-
Notifications
You must be signed in to change notification settings - Fork 5
/
Dockerfile
43 lines (36 loc) · 1.84 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
FROM debian:bullseye
ARG var_USERID=1000
ENV USERID=${var_USERID}
# Install wine
RUN dpkg --add-architecture i386
RUN apt-get update
RUN apt-get install -y cabextract gnupg2 unzip
RUN apt-get install -y wget software-properties-common
RUN wget -q -O - http://dl.winehq.org/wine-builds/winehq.key | apt-key add -
RUN apt-add-repository http://dl.winehq.org/wine-builds/debian/
RUN apt-get update
RUN apt-get install -y --install-recommends winehq-stable
# Install winetricks
RUN wget --no-check-certificate -q -O /usr/local/bin/winetricks 'https://raw.githubusercontent.com/Winetricks/winetricks/master/src/winetricks'
RUN chmod +x /usr/local/bin/winetricks
# Let us be able to create a shared-wineprefix and /opt/ellisys.sh, later on
RUN mkdir -p /opt && chmod a+rwx /opt
#####
# Don't trust Windows software wih root-creds: Create an unprivileged user to run WINE stuff
# Change the UID here to your userid `id --user` to avoid permission troubles with docker.
RUN useradd -l --uid $USERID --create-home --shell /bin/bash wineuser
# WINE will complain if the user doesn't own /opt/wineprefix.
# Currently 'wineuser' is the owner, but we propagate user-id through Docker.
# So we don't know upfront who the user is, but WINE can be appeased by chowning the prefix root folder only.
# This ownership change is done once by entry.sh upon every docker-run.
# But in Linux, only {root, owner} may change ownership.
# 'myself' can't change ownership of /opt/wineprefix, without being wineuser or root.
# So we make an escape-hatch, that entry.sh removes after use.
RUN cp /bin/chown /tmp/chown_suid
RUN chmod a+rws /tmp/chown_suid
# Drop out of root-shell
USER wineuser
WORKDIR /tmp
RUN mkdir -p /opt/wineprefix && chmod a+rwx /opt/wineprefix
# Tell docker to use this as the entry point for 'docker run', rather than "/bin/sh -c"
ENTRYPOINT ["/assets/entry.sh"]