Public | Automated Build

Last pushed: 7 months ago
Dockerfile
FROM zeroc0d3lab/centos-base-workspace:latest MAINTAINER ZeroC0D3 Team <zeroc0d3.team@gmail.com> #----------------------------------------------------------------------------- # Set Environment #----------------------------------------------------------------------------- ENV PATH_HOME=/home/docker \ PATH_WORKSPACE=/home/docker/workspace \ PATH_APPLICATION=/home/docker/workspace #----------------------------------------------------------------------------- # Set Environment #----------------------------------------------------------------------------- ENV SSH_AUTHORIZED_KEYS='' \ SSH_AUTOSTART_SSHD=true \ SSH_AUTOSTART_SSHD_BOOTSTRAP=true \ SSH_CHROOT_DIRECTORY='%h' \ SSH_INHERIT_ENVIRONMENT=false \ SSH_SUDO='ALL=(ALL) ALL' \ SSH_USER='docker' \ SSH_USER_FORCE_SFTP=false \ SSH_USER_HOME='/home/%u'\ SSH_USER_ID='1001:1001' \ SSH_USER_PASSWORD='docker' \ SSH_ROOT_PASSWORD='docker' \ SSH_USER_PASSWORD_HASHED=false \ SSH_USER_SHELL='/bin/bash' \ PATH_HOME=/home/docker \ PATH_WORKSPACE=/home/docker/workspace #----------------------------------------------------------------------------- # Find Fastest Repo & Update Repo #----------------------------------------------------------------------------- RUN yum makecache fast \ && yum -y update #----------------------------------------------------------------------------- # Install Workspace Dependency #----------------------------------------------------------------------------- RUN yum -y install \ --setopt=tsflags=nodocs \ --disableplugin=fastestmirror \ libnice-devel \ && ln -sf /usr/bin/nice /bin/nice #----------------------------------------------------------------------------- # Install Python 3.5 #----------------------------------------------------------------------------- RUN yum -y install https://centos7.iuscommunity.org/ius-release.rpm \ && yum -y update \ && yum -y install python35u python35u-libs python35u-devel python35u-pip #----------------------------------------------------------------------------- # Install Python 2.7 #----------------------------------------------------------------------------- # RUN yum -y rpm-build \ # redhat-rpm-config \ # yum-utils \ # && yum -y groupinstall "Development Tools" \ # && sudo yum-builddep -y python-2.7.11-4.fc24.src.rpm \ # && mkdir -p ~/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS} \ # && cd ~/rpmbuild/SRPMS \ # && curl -O https://kojipkgs.fedoraproject.org//packages/python/2.7.11/4.fc24/src/python-2.7.11-4.fc24.src.rpm \ # && cd ~/rpmbuild/SRPMS \ # && rpmbuild --rebuild python-2.7.11-4.fc24.src.rpm \ # && cd ~/rpmbuild/SPECS/ \ # && sed -i -e "s/^%global run_selftest_suite 1/%global run_selftest_suite 0/g" python.spec # OPTIONAL \ # && rpmbuild -ba python.spec \ # && cd ~/rpmbuild/SRPMS/ \ # && rpmbuild --rebuild python2711-2.7.11-4.el7.centos.src.rpm \ # && cd ~/rpmbuild/RPMS/ \ # && sudo yum localinstall --nogpgcheck python-libs-2.7.11-4.el7.centos.x86_64.rpm python-2.7.11-4.el7.centos.x86_64.rpm #----------------------------------------------------------------------------- # Clean Up All Cache #----------------------------------------------------------------------------- RUN yum clean all # ----------------------------------------------------------------------------- # Install supervisord (required to run more than a single process in a container) # Note: EPEL package lacks /usr/bin/pidproxy # We require supervisor-stdout to allow output of services started by # supervisord to be easily inspected with "docker logs". # ----------------------------------------------------------------------------- RUN easy_install \ 'supervisor == 3.3.1' \ 'supervisor-stdout == 0.1.1' \ && mkdir -p \ /var/log/supervisor/ # ----------------------------------------------------------------------------- # UTC Timezone & Networking # ----------------------------------------------------------------------------- RUN ln -sf \ /usr/share/zoneinfo/UTC \ /etc/localtime \ && echo "NETWORKING=yes" > /etc/sysconfig/network # ----------------------------------------------------------------------------- # Configure SSH for non-root public key authentication # ----------------------------------------------------------------------------- RUN sed -i \ -e 's~^PasswordAuthentication yes~PasswordAuthentication no~g' \ -e 's~^#PermitRootLogin yes~PermitRootLogin no~g' \ -e 's~^#UseDNS yes~UseDNS no~g' \ -e 's~^\(.*\)/usr/libexec/openssh/sftp-server$~\1internal-sftp~g' \ /etc/ssh/sshd_config # ----------------------------------------------------------------------------- # Enable the wheel sudoers group # ----------------------------------------------------------------------------- RUN sed -i \ -e 's~^# %wheel\tALL=(ALL)\tALL~%wheel\tALL=(ALL) ALL~g' \ -e 's~\(.