summaryrefslogtreecommitdiff
path: root/docker
diff options
context:
space:
mode:
authorChristian Poessinger <christian@poessinger.com>2019-01-11 09:15:33 +0100
committerChristian Poessinger <christian@poessinger.com>2019-01-11 09:15:33 +0100
commit4004496e89d2a27cfb4cc3a87253dd9dac54e160 (patch)
tree7b95e9de7f3757af07ae01eaf4436e5415069a82 /docker
parentecc0db23c34219d9b9c343d11a38ad3c8bf3e04c (diff)
downloadvyos-build-4004496e89d2a27cfb4cc3a87253dd9dac54e160.tar.gz
vyos-build-4004496e89d2a27cfb4cc3a87253dd9dac54e160.zip
Docker build files for entrypoint and UIDs
Diffstat (limited to 'docker')
-rw-r--r--docker/Dockerfile164
-rwxr-xr-xdocker/entrypoint.sh27
2 files changed, 191 insertions, 0 deletions
diff --git a/docker/Dockerfile b/docker/Dockerfile
new file mode 100644
index 00000000..2744d291
--- /dev/null
+++ b/docker/Dockerfile
@@ -0,0 +1,164 @@
+# Must be run with --privileged flag
+# Recommended to run the container with a volume mapped
+# in order to easy exprort images built to "external" world
+FROM debian:jessie
+
+RUN echo 'deb http://ftp.debian.org/debian jessie-backports main' | tee -a /etc/apt/sources.list &&\
+ apt-get update && apt-get install -y \
+ gosu \
+ vim \
+ git \
+ make \
+ sudo \
+ locales \
+ live-build \
+ pbuilder \
+ devscripts \
+ python3-pystache \
+ squashfs-tools \
+ autoconf \
+ dpkg-dev \
+ syslinux \
+ genisoimage \
+ lsb-release \
+ fakechroot \
+ kernel-package \
+ libtool \
+ libglib2.0-dev \
+ libboost-filesystem-dev \
+ libapt-pkg-dev \
+ flex \
+ bison \
+ libperl-dev \
+ libnfnetlink-dev \
+ python3-git \
+ parted \
+ kpartx \
+ jq \
+ qemu-system-x86 \
+ qemu-utils \
+ quilt \
+ python3-lxml \
+ python3-setuptools \
+ python3-nose \
+ python3-coverage
+
+# Packages needed for building vyos-strongswan
+RUN apt-get update && apt-get install -y -t jessie-backports \
+ debhelper &&\
+ apt-get install -y \
+ dh-apparmor \
+ gperf \
+ iptables-dev \
+ libcap-dev \
+ libgcrypt20-dev \
+ libgmp3-dev \
+ libldap2-dev \
+ libpam0g-dev \
+ libsystemd-dev \
+ libgmp-dev \
+ iptables \
+ xl2tpd \
+ libcurl4-openssl-dev \
+ libcurl4-openssl-dev \
+ libkrb5-dev \
+ libsqlite3-dev \
+ libssl-dev \
+ libxml2-dev \
+ pkg-config
+
+# Package needed for mdns-repeater
+RUN apt-get update && apt-get install -y -t jessie-backports \
+ dh-systemd
+
+# Packages needed for vyatta-bash
+RUN apt-get update && apt-get install -y \
+ libncurses5-dev \
+ locales
+
+# Packages needed for vyatta-cfg
+RUN apt-get update &&apt-get install -y \
+ libboost-filesystem-dev
+
+# Packages needed for vyatta-iproute
+RUN apt-get update && apt-get install -y \
+ libatm1-dev \
+ libdb-dev
+
+# Packages needed for vyatta-webgui
+RUN apt-get update && apt-get install -y \
+ libexpat1-dev \
+ subversion
+
+# Packages needed for pmacct
+RUN apt-get update && apt-get install -y \
