mirror of
https://github.com/jessfraz/dockerfiles.git
synced 2025-04-20 10:52:46 +02:00
update dockerfiles
Signed-off-by: Jess Frazelle <acidburn@google.com>
This commit is contained in:
Jess Frazelle
parent
31f2da120e
commit
f00de2f089
@ -2,8 +2,6 @@
|
|||||||
set -e
|
set -e
|
||||||
set -o pipefail
|
set -o pipefail
|
||||||
|
|
||||||
GRSEC_VERSION=3.1-4.4.5-201603142220
|
|
||||||
|
|
||||||
linux_next(){
|
linux_next(){
|
||||||
(
|
(
|
||||||
cd /usr/src
|
cd /usr/src
|
||||||
@ -72,28 +70,10 @@ install_kernel(){
|
|||||||
git clone --depth 1 --branch aufs${MAJOR_MINOR_VERSION} --single-branch https://github.com/sfjro/aufs4-standalone.git $aufsdir
|
git clone --depth 1 --branch aufs${MAJOR_MINOR_VERSION} --single-branch https://github.com/sfjro/aufs4-standalone.git $aufsdir
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ "$OPT" == "grsec" ]]; then
|
|
||||||
# get the grsec patches
|
|
||||||
grsecdir=/tmp/grsec
|
|
||||||
if [[ -d $grsecdir ]]; then
|
|
||||||
rm -rf $grsecdir
|
|
||||||
fi
|
|
||||||
mkdir -p $grsecdir
|
|
||||||
curl -sSL -o "${grsecdir}/grsecurity.patch" "https://grsecurity.net/test/grsecurity-${GRSEC_VERSION}.patch"
|
|
||||||
curl -sSL -o "${grsecdir}/grsecurity.patch.sig" "https://grsecurity.net/test/grsecurity-${GRSEC_VERSION}.patch.sig"
|
|
||||||
# add the gpg key
|
|
||||||
gpg --no-tty --keyserver pgp.mit.edu --recv-keys "DE94 52CE 46F4 2094 907F 108B 44D1 C0F8 2525 FE49"
|
|
||||||
# verify the patch
|
|
||||||
gpg --verify $grsecdir/grsecurity.patch.sig
|
|
||||||
fi
|
|
||||||
|
|
||||||
# apply the patches and compile the kernel
|
# apply the patches and compile the kernel
|
||||||
cd /usr/src/linux-${VERSION}
|
cd /usr/src/linux-${VERSION}
|
||||||
|
|
||||||
# apply the patches
|
# apply the patches
|
||||||
if [[ "$OPT" == "grsec" ]]; then
|
|
||||||
patch -p1 < $grsecdir/grsecurity.patch || true
|
|
||||||
fi
|
|
||||||
if [[ "$OPT" == "aufs" ]]; then
|
if [[ "$OPT" == "aufs" ]]; then
|
||||||
git apply $aufsdir/aufs4-kbuild.patch
|
git apply $aufsdir/aufs4-kbuild.patch
|
||||||
git apply $aufsdir/aufs4-base.patch
|
git apply $aufsdir/aufs4-base.patch
|
||||||
@ -107,11 +87,6 @@ install_kernel(){
|
|||||||
rm -rf $aufsdir
|
rm -rf $aufsdir
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ "$OPT" == "grsec" ]]; then
|
|
||||||
# remove grsecdir
|
|
||||||
rm -rf $grsecdir
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ ! -f .config ]] && [[ -f ../config ]]; then
|
if [[ ! -f .config ]] && [[ -f ../config ]]; then
|
||||||
cp ../config .config
|
cp ../config .config
|
||||||
if [[ "$OPT" == "aufs" ]]; then
|
if [[ "$OPT" == "aufs" ]]; then
|
||||||
|
|||||||
@ -47,7 +47,7 @@ get_latest() {
|
|||||||
