├── .envrc.example
├── .github
    ├── dependabot.yml
    └── workflows
    │   ├── check-update.yml
    │   ├── check-update.yml.erb
    │   ├── ci.yml
    │   └── ci.yml.erb
├── .gitignore
├── .rspec
├── Gemfile
├── Gemfile.lock
├── LICENSE.txt
├── README.md
├── Rakefile
├── baseimage-bookworm
    ├── Dockerfile
    ├── README.md
    ├── README.md.erb
    ├── Rakefile
    ├── build
    │   ├── etc
    │   │   ├── apt
    │   │   │   └── sources.list
    │   │   └── locale.nopurge
    │   ├── opt
    │   │   ├── custom-installers
    │   │   │   ├── docker-ce-cli
    │   │   │   │   └── install.sh
    │   │   │   ├── nginx
    │   │   │   │   ├── etc
    │   │   │   │   │   └── nginx
    │   │   │   │   │   │   └── conf.d
    │   │   │   │   │   │       └── misc.conf
    │   │   │   │   └── install.sh
    │   │   │   └── supervisor
    │   │   │   │   ├── etc
    │   │   │   │       └── supervisor
    │   │   │   │       │   └── supervisord.conf
    │   │   │   │   └── install.sh
    │   │   └── init-wrapper
    │   │   │   ├── post-init.d
    │   │   │       └── .gitkeep
    │   │   │   ├── pre-init.d
    │   │   │       ├── 01-git-config
    │   │   │       ├── 01-set-lang-and-tz
    │   │   │       ├── 02-reset-sshd-keys
    │   │   │       ├── 03-adduser
    │   │   │       ├── 04-chpass-and-sshkey
    │   │   │       ├── 05-apt
    │   │   │       ├── 06-remove-unnecessary-files
    │   │   │       ├── 07-docker-ce-cli
    │   │   │       ├── 07-nginx
    │   │   │       ├── 10-save-env
    │   │   │       └── 99-install-post-init
    │   │   │   └── sbin
    │   │   │       └── entrypoint.sh
    │   └── scripts
    │   │   ├── 00-apt-update
    │   │   ├── 01-setup
    │   │   ├── 02-init-wrapper
    │   │   ├── 03-custom-installers
    │   │   └── 99-cleanup
    └── debian-packages.json
├── baseimage-bullseye
    ├── Dockerfile
    ├── README.md
    ├── README.md.erb
    ├── Rakefile
    ├── build
    │   ├── etc
    │   │   ├── apt
    │   │   │   └── sources.list
    │   │   └── locale.nopurge
    │   ├── opt
    │   │   ├── custom-installers
    │   │   │   ├── docker-ce-cli
    │   │   │   │   └── install.sh
    │   │   │   ├── nginx
    │   │   │   │   ├── etc
    │   │   │   │   │   └── nginx
    │   │   │   │   │   │   └── conf.d
    │   │   │   │   │   │       └── misc.conf
    │   │   │   │   └── install.sh
    │   │   │   └── supervisor
    │   │   │   │   ├── etc
    │   │   │   │       └── supervisor
    │   │   │   │       │   └── supervisord.conf
    │   │   │   │   └── install.sh
    │   │   └── init-wrapper
    │   │   │   ├── post-init.d
    │   │   │       └── .gitkeep
    │   │   │   ├── pre-init.d
    │   │   │       ├── 01-git-config
    │   │   │       ├── 01-set-lang-and-tz
    │   │   │       ├── 02-reset-sshd-keys
    │   │   │       ├── 03-adduser
    │   │   │       ├── 04-chpass-and-sshkey
    │   │   │       ├── 05-apt
    │   │   │       ├── 06-remove-unnecessary-files
    │   │   │       ├── 07-docker-ce-cli
    │   │   │       ├── 07-nginx
    │   │   │       ├── 10-save-env
    │   │   │       └── 99-install-post-init
    │   │   │   └── sbin
    │   │   │       └── entrypoint.sh
    │   └── scripts
    │   │   ├── 00-apt-update
    │   │   ├── 01-setup
    │   │   ├── 02-init-wrapper
    │   │   ├── 03-custom-installers
    │   │   └── 99-cleanup
    └── debian-packages.json
├── baseimage-buster
    ├── Dockerfile
    ├── README.md
    ├── README.md.erb
    ├── Rakefile
    ├── build
    │   ├── etc
    │   │   ├── apt
    │   │   │   └── sources.list
    │   │   └── locale.nopurge
    │   ├── opt
    │   │   ├── custom-installers
    │   │   │   ├── docker-ce-cli
    │   │   │   │   └── install.sh
    │   │   │   ├── nginx
    │   │   │   │   ├── etc
    │   │   │   │   │   └── nginx
    │   │   │   │   │   │   └── conf.d
    │   │   │   │   │   │       └── misc.conf
    │   │   │   │   └── install.sh
    │   │   │   └── supervisor
    │   │   │   │   ├── etc
    │   │   │   │       └── supervisor
    │   │   │   │       │   └── supervisord.conf
    │   │   │   │   └── install.sh
    │   │   └── init-wrapper
    │   │   │   ├── post-init.d
    │   │   │       └── .gitkeep
    │   │   │   ├── pre-init.d
    │   │   │       ├── 01-git-config
    │   │   │       ├── 01-set-lang-and-tz
    │   │   │       ├── 02-reset-sshd-keys
    │   │   │       ├── 03-adduser
    │   │   │       ├── 04-chpass-and-sshkey
    │   │   │       ├── 05-apt
    │   │   │       ├── 06-remove-unnecessary-files
    │   │   │       ├── 07-docker-ce-cli
    │   │   │       ├── 07-nginx
    │   │   │       ├── 10-save-env
    │   │   │       └── 99-install-post-init
    │   │   │   └── sbin
    │   │   │       └── entrypoint.sh
    │   └── scripts
    │   │   ├── 00-apt-update
    │   │   ├── 01-setup
    │   │   ├── 02-init-wrapper
    │   │   ├── 03-custom-installers
    │   │   └── 99-cleanup
    └── debian-packages.json
├── baseimage-stretch
    ├── Dockerfile
    ├── README.md
    ├── README.md.erb
    ├── Rakefile
    ├── build
    │   ├── etc
    │   │   ├── apt
    │   │   │   └── sources.list
    │   │   └── locale.nopurge
    │   ├── opt
    │   │   ├── custom-installers
    │   │   │   ├── docker-ce-cli
    │   │   │   │   └── install.sh
    │   │   │   ├── nginx
