github.com/ericwq/aprilsh@v0.0.0-20240517091432-958bc568daa0/build/openrc.dockerfile (about) 1 FROM alpine:3.19 2 LABEL maintainer="Wang Qi ericwq057@qq.com" 3 LABEL build_date="2024-02-05" 4 # ref https://github.com/robertdebock/docker-alpine-openrc/blob/master/Dockerfile 5 6 ENV container=docker 7 8 ARG ROOT_PWD=inject_from_args 9 ARG USER_PWD=inject_from_args 10 ARG SSH_PUB_KEY 11 ARG HOME=/home/eric 12 13 # Enable init. 14 RUN apk add --update --no-cache sudo openrc openssh-server utmps rsyslog tzdata htop \ 15 && apk add --no-cache --virtual .build-dependencies uuidgen \ 16 && uuidgen -r > /etc/machine-id \ 17 # Disable getty's 18 && sed -i 's/^\(tty\d\:\:\)/#\1/g' /etc/inittab \ 19 && sed -i \ 20 # Change subsystem type to "docker" 21 -e 's/#rc_sys=".*"/rc_sys="docker"/g' \ 22 # Allow all variables through 23 -e 's/#rc_env_allow=".*"/rc_env_allow="\*"/g' \ 24 # Start crashed services 25 -e 's/#rc_crashed_stop=.*/rc_crashed_stop=NO/g' \ 26 -e 's/#rc_crashed_start=.*/rc_crashed_start=YES/g' \ 27 # Define extra dependencies for services 28 -e 's/#rc_provide=".*"/rc_provide="loopback net"/g' \ 29 /etc/rc.conf \ 30 # Remove unnecessary services 31 && rm -f /etc/init.d/hwdrivers \ 32 /etc/init.d/hwclock \ 33 /etc/init.d/hwdrivers \ 34 /etc/init.d/modules \ 35 /etc/init.d/modules-load \ 36 /etc/init.d/machine-id \ 37 /etc/init.d/modloop \ 38 # Can't do cgroups 39 && sed -i 's/cgroup_add_service /# cgroup_add_service /g' /lib/rc/sh/openrc-run.sh \ 40 && sed -i 's/VSERVER/DOCKER/Ig' /lib/rc/sh/init.sh \ 41 && apk del .build-dependencies 42 43 # Create user/group 44 # eric/develop 45 # 46 RUN addgroup develop && adduser -D -h $HOME -s /bin/ash -G develop eric 47 # RUN mkdir -p $GOPATH && chown -R eric:develop $GOPATH 48 RUN echo 'eric ALL=(ALL) NOPASSWD:ALL' > /etc/sudoers.d/eric 49 50 51 USER eric:develop 52 WORKDIR $HOME 53 54 # setup ssh for user eric 55 # setup public key login for normal user 56 # 57 RUN mkdir -p $HOME/.ssh \ 58 && chmod 0700 $HOME/.ssh \ 59 && echo "$SSH_PUB_KEY" > $HOME/.ssh/authorized_keys 60 61 USER root 62 63 # enable sshd, permit root login, enable port 22, generate ssh key. 64 # 65 RUN rc-update add sshd boot \ 66 && sed -i \ 67 -e 's/#PermitRootLogin.*/PermitRootLogin\ yes/g' \ 68 -e 's/#PubkeyAuthentication.*/PubkeyAuthentication\ yes/g' \ 69 -e 's/#Port 22/Port 22/g' \ 70 /etc/ssh/sshd_config \ 71 # && echo '%wheel ALL=(ALL) ALL' > /etc/sudoers.d/wheel \ 72 # && ssh-keygen -A \ 73 # && adduser eric wheel \ 74 && rm -rf /var/cache/apk/* 75 76 # enable rsyslog 77 RUN rc-update add rsyslog boot 78 # enable rsyslog and imudp module 79 # How do I match any character across multiple lines in a regular expression? 80 # https://stackoverflow.com/questions/159118/how-do-i-match-any-character-across-multiple-lines-in-a-regular-expression 81 # 82 # GNU sed live editor - JS.ORG 83 # https://sed.js.org/ 84 # 85 # RUN rc-update add rsyslog boot \ 86 # # H;1h;$!d;x; slurps the file into memory 87 # && sed -i \ 88 # 'H;1h;$!d;x; s/#module.*imudp\(.*\)514\(.*\)#)/module(load="imudp")\ninput(type="imudp" port="514")/g' \ 89 # /etc/rsyslog.conf 90 91 # enable root login, for debug dockerfile purpose. 92 # set root password 93 # set eric password 94 # set root public key login 95 RUN mkdir -p /root/.ssh \ 96 && chmod 0700 /root/.ssh \ 97 && echo "root:${ROOT_PWD}" | chpasswd \ 98 && echo "eric:${USER_PWD}" | chpasswd \ 99 && echo "$SSH_PUB_KEY" > /root/.ssh/authorized_keys 100 101 VOLUME ["/sys/fs/cgroup"] 102 103 EXPOSE 22 104 EXPOSE 8101/udp 105 EXPOSE 8102/udp 106 EXPOSE 8103/udp 107 108 CMD ["/sbin/init"]