-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
128 lines (113 loc) · 4.58 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
# Ubuntu as the base image
FROM ubuntu:22.04
# Build arguments
ARG WARP_VERSION
ARG GOST_VERSION
ARG COMMIT_SHA
ARG TARGETPLATFORM
# Metadata labels
LABEL org.opencontainers.image.authors="miraz4300"
LABEL org.opencontainers.image.url="https://github.com/miraz4300/wormhole"
LABEL WARP_VERSION=${WARP_VERSION}
LABEL GOST_VERSION=${GOST_VERSION}
LABEL COMMIT_SHA=${COMMIT_SHA}
# Copy scripts into the container
COPY entrypoint.sh /entrypoint.sh
COPY ./healthcheck /healthcheck
COPY modprobe start-docker.sh /usr/local/bin/
COPY supervisor/ /etc/supervisor/conf.d/
COPY logger.sh /opt/bash-utils/logger.sh
# Install dependencies and set permissions
RUN case ${TARGETPLATFORM} in \
"linux/amd64") export ARCH="amd64" ;; \
"linux/arm64") export ARCH="armv8" ;; \
*) echo "Unsupported TARGETPLATFORM: ${TARGETPLATFORM}" && exit 1 ;; \
esac && \
echo "Building for ${ARCH} with GOST ${GOST_VERSION}" && \
apt-get update && \
apt-get upgrade -y && \
apt-get install -y ca-certificates curl gnupg lsb-release sudo jq ipcalc wget iptables supervisor && \
rm -rf /var/lib/apt/list/* && \
update-alternatives --set iptables /usr/sbin/iptables-legacy && \
curl https://pkg.cloudflareclient.com/pubkey.gpg | gpg --yes --dearmor --output /usr/share/keyrings/cloudflare-warp-archive-keyring.gpg && \
echo "deb [signed-by=/usr/share/keyrings/cloudflare-warp-archive-keyring.gpg] https://pkg.cloudflareclient.com/ $(lsb_release -cs) main" | tee /etc/apt/sources.list.d/cloudflare-client.list && \
apt-get update && \
apt-get install -y cloudflare-warp && \
apt-get clean && \
apt-get autoremove -y && \
curl -LO https://github.com/ginuerzh/gost/releases/download/v${GOST_VERSION}/gost-linux-${ARCH}-${GOST_VERSION}.gz && \
gunzip gost-linux-${ARCH}-${GOST_VERSION}.gz && \
mv gost-linux-${ARCH}-${GOST_VERSION} /usr/bin/gost && \
chmod +x /usr/bin/gost && \
chmod +x /entrypoint.sh && \
chmod +x /healthcheck/index.sh && \
chmod +x /usr/local/bin/start-docker.sh && \
chmod +x /usr/local/bin/modprobe && \
useradd -m -s /bin/bash warp && \
echo "warp ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/warp
# Switch to the warp user
USER warp
# Accept Cloudflare WARP TOS
RUN mkdir -p /home/warp/.local/share/warp && \
echo -n 'yes' > /home/warp/.local/share/warp/accepted-tos.txt
# Environment variables for docker
ENV DOCKER_CHANNEL=stable \
DOCKER_VERSION=27.1.2 \
DOCKER_COMPOSE_VERSION=v2.29.1 \
BUILDX_VERSION=v0.16.2 \
DEBUG=false
# Switch to the root user
USER root
# Docker and buildx installation
RUN set -eux; \
\
arch="$(uname -m)"; \
case "$arch" in \
# amd64
x86_64) dockerArch='x86_64' ; buildx_arch='linux-amd64' ;; \
# arm32v6
armhf) dockerArch='armel' ; buildx_arch='linux-arm-v6' ;; \
# arm32v7
armv7) dockerArch='armhf' ; buildx_arch='linux-arm-v7' ;; \
# arm64v8
aarch64) dockerArch='aarch64' ; buildx_arch='linux-arm64' ;; \
*) echo >&2 "error: unsupported architecture ($arch)"; exit 1 ;;\
esac; \
\
if ! wget -O docker.tgz "https://download.docker.com/linux/static/${DOCKER_CHANNEL}/${dockerArch}/docker-${DOCKER_VERSION}.tgz"; then \
echo >&2 "error: failed to download 'docker-${DOCKER_VERSION}' from '${DOCKER_CHANNEL}' for '${dockerArch}'"; \
exit 1; \
fi; \
\
tar --extract \
--file docker.tgz \
--strip-components 1 \
--directory /usr/local/bin/ \
; \
rm docker.tgz; \
if ! wget -O docker-buildx "https://github.com/docker/buildx/releases/download/${BUILDX_VERSION}/buildx-${BUILDX_VERSION}.${buildx_arch}"; then \
echo >&2 "error: failed to download 'buildx-${BUILDX_VERSION}.${buildx_arch}'"; \
exit 1; \
fi; \
mkdir -p /usr/local/lib/docker/cli-plugins; \
chmod +x docker-buildx; \
mv docker-buildx /usr/local/lib/docker/cli-plugins/docker-buildx; \
\
dockerd --version; \
docker --version; \
docker buildx version
VOLUME /var/lib/docker
# Docker compose installation
RUN curl -L "https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose \
&& chmod +x /usr/local/bin/docker-compose && docker-compose version
# Create a symlink to the docker binary in /usr/local/lib/docker/cli-plugins
# for users which uses 'docker compose' instead of 'docker-compose'
RUN ln -s /usr/local/bin/docker-compose /usr/local/lib/docker/cli-plugins/docker-compose
# Environment variables
ENV GOST_ARGS="-L :1080"
# Healthcheck command
HEALTHCHECK --interval=15s --timeout=5s --start-period=10s --retries=3 \
CMD /healthcheck/index.sh
# Entry point script
ENTRYPOINT ["/entrypoint.sh"]
CMD ["bash"]