    │   │   │   │   ├── etc
    │   │   │   │   │   └── nginx
    │   │   │   │   │   │   └── conf.d
    │   │   │   │   │   │       └── misc.conf
    │   │   │   │   └── install.sh
    │   │   │   └── supervisor
    │   │   │   │   ├── etc
    │   │   │   │       └── supervisor
    │   │   │   │       │   └── supervisord.conf
    │   │   │   │   └── install.sh
    │   │   └── init-wrapper
    │   │   │   ├── post-init.d
    │   │   │       └── .gitkeep
    │   │   │   ├── pre-init.d
    │   │   │       ├── 01-git-config
    │   │   │       ├── 01-set-lang-and-tz
    │   │   │       ├── 02-reset-sshd-keys
    │   │   │       ├── 03-adduser
    │   │   │       ├── 04-chpass-and-sshkey
    │   │   │       ├── 05-apt
    │   │   │       ├── 06-remove-unnecessary-files
    │   │   │       ├── 07-docker-ce-cli
    │   │   │       ├── 07-nginx
    │   │   │       ├── 10-save-env
    │   │   │       └── 99-install-post-init
    │   │   │   └── sbin
    │   │   │       └── entrypoint.sh
    │   └── scripts
    │   │   ├── 00-apt-update
    │   │   ├── 01-setup
    │   │   ├── 02-init-wrapper
    │   │   ├── 03-custom-installers
    │   │   └── 99-cleanup
    └── debian-packages.json
├── baseimage
    ├── Dockerfile
    ├── README.md
    ├── README.md.erb
    ├── Rakefile
    ├── build
    │   ├── etc
    │   │   ├── apt
    │   │   │   └── sources.list
    │   │   └── locale.nopurge
    │   ├── opt
    │   │   ├── custom-installers
    │   │   │   ├── docker-ce-cli
    │   │   │   │   └── install.sh
    │   │   │   ├── nginx
    │   │   │   │   ├── etc
    │   │   │   │   │   └── nginx
    │   │   │   │   │   │   └── conf.d
    │   │   │   │   │   │       └── misc.conf
    │   │   │   │   └── install.sh
    │   │   │   └── supervisor
    │   │   │   │   ├── etc
    │   │   │   │       └── supervisor
    │   │   │   │       │   └── supervisord.conf
    │   │   │   │   └── install.sh
    │   │   └── init-wrapper
    │   │   │   ├── post-init.d
    │   │   │       └── .gitkeep
    │   │   │   ├── pre-init.d
    │   │   │       ├── 01-git-config
    │   │   │       ├── 01-set-lang-and-tz
    │   │   │       ├── 02-reset-sshd-keys
    │   │   │       ├── 03-adduser
    │   │   │       ├── 04-chpass-and-sshkey
    │   │   │       ├── 05-apt
    │   │   │       ├── 06-remove-unnecessary-files
    │   │   │       ├── 07-docker-ce-cli
    │   │   │       ├── 07-nginx
    │   │   │       ├── 10-save-env
    │   │   │       └── 99-install-post-init
    │   │   │   └── sbin
    │   │   │       └── entrypoint.sh
    │   └── scripts
    │   │   ├── 00-apt-update
    │   │   ├── 01-setup
    │   │   ├── 02-init-wrapper
    │   │   ├── 03-custom-installers
    │   │   └── 99-cleanup
    └── debian-packages.json
├── debian-bookworm
    ├── README.md
    ├── README.md.erb
    ├── Rakefile
    ├── build.log
    └── debian-packages.json
├── debian-bullseye
    ├── README.md
    ├── README.md.erb
    ├── Rakefile
    ├── build.log
    └── debian-packages.json
├── debian-buster
    ├── README.md
    ├── README.md.erb
    ├── Rakefile
    ├── build.log
    └── debian-packages.json
├── debian-stretch
    ├── README.md
    ├── README.md.erb
    ├── Rakefile
    ├── build.log
    └── debian-packages.json
├── debian
    ├── README.md
    ├── README.md.erb
    ├── Rakefile
    ├── build.log
    └── debian-packages.json
├── deps.dot
├── es-kibana
    ├── Dockerfile
    ├── README.md
    └── build
    │   ├── opt
    │       └── init-wrapper
    │       │   └── pre-init.d
    │       │       ├── 11-es-java-opts
    │       │       └── 12-save-enve
    │   └── scripts
    │       ├── 00-update
    │       ├── 01-setup
    │       ├── 02-init-wrapper
    │       └── 99-cleanup
├── nodejs
    ├── Dockerfile
    ├── README.md
    └── build
    │   ├── helpers
    │       └── latest-nodejs-version
    │   └── scripts
    │       ├── 00-update
    │       ├── 01-setup
    │       ├── 02-nodenv
    │       ├── 03-yarn
    │       └── 99-cleanup
├── norikra
    ├── Dockerfile
    ├── README.md
    └── build
    │   ├── etc
    │       └── supervisor
    │       │   └── conf.d
    │       │       └── norikra.conf
    │   └── scripts
    │       ├── 00-update
    │       ├── 01-setup
    │       ├── 02-rbenv
    │       ├── 03-norikra
    │       └── 99-cleanup
├── rails7
    ├── Dockerfile
    ├── README.md
    └── build
    │   ├── helpers
    │       └── latest-nodejs-version
    │   └── scripts
    │       ├── 00-update
    │       ├── 01-setup
    │       ├── 02-nodenv
    │       ├── 03-yarn
    │       └── 99-cleanup
├── ruby-bookworm
    ├── Dockerfile
    ├── README.md
    └── build
    │   ├── scripts
    │       ├── 00-update
    │       ├── 01-setup
    │       ├── 02-rbenv
    │       └── 99-cleanup
    │   └── tmp
    │       └── .gitkeep
├── ruby-bullseye
    ├── Dockerfile
    ├── README.md
    └── build
    │   ├── scripts
    │       ├── 00-update
    │       ├── 01-setup
    │       ├── 02-rbenv
    │       └── 99-cleanup
    │   └── tmp
    │       └── .gitkeep
├── ruby-buster
    ├── Dockerfile
    ├── README.md
    └── build
    │   ├── scripts
    │       ├── 00-update
    │       ├── 01-setup
    │       ├── 02-rbenv
    │       └── 99-cleanup
    │   └── tmp
    │       └── .gitkeep
├── ruby-full
    ├── Dockerfile
    ├── README.md
