This repository has been archived by the owner on Oct 2, 2023. It is now read-only.
-
-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathDockerfile
146 lines (132 loc) · 8 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
FROM debian@sha256:fbaacd55d14bd0ae0c0441c2347217da77ad83c517054623357d1f9d07f79f5e as systemd
#
# Systemd installation
#
RUN apt-get update && \
apt-get install -y --no-install-recommends \
systemd \
systemd-sysv \
libpam-systemd \
libsystemd0 \
parted \
ca-certificates \
dbus \
iptables \
iproute2 \
avahi-daemon \
avahi-discover \
libnss-mdns \
kmod \
locales \
sudo \
udev && \
\
# Prevents journald from reading kernel messages from /dev/kmsg
echo "ReadKMsg=no" >> /etc/systemd/journald.conf && \
\
# Housekeeping
apt-get clean -y && \
rm -rf \
/var/cache/debconf/* \
/var/lib/apt/lists/* \
/var/log/* \
/tmp/* \
/var/tmp/* \
/usr/share/doc/* \
/usr/share/man/* \
/usr/share/local/* && \
\
# Create default user
useradd --create-home --shell /bin/bash citadel && \
echo "citadel:freedom" | chpasswd && adduser citadel sudo
FROM systemd as docker
# Docker install
RUN apt-get update && apt-get install --no-install-recommends -y \
apt-transport-https \
ca-certificates \
curl \
gnupg \
gnupg-agent \
software-properties-common && \
\
curl -fsSL https://download.docker.com/linux/debian/gpg \
| apt-key add - && \
\
apt-key fingerprint 0EBFCD88 && \
\
add-apt-repository \
"deb [arch=amd64] https://download.docker.com/linux/debian \
$(lsb_release -cs) \
stable" && \
\
apt-get update && apt-get install --no-install-recommends -y \
docker-ce docker-ce-cli containerd.io && \
\
# Housekeeping
apt-get clean -y && \
rm -rf \
/var/cache/debconf/* \
/var/lib/apt/lists/* \
/var/log/* \
/tmp/* \
/var/tmp/* \
/usr/share/doc/* \
/usr/share/man/* \
/usr/share/local/* && \
\
# Add user "citadel" to the Docker group
usermod -a -G docker citadel
# Install Docker Compose V2
RUN mkdir -p /usr/local/lib/docker/cli-plugins/ && \
curl -SL "https://github.com/docker/compose/releases/download/v2.5.0/docker-compose-$(uname -s)-$(uname -m)" \
-o /usr/local/lib/docker/cli-plugins/docker-compose && \
chmod +x /usr/local/lib/docker/cli-plugins/docker-compose
# Sshd install
RUN apt-get update && apt-get install --no-install-recommends -y \
openssh-server && \
mkdir /home/citadel/.ssh && \
chown citadel:citadel /home/citadel/.ssh
FROM docker as citadel
# Install Citadel
RUN apt-get update && \
apt-get install -y --no-install-recommends \
git \
xxd \
net-tools \
micro \
vim \
wget \
fswatch \
rsync \
jq \
python3-dacite \
python3-semver \
python3-jsonschema \
python3-yaml \
python3-requests && \
\
# Housekeeping
apt-get clean -y && \
rm -rf \
/var/cache/debconf/* \
/var/lib/apt/lists/* \
/var/log/* \
/tmp/* \
/var/tmp/* \
/usr/share/doc/* \
/usr/share/man/* \
/usr/share/local/*
# Start Citadel with systemd
COPY citadel-startup.service /lib/systemd/system/
RUN ln -sf /lib/systemd/system/citadel-startup.service \
/etc/systemd/system/multi-user.target.wants/citadel-startup.service
# Update .bashrc
COPY .path /home/citadel/
RUN echo 'source "/home/citadel/.path"' >> /home/citadel/.bashrc
# Expose SSH and HTTP ports
EXPOSE 22
EXPOSE 80
# Make use of stopsignal (instead of sigterm) to stop systemd containers.
STOPSIGNAL SIGRTMIN+3
# Set systemd as entrypoint.
ENTRYPOINT [ "/sbin/init", "--log-level=err" ]