segfault/master/Dockerfile


# sf-master
FROM ubuntu:22.04
RUN    apt-get update \
       && apt-get install -y --no-install-recommends \
              ca-certificates \
              curl \
              fcgiwrap \
              fping \
              gnupg \
              inetutils-ping \
              iptables \
              iproute2 \
              iperf \
              lsb-release \
              net-tools \
              netcat \
              nginx \
              psmisc \
              redis-tools \
              tcpdump \
              wget \
              wireguard-tools \
              vim
COPY init-master.sh /
COPY /cgi-bin/ /cgi-bin

RUN bash -c '{ true \
              && cp /usr/bin/nsenter /usr/bin/nsenter.u1000 \
              && chown 1000:1000 /usr/bin/nsenter.u1000 \
              && chmod ug+s /usr/bin/nsenter.u1000 \
              && setcap "CAP_SYS_ADMIN+eip" /usr/bin/nsenter.u1000 \
              && rm /usr/sbin/iptables \
              && cp /usr/sbin/xtables-nft-multi /usr/sbin/iptables \
              && chmod u+s /usr/sbin/iptables \
              && curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg \
              && echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null \
              && apt-get update \
              && apt-get install -y --no-install-recommends docker-ce-cli \
              && rm -f /etc/apt/sources.list.d/docker.list; }' \
       && chmod 755 /cgi-bin/rpc
# Alpine's fcgiwrap does not support '-p' :/
# FROM alpine
# RUN    apk add --no-cache --upgrade \
#        && apk add --no-cache \
#               bash \
#               curl \
#               docker-cli \
#               fcgiwrap \
#               fping \
#               iptables \
#               iproute2 \
#               net-tools \
#               `#nginx` \
#               psmisc \
#               redis \
#               `#tcpdump` \
#               wget \
#               wireguard-tools \
#               vim

CMD ["bash", "-il"]
foo 2022-12-16 23:31:12 +00:00
			`# sf-master`
foo 2022-12-06 16:03:56 +00:00			`FROM ubuntu:22.04`
			`RUN apt-get update \`
			`&& apt-get install -y --no-install-recommends \`
			`ca-certificates \`
			`curl \`
foo 2022-12-16 23:31:12 +00:00			`fcgiwrap \`
foo 2022-12-06 16:03:56 +00:00			`fping \`
foo 2022-12-16 23:31:12 +00:00			`gnupg \`
foo 2022-12-06 16:03:56 +00:00			`inetutils-ping \`
			`iptables \`
			`iproute2 \`
			`iperf \`
foo 2022-12-16 23:31:12 +00:00			`lsb-release \`
foo 2022-12-06 16:03:56 +00:00			`net-tools \`
			`netcat \`
			`nginx \`
foo 2022-12-16 23:31:12 +00:00			`psmisc \`
			`redis-tools \`
foo 2022-12-06 16:03:56 +00:00			`tcpdump \`
			`wget \`
foo 2022-12-16 23:31:12 +00:00			`wireguard-tools \`
			`vim`
fob-rc1 2023-01-13 18:57:40 +00:00			`COPY init-master.sh /`
			`COPY /cgi-bin/ /cgi-bin`
foo 2022-12-16 23:31:12 +00:00
fob-rc1 2023-01-13 18:57:40 +00:00			`RUN bash -c '{ true \`
more 2023-02-19 17:15:42 +00:00			`&& cp /usr/bin/nsenter /usr/bin/nsenter.u1000 \`
			`&& chown 1000:1000 /usr/bin/nsenter.u1000 \`
			`&& chmod ug+s /usr/bin/nsenter.u1000 \`
			`&& setcap "CAP_SYS_ADMIN+eip" /usr/bin/nsenter.u1000 \`
			`&& rm /usr/sbin/iptables \`
			`&& cp /usr/sbin/xtables-nft-multi /usr/sbin/iptables \`
			`&& chmod u+s /usr/sbin/iptables \`
fob-rc1 2023-01-13 18:57:40 +00:00			`&& curl -fsSL https://download.docker.com/linux/ubuntu/gpg \| gpg --dearmor -o /etc/apt/keyrings/docker.gpg \`
			`&& echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" \| tee /etc/apt/sources.list.d/docker.list > /dev/null \`
			`&& apt-get update \`
			`&& apt-get install -y --no-install-recommends docker-ce-cli \`
			`&& rm -f /etc/apt/sources.list.d/docker.list; }' \`
			`&& chmod 755 /cgi-bin/rpc`
foo 2022-12-16 23:31:12 +00:00			`# Alpine's fcgiwrap does not support '-p' :/`
			`# FROM alpine`
			`# RUN apk add --no-cache --upgrade \`
			`# && apk add --no-cache \`
			`# bash \`
			`# curl \`
			`# docker-cli \`
			`# fcgiwrap \`
			`# fping \`
			`# iptables \`
			`# iproute2 \`
			`# net-tools \`
			# `#nginx` \
			`# psmisc \`
			`# redis \`
			# `#tcpdump` \
			`# wget \`
			`# wireguard-tools \`
			`# vim`

foo 2022-12-06 16:03:56 +00:00			`CMD ["bash", "-il"]`