    └── build
    │   ├── scripts
    │       ├── 00-update
    │       ├── 01-setup
    │       ├── 02-rbenv
    │       └── 99-cleanup
    │   └── tmp
    │       └── .gitkeep
├── ruby-stretch
    ├── Dockerfile
    ├── README.md
    └── build
    │   ├── scripts
    │       ├── 00-update
    │       ├── 01-setup
    │       ├── 02-rbenv
    │       └── 99-cleanup
    │   └── tmp
    │       └── .gitkeep
├── ruby
    ├── Dockerfile
    ├── README.md
    └── build
    │   ├── scripts
    │       ├── 00-update
    │       ├── 01-setup
    │       ├── 02-rbenv
    │       └── 99-cleanup
    │   └── tmp
    │       └── .gitkeep
├── spec
    ├── baseimage-bookworm
    │   ├── 00base_spec.rb
    │   └── 01apt_spec.rb
    ├── baseimage-bullseye
    │   ├── 00base_spec.rb
    │   └── 01apt_spec.rb
    ├── baseimage-buster
    │   ├── 00base_spec.rb
    │   └── 01apt_spec.rb
    ├── baseimage-stretch
    │   ├── 00base_spec.rb
    │   └── 01apt_spec.rb
    ├── baseimage
    │   ├── 00base_spec.rb
    │   └── 01apt_spec.rb
    ├── debian-bookworm
    │   └── 01apt_spec.rb
    ├── debian-bullseye
    │   └── 01apt_spec.rb
    ├── debian-buster
    │   └── 01apt_spec.rb
    ├── debian-stretch
    │   └── 01apt_spec.rb
    ├── debian
    │   └── 01apt_spec.rb
    ├── es-kibana
    │   └── 00base_spec.rb
    ├── nodejs
    │   └── 00base_spec.rb
    ├── norikra
    │   └── 00base_spec.rb
    ├── rails7
    │   └── 00base_spec.rb
    ├── ruby-bookworm
    │   └── 00base_spec.rb
    ├── ruby-bullseye
    │   └── 00base_spec.rb
    ├── ruby-buster
    │   └── 00base_spec.rb
    ├── ruby-full
    │   └── 00base_spec.rb
    ├── ruby-stretch
    │   └── 00base_spec.rb
    ├── ruby
    │   └── 00base_spec.rb
    ├── spec_helper.rb
    ├── squid
    │   └── 00base_spec.rb
    ├── systemd-bookworm
    │   └── 00base_spec.rb
    ├── systemd-bullseye
    │   └── 00base_spec.rb
    ├── systemd-buster
    │   └── 00base_spec.rb
    ├── systemd-stretch
    │   └── 00base_spec.rb
    ├── systemd
    │   └── 00base_spec.rb
    └── tdiary
    │   └── 00base_spec.rb
├── squid
    ├── Dockerfile
    ├── README.md
    └── build
    │   ├── etc
    │       ├── init.d
    │       │   └── squid
    │       └── squid
    │       │   ├── squid.acl.conf
    │       │   └── squid.local.conf
    │   └── scripts
    │       ├── 00-update
    │       ├── 01-setup
    │       └── 99-cleanup
├── systemd-bookworm
    ├── Dockerfile
    ├── README.md
    └── build
    │   └── scripts
    │       ├── 00-update
    │       ├── 01-setup
    │       └── 99-cleanup
├── systemd-bullseye
    ├── Dockerfile
    ├── README.md
    └── build
    │   └── scripts
    │       ├── 00-update
    │       ├── 01-setup
    │       └── 99-cleanup
├── systemd-buster
    ├── Dockerfile
    ├── README.md
    └── build
    │   └── scripts
    │       ├── 00-update
    │       ├── 01-setup
    │       └── 99-cleanup
├── systemd-stretch
    ├── Dockerfile
    ├── README.md
    └── build
    │   └── scripts
    │       ├── 00-update
    │       ├── 01-setup
    │       └── 99-cleanup
├── systemd
    ├── Dockerfile
    ├── README.md
    └── build
    │   └── scripts
    │       ├── 00-update
    │       ├── 01-setup
    │       └── 99-cleanup
├── tdiary
    ├── Dockerfile
    ├── README.md
    ├── Rakefile
    └── build
    │   ├── etc
    │       ├── nginx
    │       │   └── conf.d
    │       │   │   └── tdiary.conf
    │       └── supervisor
    │       │   └── conf.d
    │       │       └── tdiary.conf
    │   ├── home
    │       └── debian
    │       │   ├── go
    │       │       └── src
    │       │       │   └── github.com
    │       │       │       └── tdiary
    │       │       │           └── tdiary-core
    │       │       │               └── Gemfile.local
    │       │   └── tdiary
    │       │       ├── .htpasswd
    │       │       ├── start.sh
    │       │       └── tdiary.conf
    │   ├── scripts
    │       ├── 00-update
    │       ├── 01-setup
    │       └── 99-cleanup
    │   └── user-scripts
    │       └── setup-tdiary.sh
└── template
    ├── Dockerfile
    ├── README.md
    └── build
        └── scripts
            ├── 00-update
            ├── 01-setup
            └── 99-cleanup


/.envrc.example:
--------------------------------------------------------------------------------
1 | export baseimage_TRIGGER_TOKEN=XXXXX
2 | 


--------------------------------------------------------------------------------
/.github/dependabot.yml:
--------------------------------------------------------------------------------
 1 | #
 2 | # https://help.github.com/en/github/administering-a-repository/about-github-dependabot
 3 | #
 4 | version: 2
 5 | updates:
 6 | - package-ecosystem: bundler
 7 |   directory: "/"
 8 |   schedule:
 9 |     interval: daily
10 |     time: '10:00'
11 |     timezone: Asia/Tokyo
12 |   open-pull-requests-limit: 10
13 |   reviewers:
14 |   - minimum2scp
15 |   allow:
16 |     - dependency-type: all
17 | - package-ecosystem: github-actions
18 |   directory: "/"
19 |   schedule:
20 |     interval: daily
21 |     time: '10:00'
22 |     timezone: Asia/Tokyo
23 |   open-pull-requests-limit: 10
24 |   reviewers:
25 |   - minimum2scp
26 | 
27 | 


--------------------------------------------------------------------------------
