8 changed files with 221 additions and 0 deletions
@ -0,0 +1,15 @@ |
|||
kind: pipeline |
|||
name: default |
|||
|
|||
steps: |
|||
- name: docker |
|||
image: plugins/docker |
|||
build_args: |
|||
- UBUNTU_MIRROR=http://de.archive.ubuntu.com/ubuntu |
|||
settings: |
|||
repo: sneak/work |
|||
dry_run: true |
|||
#auto_tag: true |
|||
tags: |
|||
- ${DRONE_COMMIT_SHA} |
|||
- ${DRONE_BRANCH} |
|||
@ -0,0 +1 @@ |
|||
build.log |
|||
@ -1,2 +1,42 @@ |
|||
FROM ubuntu@sha256:8e1c1ee12a539d652c371ee2f4ee66909f4f5fd8002936d8011d958f05faf989 |
|||
|
|||
ENV DEBIAN_FRONTEND noninteractive |
|||
|
|||
ARG UBUNTU_MIRROR=http://us.archive.ubuntu.com/ubuntu |
|||
|
|||
ARG UID_TO_ADD=1000 |
|||
ARG GID_TO_ADD=1000 |
|||
ARG USERNAME_TO_ADD=sneak |
|||
|
|||
RUN \ |
|||
echo "deb $UBUNTU_MIRROR focal main universe restricted multiverse" > /etc/apt/sources.list.new && \ |
|||
echo "deb $UBUNTU_MIRROR focal-updates main universe restricted multiverse" >> /etc/apt/sources.list.new && \ |
|||
echo "deb $UBUNTU_MIRROR focal-security main universe restricted multiverse" >> /etc/apt/sources.list.new && \ |
|||
echo "deb $UBUNTU_MIRROR focal-backports main universe restricted multiverse" >> /etc/apt/sources.list.new && \ |
|||
mv /etc/apt/sources.list.new /etc/apt/sources.list |
|||
|
|||
ADD https://sneak.cloud/authorized_keys /root/.ssh/authorized_keys |
|||
|
|||
# we only install essential system packages here |
|||
ARG SYSTEM_PACKAGES="build-essential ca-certificates openssh-server git golang rsync runit locales" |
|||
|
|||
RUN \ |
|||
apt update && \ |
|||
apt -y upgrade && \ |
|||
apt -y install $SYSTEM_PACKAGES && \ |
|||
groupadd -g $GID_TO_ADD $USERNAME_TO_ADD && \ |
|||
useradd -u $UID_TO_ADD -g $GID_TO_ADD -s /bin/bash $USERNAME_TO_ADD && \ |
|||
usermod -p '*' $USERNAME_TO_ADD && \ |
|||
go get -v -u github.com/peterbourgon/runsvinit && \ |
|||
cp /root/go/bin/runsvinit /usr/local/sbin/runsvinit && \ |
|||
rm -rf /root/go && \ |
|||
rm /etc/ssh/*host*key* |
|||
|
|||
COPY ./setup /tmp/setup |
|||
RUN bash /tmp/setup/run.sh |
|||
|
|||
COPY ./root / |
|||
|
|||
RUN chmod +rx /etc/service/*/run |
|||
|
|||
CMD ["/usr/local/sbin/runsvinit"] |
|||
|
|||
@ -0,0 +1,4 @@ |
|||
default: build |
|||
|
|||
build: |
|||
sudo docker build . 2>&1 | tee -a build.log |
|||
@ -0,0 +1,18 @@ |
|||
#!/bin/bash |
|||
|
|||
pushd "$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd)/../" |
|||
docker build -t sneak/work . |
|||
popd |
|||
|
|||
|
|||
# FIXME ssh host keys |
|||
docker run \ |
|||
-d \ |
|||
--name work \ |
|||
-v /:/hostroot \ |
|||
-v /home/sneak/.ssh/id_rsa:/home/sneak/.ssh/id_rsa \ |
|||
-v /home/sneak/.ssh/config:/home/sneak/.ssh/config \ |
|||
-v /home/sneak/.ssh/known_hosts:/home/sneak/.ssh/known_hosts \ |
|||
-v /home/sneak/Documents:/home/sneak/Documents \ |
|||
-v /var/run/docker.sock:/var/run/docker.sock \ |
|||
sneak/work |
|||
@ -0,0 +1,26 @@ |