*\) requiretty$~#\1requiretty~' \ /etc/sudoers #----------------------------------------------------------------------------- # Set Configuration #----------------------------------------------------------------------------- COPY rootfs/ / #----------------------------------------------------------------------------- # Setup SSHD & Supervisord #----------------------------------------------------------------------------- RUN mkdir -p \ /etc/supervisord.d/ \ && cp -pf \ /etc/ssh/sshd_config \ /etc/services-config/ssh/ \ && ln -sf \ /etc/services-config/ssh/sshd_config \ /etc/ssh/sshd_config \ && ln -sf \ /etc/services-config/ssh/sshd-bootstrap.conf \ /etc/sshd-bootstrap.conf \ && ln -sf \ /etc/services-config/ssh/sshd-bootstrap.env \ /etc/sshd-bootstrap.env \ && ln -sf \ /etc/services-config/supervisor/supervisord.conf \ /etc/supervisord.conf \ && ln -sf \ /etc/services-config/supervisor/supervisord.d/sshd-wrapper.conf \ /etc/supervisord.d/sshd-wrapper.conf \ && ln -sf \ /etc/services-config/supervisor/supervisord.d/sshd-bootstrap.conf \ /etc/supervisord.d/sshd-bootstrap.conf \ && chmod 700 \ /usr/sbin/{scmi,sshd-{bootstrap,wrapper}} USER root #----------------------------------------------------------------------------- # Change 'root' & 'docker' user Password #----------------------------------------------------------------------------- # RUN echo 'root:'${SSH_ROOT_PASSWORD} | chpasswd RUN echo 'root:docker' | chpasswd \ && echo 'docker:docker' | chpasswd #----------------------------------------------------------------------------- # Generate Public Key #----------------------------------------------------------------------------- # Create new public key RUN /usr/bin/ssh-keygen -t rsa -b 4096 -C "zeroc0d3.team@gmail.com" -f $HOME/.ssh/id_rsa -q -N ""; sync RUN mkdir -p $HOME/.ssh \ && touch $HOME/.ssh/authorized_keys \ && chmod 700 $HOME/.ssh \ && chmod go-w $HOME $HOME/.ssh \ && chmod 600 $HOME/.ssh/authorized_keys \ && chown `whoami` $HOME/.ssh/authorized_keys \ && cat $HOME/.ssh/id_rsa.pub > $HOME/.ssh/authorized_keys # Create new pem file from public key RUN /usr/bin/ssh-keygen -f $HOME/.ssh/id_rsa.pub -e -m pem > $HOME/.ssh/id_rsa.pem # Create new public key for host RUN /usr/bin/ssh-keygen -A RUN mkdir -p /home/docker/.ssh \ && touch /home/docker/.ssh/authorized_keys \ && cat $HOME/.ssh/id_rsa.pub > /home/docker/.ssh/authorized_keys \ && /usr/bin/ssh-keygen -f $HOME/.ssh/id_rsa.pub -e -m pem > /home/docker/.ssh/id_rsa.pem \ && chmod 700 /home/docker/.ssh \ && chmod 600 /home/docker/.ssh/authorized_keys \ && chmod 600 /home/docker/.ssh/id_rsa* #----------------------------------------------------------------------------- # Create Workspace Application Folder #----------------------------------------------------------------------------- RUN mkdir -p ${PATH_WORKSPACE} #----------------------------------------------------------------------------- # Fixing ownership for 'docker' user #----------------------------------------------------------------------------- RUN chown -R docker:docker ${PATH_HOME} #----------------------------------------------------------------------------- # Cleanup 'root', 'opt' & 'tmp' folder #----------------------------------------------------------------------------- RUN rm -f /root/*.tar.gz \ && rm -f /root/*.zip \ && rm -f /opt/*.tar.gz \ && rm -f /opt/*.zip \ && rm -f /tmp/*.tar.gz \ && rm -f /tmp/*.zip #----------------------------------------------------------------------------- # Set PORT Docker Container #----------------------------------------------------------------------------- EXPOSE 22 #----------------------------------------------------------------------------- # Set Volume Docker Workspace #----------------------------------------------------------------------------- VOLUME [${PATH_WORKSPACE}] #----------------------------------------------------------------------------- # Run Init Docker Container #----------------------------------------------------------------------------- ENTRYPOINT ["/init"] CMD ["/usr/bin/supervisord", "--configuration=/etc/supervisord.conf"] #----------------------------------------------------------------------------- # Check Docker Container #----------------------------------------------------------------------------- # HEALTHCHECK CMD [ $(curl -sI -w '%{http_code}' --out /dev/null http://localhost:8500/v1/agent/self) == "200" ] || exit 1 HEALTHCHECK CMD --interval=5m --timeout=3s /etc/cont-consul/check || exit 1
Source Repository