if [[ "$tag" =~ "$current" ]] || [[ "$name" =~ "$current" ]] || [[ "$current" =~ "$tag" ]] || [[ "$current" == "master" ]]; then
|
if [[ "$tag" =~ "$current" ]] || [[ "$name" =~ "$current" ]] || [[ "$current" =~ "$tag" ]] || [[ "$current" == "master" ]]; then
|
||||||
echo -e "\e[36m${dir}:\e[39m current ${current} | ${tag} | ${name}"
|
echo -e "\e[36m${dir}:\e[39m current ${current} | ${tag} | ${name}"
|
||||||
else
|
else
|
||||||
if [[ "$dir" != "vscode" ]] && [[ "$dir" != "zookeeper" ]]; then
|
if [[ "$dir" != "zookeeper" ]]; then
|
||||||
bad_versions+=( "${dir}" )
|
bad_versions+=( "${dir}" )
|
||||||
fi
|
fi
|
||||||
echo -e "\e[31m${dir}:\e[39m current ${current} | ${tag} | ${name} | https://github.com/${repo}/releases"
|
echo -e "\e[31m${dir}:\e[39m current ${current} | ${tag} | ${name} | https://github.com/${repo}/releases"
|
||||||
@ -65,6 +65,7 @@ curl/curl
|
|||||||
opendnssec/SoftHSMv2
|
opendnssec/SoftHSMv2
|
||||||
google/guetzli
|
google/guetzli
|
||||||
irssi/irssi
|
irssi/irssi
|
||||||
|
keepassxreboot/keepassxc
|
||||||
zyedidia/micro
|
zyedidia/micro
|
||||||
bitly/oauth2_proxy
|
bitly/oauth2_proxy
|
||||||
JonnyWong16/plexpy
|
JonnyWong16/plexpy
|
||||||
@ -75,8 +76,8 @@ tarsnap/tarsnap
|
|||||||
fcambus/telize
|
fcambus/telize
|
||||||
mitchellh/vagrant
|
mitchellh/vagrant
|
||||||
hashicorp/vault
|
hashicorp/vault
|
||||||
microsoft/vscode
|
|
||||||
facebook/watchman
|
facebook/watchman
|
||||||
|
wireguard/wireguard
|
||||||
znc/znc
|
znc/znc
|
||||||
apache/zookeeper
|
apache/zookeeper
|
||||||
)
|
)
|
||||||
|
|||||||
@ -12,65 +12,49 @@
|
|||||||
FROM debian:stretch
|
FROM debian:stretch
|
||||||
LABEL maintainer "Jessie Frazelle <jess@linux.com>"
|
LABEL maintainer "Jessie Frazelle <jess@linux.com>"
|
||||||
|
|
||||||
|
# Tell debconf to run in non-interactive mode
|
||||||
|
ENV DEBIAN_FRONTEND noninteractive
|
||||||
|
|
||||||
RUN apt-get update && apt-get install -y \
|
RUN apt-get update && apt-get install -y \
|
||||||
|
apt-transport-https \
|
||||||
|
ca-certificates \
|
||||||
|
curl \
|
||||||
gnupg \
|
gnupg \
|
||||||
|
--no-install-recommends
|
||||||
|
|
||||||
|
# Add the vscode debian repo
|
||||||
|
RUN curl -sSL https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor | apt-key add -
|
||||||
|
RUN echo "deb [arch=amd64] https://packages.microsoft.com/repos/vscode stable main" > /etc/apt/sources.list.d/vscode.list
|
||||||
|
|
||||||
|
RUN apt-get update && apt-get -y install \
|
||||||
|
code \
|
||||||
libasound2 \
|
libasound2 \
|
||||||
libatk1.0-0 \
|
libatk1.0-0 \
|
||||||
libcairo2 \
|
libcairo2 \
|
||||||
libcups2 \
|
libcups2 \
|
||||||
libdatrie1 \
|
libexpat1 \
|
||||||
libdbus-1-3 \
|
|
||||||
libfontconfig1 \