/.github/workflows/check-update.yml.erb:
--------------------------------------------------------------------------------
 1 | name: Check upgradable packages
 2 | 
 3 | on:
 4 |   schedule:
 5 |     - cron: '0 12 * * *'
 6 |   workflow_dispatch:
 7 | 
 8 | jobs:
 9 | <% images = %w[debian baseimage debian-bookworm baseimage-bookworm debian-bullseye baseimage-bullseye debian-buster baseimage-buster debian-stretch baseimage-stretch] -%>
10 | <% images.each do |image| -%>
11 |   <%= image %>:
12 |     name: <%= image %>
13 |     runs-on: ubuntu-latest
14 |     <%- if image =~ /^baseimage/ -%>
15 |     needs: <%= image.sub(/^baseimage/, 'debian') %>
16 |     <%- end -%>
17 |     steps:
18 |       - uses: actions/checkout@v4
19 | 
20 |       # setup ruby
21 |       - uses: ruby/setup-ruby@v1
22 |         with:
23 |           ruby-version: '3.2'
24 |           bundler-cache: true
25 | 
26 |       # run test
27 |       - run: docker pull minimum2scp/<%= image %>:latest
28 |       - run: bundle exec rspec spec/<%= image %>/01apt_spec.rb -e 'apt list --upgradable'
29 | 
30 |       # notify to slack
31 |       - uses: ruby/action-slack@v3.2.1
32 |         with:
33 |           payload: |
34 |             {
35 |               "username": "GitHub Actions",
36 |               "icon_emoji": ":octocat:",
37 |               "channel": "#gh",
38 |               "attachments": [{
39 |                 "color": "danger",
40 |                 "text": "${{ job.status }}: Workflow ${{ github.workflow }} (<https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}|#${{ github.run_number }}>)",
41 |                 "footer": "<https://github.com/${{ github.repository }}|${{ github.repository }}>",
42 |                 "footer_icon": "https://github.githubassets.com/favicon.ico",
43 |                 "fields": [
44 |                   {
45 |                     "title": "image",
46 |                     "value": "minimum2scp/<%= image %>:latest",
47 |                     "short": false
48 |                   }
49 |                 ]
50 |               }]
51 |             }
52 |         env:
53 |           SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
54 |         if: "failure()"
55 | 
56 |   <%- end -%>
57 | 


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | .bundle
2 | .envrc
3 | .snippets
4 | deps.svg
5 | vendor/bundle
6 | 


--------------------------------------------------------------------------------
/.rspec:
--------------------------------------------------------------------------------
1 | --color
2 | --format documentation
3 | 


--------------------------------------------------------------------------------
/Gemfile:
--------------------------------------------------------------------------------
1 | source 'https://rubygems.org'
2 | 
3 | gem 'rake'
4 | gem 'serverspec'
5 | gem 'specinfra'
6 | gem 'docker-api'
7 | gem 'pry'
8 | gem 'pry-doc'
9 | 


--------------------------------------------------------------------------------
/Gemfile.lock:
--------------------------------------------------------------------------------
 1 | GEM
 2 |   remote: https://rubygems.org/
 3 |   specs:
 4 |     base64 (0.2.0)
 5 |     coderay (1.1.3)
 6 |     diff-lcs (1.6.2)
 7 |     docker-api (2.4.0)
 8 |       excon (>= 0.64.0)
 9 |       multi_json
10 |     excon (1.2.5)
11 |       logger
12 |     logger (1.7.0)
13 |     method_source (1.1.0)
14 |     multi_json (1.15.0)
15 |     net-scp (4.1.0)
16 |       net-ssh (>= 2.6.5, < 8.0.0)
17 |     net-ssh (7.3.0)
18 |     net-telnet (0.2.0)
19 |     pry (0.15.2)
20 |       coderay (~> 1.1)
21 |       method_source (~> 1.0)
22 |     pry-doc (1.6.0)
23 |       pry (~> 0.11)
24 |       yard (~> 0.9.11)
25 |     rake (13.2.1)
26 |     rspec (3.13.0)
27 |       rspec-core (~> 3.13.0)
28 |       rspec-expectations (~> 3.13.0)
29 |       rspec-mocks (~> 3.13.0)
30 |     rspec-core (3.13.3)
31 |       rspec-support (~> 3.13.0)
32 |     rspec-expectations (3.13.4)
33 |       diff-lcs (>= 1.2.0, < 2.0)
34 |       rspec-support (~> 3.13.0)
35 |     rspec-its (2.0.0)
36 |       rspec-core (>= 3.13.0)
37 |       rspec-expectations (>= 3.13.0)
38 |     rspec-mocks (3.13.4)
39 |       diff-lcs (>= 1.2.0, < 2.0)
40 |       rspec-support (~> 3.13.0)
41 |     rspec-support (3.13.3)
42 |     serverspec (2.43.0)
43 |       multi_json
44 |       rspec (~> 3.0)
45 |       rspec-its
46 |       specinfra (~> 2.72)
47 |     sfl (2.3)
48 |     specinfra (2.94.0)
49 |       base64
50 |       net-scp
51 |       net-ssh (>= 2.7)
52 |       net-telnet
53 |       sfl
54 |     yard (0.9.37)
55 | 
56 | PLATFORMS
57 |   ruby
58 | 
59 | DEPENDENCIES
60 |   docker-api
61 |   pry
62 |   pry-doc
63 |   rake
64 |   serverspec
65 |   specinfra
66 | 
67 | BUNDLED WITH
68 |    2.4.22
69 | 


--------------------------------------------------------------------------------
/LICENSE.txt:
--------------------------------------------------------------------------------
 1 | The MIT License (MIT)
 2 | 
 3 | Copyright (c) 2014 YAMADA Tsuyoshi
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Dockerfiles
 2 | 
 3 | [![GitHub Actions](https://github.com/minimum2scp/dockerfiles/workflows/CI/badge.svg)](https://github.com/minimum2scp/dockerfiles/actions?workflow=CI)
 4 | 
 5 | This repository contains many Dockerfiles.
