-3.0"
LABEL org.opencontainers.image.title="SD.Next IPEX"
LABEL org.opencontainers.image.description="SD.Next: Advanced Implementation of Stable Diffusion and other Diffusion-based generative image models"
LABEL org.opencontainers.image.base.name="https://hub.docker.com/_/ubuntu:noble"
LABEL org.opencontainers.image.version="latest"
# essentials
RUN https_proxy=http://proxy.example.com:3128/ apt-get update && \
https_proxy=http://proxy.example.com:3128/ apt-get install -y --no-install-recommends --fix-missing \
software-properties-common \
build-essential \
ca-certificates \
wget \
gpg \
git
# intel compute runtime
RUN https_proxy=http://proxy.example.com:3128/ wget -qO - https://repositories.intel.com/gpu/intel-graphics.key | gpg --yes --dearmor --output /usr/share/keyrings/intel-graphics.gpg
RUN echo "deb [arch=amd64,i386 signed-by=/usr/share/keyrings/intel-graphics.gpg] https://repositories.intel.com/gpu/ubuntu noble client" | tee /etc/apt/sources.list.d/intel-gpu-noble.list
RUN https_proxy=http://proxy.example.com:3128/ apt-get update
RUN https_proxy=http://proxy.example.com:3128/ apt-get install -y --no-install-recommends --fix-missing \
intel-opencl-icd \
libze-intel-gpu1 \
libze1
# required by pytorch / ipex
RUN https_proxy=http://proxy.example.com:3128/ apt-get install -y --no-install-recommends --fix-missing \
libgl1 \
libglib2.0-0 \
libgomp1
# python3.12
RUN https_proxy=http://proxy.example.com:3128/ apt-get install -y --no-install-recommends --fix-missing \
python3 \
python3-dev \
python3-venv \
python3-pip
# jemalloc is not required but it is highly recommended (also used with optional ipexrun)
RUN https_proxy=http://proxy.example.com:3128/ apt-get install -y --no-install-recommends --fix-missing libjemalloc-dev
ENV LD_PRELOAD=libjemalloc.so.2
# cleanup
RUN /usr/sbin/ldconfig
RUN https_proxy=http://proxy.example.com:3128/ apt-get clean && rm -rf /var/lib/apt/lists/*
# stop pip and uv from caching
ENV PIP_NO_CACHE_DIR=true
ENV UV_NO_CACHE=true
# set paths to use with sdnext
ENV SD_DOCKER=true
ENV SD_DATADIR="/mnt/data"
ENV SD_MODELSDIR="/mnt/models"
ENV venv_dir="/mnt/python/venv"
# paths used by sdnext can be a volume if necessary
#VOLUME [ "/app" ]
#VOLUME [ "/mnt/data" ]
#VOLUME [ "/mnt/models" ]
#VOLUME [ "/mnt/python" ]
#VOLUME [ "/root/.cache/huggingface" ]
# intel specific environment variables
#ENV IPEX_SDPA_SLICE_TRIGGER_RATE=1
#ENV IPEX_ATTENTION_SLICE_RATE=0.5
#ENV IPEX_FORCE_ATTENTION_SLICE=-1
#ENV IPEXRUN=False
# git clone and run sdnext
RUN echo '#!/bin/bash\ngit status || git clone https://github.com/vladmandic/sdnext.git .\n/app/webui.sh "$@"' | tee /bin/startup.sh
RUN chmod 755 /bin/startup.sh
# actually run sdnext
WORKDIR /app
ENTRYPOINT [ "startup.sh", "-f", "--use-ipex", "--uv", "--listen", "--insecure", "--share", "--update", "--debug", "--api-log", "--log", "sdnext.log" ]
# expose port
EXPOSE 7860
# healthcheck function
HEALTHCHECK --interval=60s --timeout=10s --start-period=60s --retries=3 CMD curl --fail http://localhost:7860/sdapi/v1/status || exit 1
# stop signal
STOPSIGNAL SIGINT