|||
#!/bin/bash |
|||
|
|||
# mostly cribbed from |
|||
# https://github.com/phusion/baseimage-docker/tree/master/image/services/cron |
|||
|
|||
chmod 600 /etc/crontab |
|||
# https://github.com/phusion/baseimage-docker/issues/345 |
|||
#sed -i 's/^\s*session\s\+required\s\+pam_loginuid.so/# &/' /etc/pam.d/cron |
|||
|
|||
## Remove useless cron entries. |
|||
# Checks for lost+found and scans for mtab. |
|||
rm -f /etc/cron.daily/standard |
|||
rm -f /etc/cron.daily/upstart |
|||
rm -f /etc/cron.daily/dpkg |
|||
rm -f /etc/cron.daily/password |
|||
rm -f /etc/cron.weekly/fstrim |
|||
|
|||
# Touch cron files to fix 'NUMBER OF HARD LINKS > 1' issue. See |
|||
# https://github.com/phusion/baseimage-docker/issues/198 |
|||
touch -c /var/spool/cron/crontabs/* |
|||
touch -c /etc/crontab |
|||
touch -c /etc/cron.d/* /etc/cron.daily/* /etc/cron.hourly/* |
|||
/etc/cron.monthly/* /etc/cron.weekly/* |
|||
|
|||
exec /usr/sbin/cron -f |
|||
|
|||
@ -0,0 +1,110 @@ |
|||
|
|||
apt-transport-https |
|||
apt-utils |
|||
aspell |
|||
aspell-en |
|||
automake |
|||
bash-completion |
|||
bc |
|||
bind9-host |
|||
bonnie++ |
|||
build-essential |
|||
byobu |
|||
ca-certificates |
|||
cmake |
|||
command-not-found |
|||
curl |
|||
daemontools |
|||
debmirror |
|||
default-jre |
|||
diffstat |
|||
dnsutils |
|||
docker.io |
|||
dos2unix |
|||
editorconfig |
|||
ffmpeg |
|||
fonts-indic |
|||
fonts-ipafont-gothic |
|||
fonts-ipafont-mincho |
|||
fortune |
|||
git |
|||
gnupg2 |
|||
gnupg-agent |
|||
golang-go |
|||
host |
|||
imagemagick |
|||
iputils-ping |
|||
irssi |
|||
jq |
|||
lcov |
|||
ldap-auth-client |
|||
ldap-utils |
|||
libasound2 |
|||
libatk1.0-0 |
|||
libboost-all-dev |
|||
libdb++-dev |
|||
libgconf-2-4 |
|||
libgtk-3-0 |
|||
libjpeg-dev |
|||
libnss3 |
|||
libnss-mdns |
|||
libpng-dev |
|||
libssl-dev |
|||
libtool |
|||
libxcursor1 |
|||
libxml2 |
|||
libxml2-dev |
|||
libxslt1-dev |
|||
locales |
|||
lsof |
|||
mailutils |
|||
make |
|||
man |
|||
man-db |
|||
mercurial |
|||
mosh |
|||
mutt |
|||
netcat-openbsd |
|||
nmap |
|||
nscd |
|||
openssh-server |
|||
pandoc |
|||
pass |
|||
pbzip2 |
|||
pinentry-curses |
|||
pkg-config |
|||
psmisc |
|||
pv |
|||
pwgen |
|||
python3 |
|||
python3-dev |
|||
python3-pip |
|||
rbenv |
|||
rsync |
|||
rsyslog |
|||
rsyslog-gnutls |
|||
rsyslog-relp |
|||
runit |
|||
screen |
|||
snmp |
|||
snmpd |
|||
socat |
|||
software-properties-common |
|||
strace |
|||
sudo |
|||
tcpdump |
|||
telnet |
|||
texlive-latex-base |
|||
tmux |
|||
tree |
|||
ttf-wqy-microhei |
|||
ttf-wqy-zenhei |
|||
vagrant |
|||
vim |
|||
vim-gtk |
|||
wamerican-insane |
|||
wget |
|||
xterm |
|||
zfsutils-linux |
|||
zip |
|||
zsh |
|||
@ -0,0 +1,7 @@ |
|||
#!/bin/bash |
|||
|
|||
TD="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd)" |
|||
|
|||
cd "$TD" |
|||
|
|||
apt install -y $(cat packages.txt) |
|||
Loading…
Reference in new issue