 6 | 
 7 | Docker images are published on Docker Hub Registory:
 8 | https://registry.hub.docker.com/u/minimum2scp
 9 | 
10 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/debian-bookworm:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/baseimage-bookworm
 5 | RUN run-parts --report --exit-on-error /tmp/build/baseimage-bookworm/scripts && rm -rfv /tmp/build
 6 | EXPOSE 22
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/Rakefile:
--------------------------------------------------------------------------------
 1 | require 'erb'
 2 | require 'json'
 3 | require 'rake/clean'
 4 | require 'tempfile'
 5 | 
 6 | CLOBBER.include 'README.md', 'debian-packages.json'
 7 | 
 8 | task :default => ['README.md']
 9 | 
10 | desc 'update debian-packages.json'
11 | file 'debian-packages.json' do |t|
12 |   tag = ENV['TAG'] || 'minimum2scp/baseimage-bookworm:latest'
13 |   tmpfile = Tempfile.new('packages')
14 |   tmpfile.close
15 |   fields = %w[
16 |     Architecture Conflicts Breaks Depends Enhances Essential Installed-Size Origin Package
17 |     Pre-Depends Priority Provides Recommends Replace Section Status Suggests Version
18 |     binary:Package binary:Summary db:Status-Abbrev db:Status-Want db:Status-Status db:Status-Eflag
19 |     source:Package source:Version
20 |   ]
21 |   field_fmt = fields.map{|f| "${#{f}}"}.join("\\t") + "\\n"
22 |   sh %Q[docker run --rm #{tag} dpkg-query -f '#{field_fmt}' -W > #{tmpfile.path}], :verbose => false
23 |   packages = File.readlines(tmpfile.path).map(&:chomp).map{|row| Hash[fields.zip(row.split("\t"))]}
24 |   File.open(t.name, "w") do |fh|
25 |     fh << JSON.pretty_generate(packages)
26 |   end
27 | end
28 | 
29 | desc 'update README.md'
30 | file 'README.md' => ['README.md.erb', 'debian-packages.json'] do |t|
31 |   packages = JSON.parse(File.read('debian-packages.json'))
32 |   File.open(t.name, "w") do |fh|
33 |     fh << ERB.new(File.read('README.md.erb'), trim_mode: '-').result(binding)
34 |   end
35 | end
36 | 
37 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/etc/apt/sources.list:
--------------------------------------------------------------------------------
 1 | ##
 2 | ## bookworm
 3 | ##
 4 | 
 5 | deb     http://deb.debian.org/debian/ bookworm main contrib non-free non-free-firmware
 6 | deb-src http://deb.debian.org/debian/ bookworm main contrib non-free non-free-firmware
 7 | 
 8 | deb     http://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
 9 | deb-src http://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
10 | 
11 | deb     http://deb.debian.org/debian/ bookworm-backports main contrib non-free non-free-firmware
12 | deb-src http://deb.debian.org/debian/ bookworm-backports main contrib non-free non-free-firmware
13 | 
14 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/etc/locale.nopurge:
--------------------------------------------------------------------------------
 1 | ####################################################
 2 | # This is the configuration file for localepurge(8).
 3 | ####################################################
 4 | 
 5 | ####################################################
 6 | # Uncommenting this string enables the use of dpkg's
 7 | # --path-exclude feature.  In this mode, localepurge
 8 | # will configure dpkg to exclude the desired locales
 9 | # at unpack time.
10 | #
11 | # If enabled, the following 3 options will be
12 | # disabled:
13 | #
14 | #  QUICKNDIRTYCALC
15 | #  SHOWFREEDSPACE
16 | #  VERBOSE
17 | #
18 | # And the following option will be enabled and cannot
19 | # be disabled (unless USE_DPKG is disabled):
20 | #
21 | #  DONTBOTHERNEWLOCALE
22 | #
23 | 
24 | USE_DPKG
25 | ####################################################
26 | 
27 | ####################################################
28 | # Uncommenting this string enables removal of localized 
29 | # man pages based on the configuration information for
30 | # locale files defined below:
31 | 
32 | MANDELETE
33 | 
34 | ####################################################
35 | # Uncommenting this string causes localepurge to simply delete
36 | # locales which have newly appeared on the system without
37 | # bothering you about it:
38 | 
39 | DONTBOTHERNEWLOCALE
40 | 
41 | ####################################################
42 | # Uncommenting this string enables display of freed disk
43 | # space if localepurge has purged any superfluous data:
44 | 
45 | SHOWFREEDSPACE
46 | 
47 | #####################################################
48 | # Commenting out this string enables faster but less
49 | # accurate calculation of freed disk space:
50 | 
51 | #QUICKNDIRTYCALC
52 | 
53 | #####################################################
54 | # Commenting out this string disables verbose output:
55 | 
56 | #VERBOSE
57 | 
58 | #####################################################
59 | # Following locales won't be deleted from this system
60 | # after package installations done with apt-get(8):
61 | 
62 | en
63 | en_US
64 | en_US.UTF-8
65 | ja
66 | ja_JP.UTF-8
67 | 
68 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/opt/custom-installers/docker-ce-cli/install.sh:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | 
 6 | version="27.5.0"
 7 | 
 8 | cd /tmp
 9 | 
10 | ## download tarball
11 | curl -fsSLO https://download.docker.com/linux/static/stable/x86_64/docker-${version}.tgz || \
12 | curl -fsSLO https://download.docker.com/linux/static/edge/x86_64/docker-${version}.tgz
13 | 
14 | ## extract docker (cli) from tarball
15 | tar -x -f /tmp/docker-${version}.tgz --strip-components=1 docker/docker
16 | 
17 | ## install docker (cli)
18 | install -m 755 -o root -g root -p /tmp/docker /usr/local/bin/docker
19 | 
20 | ## cleanup
21 | rm -f /tmp/docker-${version}.tgz /tmp/docker
22 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/opt/custom-installers/nginx/etc/nginx/conf.d/misc.conf:
--------------------------------------------------------------------------------
 1 | # ignore_invalid_headers off;
 2 | # underscores_in_headers on;
 3 | 
 4 | ## reverse proxy configurations (add X-Forwarded-For, etc)
 5 | proxy_set_header Host               $http_host;
 6 | proxy_set_header X-Real-IP          $remote_addr;
 7 | proxy_set_header X-Forwarded-Proto  $scheme;
 8 | proxy_set_header X-Forwarded-Host   $http_host;
 9 | proxy_set_header X-Forwarded-Server $host;