+ libpcap-dev \
+ libpq-dev \
+ libmysqlclient-dev \
+ libgeoip-dev \
+ librabbitmq-dev \
+ libjansson-dev \
+ librdkafka-dev \
+ libnetfilter-log-dev
+
+# Packages needed for vyos-keepalived
+RUN apt-get update && apt-get install -y \
+ libnl-3-dev \
+ libnl-genl-3-dev \
+ libpopt-dev \
+ libsnmp-dev
+
+# Pavkages needed for wireguard
+RUN apt-get update && apt-get install -y \
+ libmnl-dev
+
+# Packages needed for kernel
+RUN apt-get update && apt-get install -y \
+ libelf-dev
+
+# Packages needed for vyos-accel-ppp
+RUN apt-get update && apt-get install -y \
+ cdbs \
+ cmake \
+ liblua5.1-dev
+
+# Packages needed for vyos-frr
+RUN apt-get update && apt-get install -y \
+ texinfo \
+ imagemagick \
+ groff \
+ hardening-wrapper \
+ gawk \
+ chrpath \
+ libjson0 \
+ libjson0-dev \
+ python-ipaddr
+
+# Update live-build
+RUN echo 'deb http://ftp.debian.org/debian stretch main' | tee -a /etc/apt/sources.list.d/stretch.list &&\
+ apt-get update &&\
+ apt-get install -y -t stretch live-build &&\
+ rm -f /etc/apt/sources.list.d/stretch.list &&\
+ apt-get update &&\
+ rm -rf /var/lib/apt/lists/*
+
+# Standard shell should be bash not dash
+RUN echo "dash dash/sh boolean false" | debconf-set-selections && \
+ DEBIAN_FRONTEND=noninteractive dpkg-reconfigure dash
+
+RUN echo "en_US.UTF-8 UTF-8" > /etc/locale.gen && locale-gen
+ENV LANG en_US.utf8
+
+# Install packer
+RUN export LATEST="$(curl -s https://checkpoint-api.hashicorp.com/v1/check/packer | \
+ jq -r -M '.current_version')"; \
+ echo "url https://releases.hashicorp.com/packer/"$LATEST"/packer_"$LATEST"_linux_amd64.zip" |\
+ curl -K- | gzip -d > /usr/bin/packer && \
+ chmod +x /usr/bin/packer
+
+# Allow password-less 'sudo' for all users in group 'sudo'
+RUN sed "s/^%sudo.*/%sudo\tALL=(ALL) NOPASSWD:ALL/g" -i /etc/sudoers && \
+ chmod a+s /usr/sbin/useradd /usr/sbin/gosu /usr/sbin/usermod
+
+COPY entrypoint.sh /usr/local/bin/entrypoint.sh
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
diff --git a/docker/entrypoint.sh b/docker/entrypoint.sh
new file mode 100755
index 00000000..00e1e139
--- /dev/null
+++ b/docker/entrypoint.sh
@@ -0,0 +1,27 @@
+#!/bin/bash
+set -e
+
+USER_NAME="vyos_bld"
+NEW_UID=$(stat -c "%u" .)
+NEW_GID=$(stat -c "%g" .)
+
+# Change effective UID to the one specified via "-e GOSU_UID=`id -u $USER`"
+if [ -n "$GOSU_UID" ]; then
+ NEW_UID=$GOSU_UID
+fi
+
+# Change effective UID to the one specified via "-e GOSU_GID=`id -g $USER`"
+if [ -n "$GOSU_GID" ]; then
+ NEW_GID=$GOSU_GID
+fi
+
+# Notify user about selected UID/GID
+echo "Current UID/GID: $NEW_UID/$NEW_GID"
+
+useradd --shell /bin/bash -u $NEW_UID -g $NEW_GID -o -m $USER_NAME
+usermod -aG sudo $USER_NAME
+sudo chown $NEW_UID:$NEW_GID /home/$USER_NAME
+export HOME=/home/$USER_NAME
+
+# Execute process
+exec /usr/sbin/gosu $USER_NAME "$@"