updates and cleanups

Signed-off-by: Jess Frazelle <jess@mesosphere.com>

buttslock/Dockerfile

@@ -9,7 +9,16 @@
 # And it also requires the USER and DISPLAY environment variables to be set.
 #
 FROM alpine
-RUN apk update
-RUN apk add i3lock imagemagick py-dbus py-gobject scrot ttf-liberation xkeyboard-config
-ADD buttslock.py buttslock.sh lock.png /
-CMD /buttslock.py
+RUN apk --update add \
+	i3lock \
+	imagemagick \
+	py-dbus \
+	py-gobject \
+	scrot \
+	ttf-liberation \
+	xkeyboard-config \
+	&& rm -rf /var/cache/apk/*
+
+COPY buttslock.py buttslock.sh lock.png /
+
+CMD ["/buttslock.py"]

gitiles/Dockerfile

@@ -0,0 +1,28 @@
+FROM java:8-alpine
+MAINTAINER Jessica Frazelle <jess@docker.com>
+
+RUN apk --update add \
+	apache-ant \
+	bash \
+	git \
+	perl \
+	python \
+	zip \
+	--update-cache --repository http://dl-3.alpinelinux.org/alpine/edge/testing/ \
+	&& rm -rf /var/cache/apk/*
+
+# install buck
+RUN git clone --depth 1 https://github.com/facebook/buck.git /buck \
+	&& cd /buck \
+	&& ant \
+	&& ln -snfv ${PWD}/bin/buck /usr/bin/buck
+
+RUN git clone  --depth 1 --recurse-submodules https://gerrit.googlesource.com/gitiles /gitiles \
+	&& cd /gitiles \
+	&& touch .nobuckcheck \
+	&& git submodule update --init \
+	&& buck build all
+
+COPY ./start.sh /start.sh
+
+ENTRYPOINT [ "/start.sh" ]

gitiles/start.sh

@@ -0,0 +1,12 @@
+#!/bin/sh
+set -e
+
+ROOT="/gitiles"
+PROPERTIES=
+
+if [ "x$1" != "x" ]; then
+  PROPERTIES="-Dcom.google.gitiles.configPath=$1"
+fi
+PROPERTIES="$PROPERTIES -Dcom.google.gitiles.sourcePath=$ROOT"
+
+exec java $PROPERTIES -jar "$ROOT/buck-out/gen/gitiles-dev/dev.jar"

gitserver/Dockerfile

@@ -0,0 +1,34 @@
+# Run a git server in a container.
+#
+# docker run --rm -it -p 1234:22 \
+# 	-e DEBUG=true \
+# 	-e "PUBKEY=$(cat ~/.ssh/id_ed25519.pub)" \
+# 	--name gitserver \
+# 	jess/gitserver
+FROM alpine:latest
+MAINTAINER Jessica Frazelle <jess@docker.com>
+
+ENV HOME /root
+
+RUN apk update && apk add \
+	git \
+	openssh \
+	&& rm -rf /var/cache/apk/* \
+	&& sed -i "s/#PasswordAuthentication yes/PasswordAuthentication no/" /etc/ssh/sshd_config \
+	&& sed -i "s/#PubkeyAuthentication yes/PubkeyAuthentication yes/" /etc/ssh/sshd_config \
+	&& echo -e "AllowUsers git\n" >> /etc/ssh/sshd_config \
+	&& echo -e "Port 22\n" >> /etc/ssh/sshd_config \
+	&& addgroup git \
+	&& adduser -D -S -s /usr/bin/git-shell -h /home/git -g git git \
+	&& mkdir -p /home/git/.ssh \
+	&& chown -R git:git /home/git \
+	&& passwd -u git
+
+ENV HOME /home/git
+EXPOSE 22
+WORKDIR $HOME
+
+COPY ./start.sh /
+
+ENTRYPOINT ["/start.sh"]
+CMD ["/usr/sbin/sshd", "-D", "-e", "-f", "/etc/ssh/sshd_config"]

gitserver/start.sh

@@ -0,0 +1,61 @@
+#!/bin/sh
+set -e
+
+[ "$DEBUG" == 'true' ] && set -x
+
+DAEMON=sshd
+HOSTKEY=/etc/ssh/ssh_host_ed25519_key
+
+# create the host key if not already created
+if [ ! -f "${HOSTKEY}" ]; then
+	ssh-keygen -A
+fi
+
+[ "$PUBKEY" ] && echo "$PUBKEY" > ${HOME}/.ssh/authorized_keys
+
+# Fix permissions, if writable
+if [ -w ${HOME}/.ssh ]; then
+    chown git:git ${HOME}/.ssh && chmod 700 ${HOME}/.ssh/
+fi
+if [ -w ${HOME}/.ssh/authorized_keys ]; then
+    chown git:git ${HOME}/.ssh/authorized_keys
+    chmod 600 ${HOME}/.ssh/authorized_keys
+fi
+
+# Warn if no config
+if [ ! -e ${HOME}/.ssh/authorized_keys ]; then
+  echo "WARNING: No SSH authorized_keys found for git"
+fi
+
+# set the default shell
+mkdir -p $HOME/git-shell-commands
+cat >$HOME/git-shell-commands/no-interactive-login <<\EOF
+#!/bin/sh
+printf '%s\n' "Hi $USER! You've successfully authenticated, but I do not"
+printf '%s\n' "provide interactive shell access."
+exit 128
+EOF
+chmod +x $HOME/git-shell-commands/no-interactive-login
+
+stop() {
+    echo "Received SIGINT or SIGTERM. Shutting down $DAEMON"
+    # Get PID
+    pid=$(cat /var/run/$DAEMON/$DAEMON.pid)
+    # Set TERM
+    kill -SIGTERM "${pid}"
+    # Wait for exit
+    wait "${pid}"
+    # All done.
+    echo "Done."
+}
+
+echo "Running $@"
+if [ "$(basename $1)" == "$DAEMON" ]; then
+    trap stop SIGINT SIGTERM
+    $@ &
+    pid="$!"
+    mkdir -p /var/run/$DAEMON && echo "${pid}" > /var/run/$DAEMON/$DAEMON.pid
+    wait "${pid}" && exit $?
+else
+    exec "$@"
+fi

mailman/Dockerfile

@@ -17,9 +17,9 @@ RUN apt-get update && apt-get install -y \
 	&& rm -rf /var/lib/apt/lists/*
 
 # Lighttpd configuration
-ADD lighttpd.conf /etc/lighttpd/lighttpd.conf
+COPY lighttpd.conf /etc/lighttpd/lighttpd.conf
 
-ADD supervisord.conf /etc/supervisor/conf.d/supervisord.conf
+COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
 
 EXPOSE 25 80
 

sentry/Dockerfile

@@ -29,7 +29,7 @@ RUN pip install psycopg2 sentry
 
 EXPOSE 9000
 
-ADD sentry.conf.py /sentry.conf.py
+COPY sentry.conf.py /sentry.conf.py
 
 ENTRYPOINT ["/usr/local/bin/sentry", "--config=/sentry.conf.py"]