10 | proxy_set_header X-Forwarded-For    $proxy_add_x_forwarded_for;
11 | proxy_redirect off;
12 | proxy_max_temp_file_size 0;
13 | 
14 | ## increase timeout
15 | # send_timeout            600;
16 | # proxy_connect_timeout   600;
17 | # proxy_send_timeout      600;
18 | # proxy_read_timeout      600;
19 | 
20 | ## access log with LTSV
21 | # log_format ltsv 'time:$time_iso8601\t'
22 | #                 'remote_addr:$remote_addr\t'
23 | #                 'request_method:$request_method\t'
24 | #                 'request_length:$request_length\t'
25 | #                 'request_uri:$request_uri\t'
26 | #                 'https:$https\t'
27 | #                 'uri:$uri\t'
28 | #                 'query_string:$query_string\t'
29 | #                 'status:$status\t'
30 | #                 'bytes_sent:$bytes_sent\t'
31 | #                 'body_bytes_sent:$body_bytes_sent\t'
32 | #                 'referer:$http_referer\t'
33 | #                 'useragent:$http_user_agent\t'
34 | #                 'host:$host\t'
35 | #                 'forwardedfor:$http_x_forwarded_for\t'
36 | #                 'request_time:$request_time\t'
37 | #                 'upstream_response_time:$upstream_response_time';
38 | # access_log /var/log/nginx/ltsv_access.log ltsv;
39 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/opt/custom-installers/nginx/install.sh:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | 
 6 | apt-get install -y --no-install-recommends -t bookworm nginx
 7 | if invoke-rc.d --quiet nginx status >/dev/null; then
 8 |   :
 9 | else
10 |   invoke-rc.d nginx start
11 | fi
12 | 
13 | install -m 644 -o root -g root -p /opt/custom-installers/nginx/etc/nginx/conf.d/misc.conf /etc/nginx/conf.d/misc.conf
14 | if etckeeper unclean 1>/dev/null 2>/dev/null; then
15 |   etckeeper commit "nginx: add conf.d/misc.conf"
16 | fi
17 | 
18 | # nginx_version="1.22.1-1~bullseye"
19 | # 
20 | # ## install gnupg
21 | # apt-get install -y --no-install-recommends gnupg
22 | # 
23 | # ## install apt key
24 | # curl -sSf http://nginx.org/keys/nginx_signing.key | \
25 | #   gpg --no-default-keyring --keyring /usr/share/keyrings/nginx.gpg --import
26 | # 
27 | # ## add apt-line
28 | # (
29 | #   echo "deb     [signed-by=/usr/share/keyrings/nginx.gpg] http://nginx.org/packages/debian/ bullseye nginx"
30 | #   echo "deb-src [signed-by=/usr/share/keyrings/nginx.gpg] http://nginx.org/packages/debian/ bullseye nginx"
31 | #   echo "deb     [signed-by=/usr/share/keyrings/nginx.gpg] http://nginx.org/packages/mainline/debian/ bullseye nginx"
32 | #   echo "deb-src [signed-by=/usr/share/keyrings/nginx.gpg] http://nginx.org/packages/mainline/debian/ bullseye nginx"
33 | # ) | tee /etc/apt/sources.list.d/nginx.list
34 | # 
35 | # ## add apt-preferences
36 | # cat <<EOS >/etc/apt/preferences.d/nginx
37 | # Package: *
38 | # Pin: release o=nginx, l=nginx
39 | # Pin-Priority: 600
40 | # EOS
41 | # 
42 | # ## etckeeper
43 | # if etckeeper unclean 1>/dev/null 2>/dev/null; then
44 | #   etckeeper commit "apt: added apt-line, apt-preferences for nginx"
45 | # fi
46 | # 
47 | # ## install nginx
48 | # apt-get update
49 | # apt-get install -y --no-install-recommends nginx=${nginx_version}
50 | # 
51 | # ## configure nginx
52 | # install -m 644 -o root -g root -p /opt/custom-installers/nginx/etc/nginx/conf.d/misc.conf /etc/nginx/conf.d/misc.conf
53 | # if etckeeper unclean 1>/dev/null 2>/dev/null; then
54 | #   etckeeper commit "nginx: add conf.d/misc.conf"
55 | # fi
56 | # 
57 | # ## start nginx
58 | # service nginx start
59 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/opt/custom-installers/supervisor/etc/supervisor/supervisord.conf:
--------------------------------------------------------------------------------
 1 | ; supervisor config file
 2 | 
 3 | [unix_http_server]
 4 | file=/var/run/supervisor.sock   ; (the path to the socket file)
 5 | chmod=0770                       ; sockef file mode (default 0700)
 6 | chown=root:adm
 7 | 
 8 | [inet_http_server]
 9 | port=0.0.0.0:9001
10 | 
11 | [supervisord]
12 | logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)
13 | pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
14 | childlogdir=/var/log/supervisor            ; ('AUTO' child log dir, default $TEMP)
15 | 
16 | ; the below section must remain in the config file for RPC
17 | ; (supervisorctl/web interface) to work, additional interfaces may be
18 | ; added by defining them in separate rpcinterface: sections
19 | [rpcinterface:supervisor]
20 | supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
21 | 
22 | [supervisorctl]
23 | serverurl=unix:///var/run/supervisor.sock ; use a unix:// URL  for a unix socket
24 | 
25 | ; The [include] section can just contain the "files" setting.  This
26 | ; setting can list multiple files (separated by whitespace or
27 | ; newlines).  It can also contain wildcards.  The filenames are
28 | ; interpreted as relative to this file.  Included files *cannot*
29 | ; include files themselves.
30 | 
31 | [include]
32 | files = /etc/supervisor/conf.d/*.conf
33 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/opt/custom-installers/supervisor/install.sh:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | 
 6 | ## install supervisor
 7 | apt-get install -y --no-install-recommends supervisor
 8 | 
 9 | ## configure supervisor
10 | install -m 644 -o root -g root -p /opt/custom-installers/supervisor/etc/supervisor/supervisord.conf /etc/supervisor/supervisord.conf
11 | if dpkg-query -s openssh-server 1>/dev/null 2>/dev/null; then
12 |   etckeeper commit "supervisor: set socket as root:adm 770, and enabled inet_http_server with 0.0.0.0:9001"
13 | fi
14 | 
15 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/opt/init-wrapper/post-init.d/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/minimum2scp/dockerfiles/df9401ab652f5098a53c05d4f19b9eff1d33c8d2/baseimage-bookworm/build/opt/init-wrapper/post-init.d/.gitkeep


--------------------------------------------------------------------------------
/baseimage-bookworm/build/opt/init-wrapper/pre-init.d/01-git-config:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ##
 4 | ## reset user.email for etckeeper
 5 | ##
 6 | if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
 7 |   git config --global user.email "root@$HOSTNAME" 1>/dev/null 2>/dev/null
 8 | fi
 9 | 