|
libfontconfig1 \
|
||||||
libfreetype6 \
|
libfreetype6 \
|
||||||
libgconf-2-4 \
|
|
||||||
libgcrypt20 \
|
|
||||||
libgl1-mesa-dri \
|
|
||||||
libgl1-mesa-glx \
|
|
||||||
libgdk-pixbuf2.0-0 \
|
|
||||||
libglib2.0-0 \
|
|
||||||
libgtk2.0-0 \
|
libgtk2.0-0 \
|
||||||
libgpg-error0 \
|
|
||||||
libgraphite2-3 \
|
|
||||||
libnotify-bin \
|
|
||||||
libnss3 \
|
|
||||||
libnspr4 \
|
|
||||||
libpango-1.0-0 \
|
libpango-1.0-0 \
|
||||||
libpangocairo-1.0-0 \
|
libx11-xcb1 \
|
||||||
libxcomposite1 \
|
libxcomposite1 \
|
||||||
libxcursor1 \
|
libxcursor1 \
|
||||||
libxdmcp6 \
|
libxdamage1 \
|
||||||
|
libxext6 \
|
||||||
|
libxfixes3 \
|
||||||
libxi6 \
|
libxi6 \
|
||||||
libxrandr2 \
|
libxrandr2 \
|
||||||
libxrender1 \
|
libxrender1 \
|
||||||
libxss1 \
|
libxss1 \
|
||||||
libxtst6 \
|
libxtst6 \
|
||||||
liblzma5 \
|
--no-install-recommends \
|
||||||
libxkbfile1 \
|
&& rm -rf /var/lib/apt/lists/*
|
||||||
--no-install-recommends
|
|
||||||
|
|
||||||
ENV HOME /home/user
|
ENV HOME /home/user
|
||||||
RUN useradd --create-home --home-dir $HOME user \
|
RUN useradd --create-home --home-dir $HOME user \
|
||||||
&& chown -R user:user $HOME
|
&& chown -R user:user $HOME
|
||||||
|
|
||||||
# https://code.visualstudio.com/Download
|
|
||||||
ENV CODE_VERSION 1.12.2-1494422229
|
|
||||||
ENV CODE_COMMIT 19222cdc84ce72202478ba1cec5cb557b71163de
|
|
||||||
|
|
||||||
# download the source
|
|
||||||
RUN buildDeps=' \
|
|
||||||
ca-certificates \
|
|
||||||
curl \
|
|
||||||
' \
|
|
||||||
&& set -x \
|
|
||||||
&& apt-get update && apt-get install -y $buildDeps --no-install-recommends \
|
|
||||||
&& curl -sL https://deb.nodesource.com/setup_6.x | bash - \
|
|
||||||
&& apt-get update && apt-get install -y nodejs --no-install-recommends \
|
|
||||||
&& rm -rf /var/lib/apt/lists/* \
|
|
||||||
&& curl -sSL "https://az764295.vo.msecnd.net/stable/${CODE_COMMIT}/code_${CODE_VERSION}_amd64.deb" -o /tmp/vs.deb \
|
|
||||||
&& apt-get purge -y --auto-remove $buildDeps \
|
|
||||||
&& dpkg -i /tmp/vs.deb \
|
|
||||||
&& rm -rf /tmp/vs.deb
|
|
||||||
|
|
||||||
COPY start.sh /usr/local/bin/start.sh
|
COPY start.sh /usr/local/bin/start.sh
|
||||||
|
|
||||||
WORKDIR $HOME
|
WORKDIR $HOME
|
||||||
|
|||||||
@ -17,7 +17,7 @@ RUN apk add --no-cache \
|
|||||||
libmnl-dev
|
libmnl-dev
|
||||||
|
|
||||||
# https://git.zx2c4.com/WireGuard/refs/
|
# https://git.zx2c4.com/WireGuard/refs/
|
||||||
ENV WIREGUARD_VERSION 0.0.20170517
|
ENV WIREGUARD_VERSION 0.0.20170531
|
||||||
|
|
||||||
RUN set -x \
|
RUN set -x \
|
||||||
&& apk add --no-cache --virtual .build-deps \
|
&& apk add --no-cache --virtual .build-deps \
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user