10 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/opt/init-wrapper/pre-init.d/01-set-lang-and-tz:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | 
 5 | ## environment variables
 6 | ##
 7 | ## - DEFAULT_LANG
 8 | ## - DEFAULT_TZ
 9 | 
10 | if [ -n "${DEFAULT_LANG}" ]; then
11 |   sed -i -e "s/LANG=C/LANG=${DEFAULT_LANG}/" /etc/default/locale
12 |   etckeeper commit "set default LANG to ${DEFAULT_LANG}" 1>/dev/null 2>/dev/null
13 | fi
14 | 
15 | if [ -n "${DEFAULT_TZ}" ]; then
16 |   echo "${DEFAULT_TZ}" > /etc/timezone
17 |   # workaround: see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813226
18 |   [ -L /etc/localtime ] && rm /etc/localtime
19 |   dpkg-reconfigure -f noninteractive tzdata 1>/dev/null 2>/dev/null
20 |   etckeeper commit "set timezone to ${DEFAULT_TZ}" 1>/dev/null 2>/dev/null
21 | fi
22 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/opt/init-wrapper/pre-init.d/02-reset-sshd-keys:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | export DEBIAN_FRONTEND=noninteractive
 4 | 
 5 | ##
 6 | ## regenerate ssh host keys
 7 | ##
 8 | if dpkg-query -s openssh-server 1>/dev/null 2>/dev/null; then
 9 |   rm /etc/ssh/ssh_host_*_key /etc/ssh/ssh_host_*_key.pub
10 |   dpkg-reconfigure openssh-server 1>/dev/null 2>/dev/null
11 |   if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
12 |     etckeeper commit "openssh-server: regenerate ssh host keys" 1>/dev/null 2>/dev/null
13 |   fi
14 | fi
15 | 
16 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/opt/init-wrapper/pre-init.d/03-adduser:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ## environment variables
 4 | ##
 5 | ##   - CUSTOM_GROUP            :  group name
 6 | ##   - CUSTOM_GROUP_GID        :  group id
 7 | ##   - CUSTOM_USER             :  user name
 8 | ##   - CUSTOM_USER_UID         :  user id
 9 | ##   - CUSTOM_USER_GECOS       :  gecos field for user
10 | ##   - CUSTOM_USER_SHELL       :  login shell for user
11 | ##
12 | 
13 | if [ -n "${CUSTOM_USER}" ]; then
14 |   ## create group
15 |   if [ -n "${CUSTOM_GROUP}" ]; then
16 |     group=${CUSTOM_GROUP}
17 |   else
18 |     group=${CUSTOM_USER}
19 |   fi
20 |   addgroup ${CUSTOM_GROUP_GID+--gid ${CUSTOM_GROUP_GID}} ${group} 1>/dev/null 2>/dev/null
21 |   etckeeper commit "addgroup ${group}" 1>/dev/null 2>/dev/null
22 | 
23 |   ## create user (without password, without sudo priv)
24 |   adduser \
25 |     --disabled-password \
26 |     --quiet \
27 |     --gecos "${CUSTOM_USER_GECOS}" \
28 |     --shell ${CUSTOM_USER_SHELL-/bin/bash} \
29 |     ${CUSTOM_USER_UID+--uid ${CUSTOM_USER_UID}} \
30 |     --ingroup ${group} \
31 |     ${CUSTOM_USER} 1>/dev/null 2>/dev/null
32 |   etckeeper commit "adduser ${CUSTOM_USER}" 1>/dev/null 2>/dev/null
33 | 
34 |   ## add sudo priv
35 |   adduser ${CUSTOM_USER} sudo 1>/dev/null 2>/dev/null
36 |   adduser ${CUSTOM_USER} adm 1>/dev/null 2>/dev/null
37 |   etckeeper commit "add ${CUSTOM_USER} into sudo, adm group" 1>/dev/null 2>/dev/null
38 | fi
39 | 
40 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/opt/init-wrapper/pre-init.d/06-remove-unnecessary-files:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ##
 4 | ## see contrib/mkimage/debootstrap
 5 | ##
 6 | 
 7 | dpkg-divert --remove /sbin/initctl 1>/dev/null 2>/dev/null
 8 | 
 9 | files=
10 | files="${files} /usr/sbin/policy-rc.d"
11 | files="${files} /sbin/initctl"
12 | 
13 | for f in $files; do
14 |   if [ -f $f ]; then
15 |     rm $f
16 |   fi
17 | done
18 | 
19 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/opt/init-wrapper/pre-init.d/07-docker-ce-cli:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ## environment variables
 4 | ##
 5 | ##   - INSTALL_DOCKER_CE_CLI   : "yes"
 6 | ##
 7 | 
 8 | set -e
 9 | post_init_script=/opt/init-wrapper/post-init.d/${0##*/}
10 | 
11 | clear_post_init (){
12 |   if [ -f ${post_init_script} ]; then
13 |     : > ${post_init_script}
14 |   fi
15 | }
16 | 
17 | write_post_init (){
18 |   cat <<EOS > ${post_init_script}
19 | #!/bin/sh
20 | set -e
21 | /opt/custom-installers/docker-ce-cli/install.sh
22 | EOS
23 | 
24 |   chmod +x ${post_init_script}
25 | }
26 | 
27 | if [ "${INSTALL_DOCKER_CE_CLI}" = yes ]; then
28 |   clear_post_init
29 |   write_post_init
30 | fi
31 | 
32 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/opt/init-wrapper/pre-init.d/07-nginx:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ## environment variables
 4 | ##
 5 | ##   - INSTALL_NGINX   : "yes"
 6 | ##
 7 | 
 8 | set -e
 9 | post_init_script=/opt/init-wrapper/post-init.d/${0##*/}
10 | 
11 | clear_post_init (){
12 |   if [ -f ${post_init_script} ]; then
13 |     : > ${post_init_script}
14 |   fi
15 | }
16 | 
17 | write_post_init (){
18 |   cat <<EOS > ${post_init_script}
19 | #!/bin/sh
20 | set -e
21 | /opt/custom-installers/nginx/install.sh
22 | EOS
23 | 
24 |   chmod +x ${post_init_script}
25 | }
26 | 
27 | if [ "${INSTALL_NGINX}" = yes ]; then
28 |   clear_post_init
29 |   write_post_init
30 | fi
31 | 
32 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/opt/init-wrapper/pre-init.d/10-save-env:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ##
 4 | ## save environment variables to /etc/profile.d/00docker-env.sh
 5 | ##
 6 | export -p > /etc/profile.d/00docker-env.sh
 7 | 
 8 | for v in \
 9 |   HOME \
10 |   HOSTNAME \
11 |   PATH \
12 |   PWD \
13 |   TERM \
14 |   DEFAULT_LANG \
15 |   DEFAULT_TZ \
16 |   USER_PASSWORD \
17 |   USER_SSH_KEY_URI \
18 |   ROOT_PASSWORD \
19 |   ROOT_SSH_KEY_URI \
20 |   CUSTOM_GROUP \
21 |   CUSTOM_GROUP_GID \
22 |   CUSTOM_USER \
23 |   CUSTOM_USER_UID \
24 |   CUSTOM_USER_GECOS \
25 |   CUSTOM_USER_SHELL \
26 |   CUSTOM_USER_PASSWORD \
27 |   CUSTOM_USER_SSH_KEY_URI \
28 |   APT_LINE \
29 |   APT_UPDATE \
30 |   APT_INSTALL_PACKAGES \
31 |   APT_INSTALL_RECOMMENDS \
32 |   APT_INSTALL_SUGGESTS \
33 |   APT_HTTP_PROXY \
34 |   INSTALL_DOCKER_CE_CLI \
35 |   INSTALL_NGINX
36 | do
37 |   sed -i -e "s/^export ${v}=/#export ${v}=/" /etc/profile.d/00docker-env.sh
38 | done
39 | 
40 | if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
41 |   etckeeper commit "add /etc/profile.d/00docker-env.sh" 1>/dev/null 2>/dev/null
42 | fi
43 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/opt/init-wrapper/pre-init.d/99-install-post-init:
--------------------------------------------------------------------------------
1 | #! /bin/sh
2 | 
3 | echo "run-parts --exit-on-error /opt/init-wrapper/post-init.d" >> /etc/rc.local
4 | if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
5 |   etckeeper commit "rc.local: run /opt/init-wrapper/post-init.d/*" 1>/dev/null 2>/dev/null
6 | fi
7 | 
8 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/opt/init-wrapper/sbin/entrypoint.sh:
--------------------------------------------------------------------------------
1 | #! /bin/sh
2 | 
3 | run-parts --exit-on-error /opt/init-wrapper/pre-init.d
4 | exec "$@"
5 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/scripts/00-apt-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | install -m 644 -o root -g root -p /tmp/build/baseimage-bookworm/etc/apt/sources.list /etc/apt/sources.list
 8 | 
 9 | apt-get update
10 | apt-get dist-upgrade -y --fix-missing --fix-broken
11 | 
12 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/scripts/02-init-wrapper:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## install custom init scripts
 9 | ##
10 | find /tmp/build/baseimage-bookworm/opt/init-wrapper/sbin \
11 |      /tmp/build/baseimage-bookworm/opt/init-wrapper/pre-init.d \
12 |      /tmp/build/baseimage-bookworm/opt/init-wrapper/post-init.d \
13 |      -maxdepth 1 -mindepth 1 -type f -a -executable \
14 | | while read f; do
15 |   install -m 755 -o root -g root -p -D ${f} ${f#/tmp/build/baseimage-bookworm}
16 | done
17 | 
18 | find /tmp/build/baseimage-bookworm/opt/init-wrapper/sbin \
19 |      /tmp/build/baseimage-bookworm/opt/init-wrapper/pre-init.d \
20 |      /tmp/build/baseimage-bookworm/opt/init-wrapper/post-init.d \
21 |      -maxdepth 1 -mindepth 1 -type f -a -not -executable \
22 | | while read f; do
23 |   install -m 644 -o root -g root -p -D ${f} ${f#/tmp/build/baseimage-bookworm}
24 | done
25 | 
26 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/scripts/03-custom-installers:
--------------------------------------------------------------------------------
1 | #! /bin/sh
2 | 
3 | set -e
4 | set -x
5 | export DEBIAN_FRONTEND=noninteractive
6 | 
7 | cp -a /tmp/build/baseimage-bookworm/opt/custom-installers /opt/custom-installers
8 | 
9 | 


--------------------------------------------------------------------------------
/baseimage-bookworm/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/debian-bullseye:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/baseimage-bullseye
 5 | RUN run-parts --report --exit-on-error /tmp/build/baseimage-bullseye/scripts && rm -rfv /tmp/build
 6 | EXPOSE 22
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/Rakefile:
--------------------------------------------------------------------------------
 1 | require 'erb'
 2 | require 'json'
 3 | require 'rake/clean'
 4 | require 'tempfile'
 5 | 
 6 | CLOBBER.include 'README.md', 'debian-packages.json'
 7 | 
 8 | task :default => ['README.md']
 9 | 
10 | desc 'update debian-packages.json'
11 | file 'debian-packages.json' do |t|
12 |   tag = ENV['TAG'] || 'minimum2scp/baseimage-bullseye:latest'
13 |   tmpfile = Tempfile.new('packages')
14 |   tmpfile.close
15 |   fields = %w[
16 |     Architecture Conflicts Breaks Depends Enhances Essential Installed-Size Origin Package
17 |     Pre-Depends Priority Provides Recommends Replace Section Status Suggests Version
18 |     binary:Package binary:Summary db:Status-Abbrev db:Status-Want db:Status-Status db:Status-Eflag
19 |     source:Package source:Version
20 |   ]
21 |   field_fmt = fields.map{|f| "${#{f}}"}.join("\\t") + "\\n"
22 |   sh %Q[docker run --rm #{tag} dpkg-query -f '#{field_fmt}' -W > #{tmpfile.path}], :verbose => false
23 |   packages = File.readlines(tmpfile.path).map(&:chomp).map{|row| Hash[fields.zip(row.split("\t"))]}
24 |   File.open(t.name, "w") do |fh|
25 |     fh << JSON.pretty_generate(packages)
26 |   end
27 | end
28 | 
29 | desc 'update README.md'
30 | file 'README.md' => ['README.md.erb', 'debian-packages.json'] do |t|
31 |   packages = JSON.parse(File.read('debian-packages.json'))
32 |   File.open(t.name, "w") do |fh|
33 |     fh << ERB.new(File.read('README.md.erb'), trim_mode: '-').result(binding)
34 |   end
35 | end
36 | 
37 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/etc/apt/sources.list:
--------------------------------------------------------------------------------
 1 | ##
 2 | ## bullseye
 3 | ##
 4 | 
 5 | deb     http://deb.debian.org/debian/ bullseye main contrib non-free
 6 | deb-src http://deb.debian.org/debian/ bullseye main contrib non-free
 7 | 
 8 | deb     http://security.debian.org/debian-security bullseye-security main contrib non-free
 9 | deb-src http://security.debian.org/debian-security bullseye-security main contrib non-free
10 | 
11 | deb     http://deb.debian.org/debian/ bullseye-backports main contrib non-free
12 | deb-src http://deb.debian.org/debian/ bullseye-backports main contrib non-free
13 | 
14 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/etc/locale.nopurge:
--------------------------------------------------------------------------------
 1 | ####################################################
 2 | # This is the configuration file for localepurge(8).
 3 | ####################################################
 4 | 
 5 | ####################################################
 6 | # Uncommenting this string enables the use of dpkg's
 7 | # --path-exclude feature.  In this mode, localepurge
 8 | # will configure dpkg to exclude the desired locales
 9 | # at unpack time.
10 | #
11 | # If enabled, the following 3 options will be
12 | # disabled:
13 | #
14 | #  QUICKNDIRTYCALC
15 | #  SHOWFREEDSPACE
16 | #  VERBOSE
17 | #
18 | # And the following option will be enabled and cannot
19 | # be disabled (unless USE_DPKG is disabled):
20 | #
21 | #  DONTBOTHERNEWLOCALE
22 | #
23 | 
24 | USE_DPKG
25 | ####################################################
26 | 
27 | ####################################################
28 | # Uncommenting this string enables removal of localized 
29 | # man pages based on the configuration information for
30 | # locale files defined below:
31 | 
32 | MANDELETE
33 | 
34 | ####################################################
35 | # Uncommenting this string causes localepurge to simply delete
36 | # locales which have newly appeared on the system without
37 | # bothering you about it:
38 | 
39 | DONTBOTHERNEWLOCALE
40 | 
41 | ####################################################
42 | # Uncommenting this string enables display of freed disk
43 | # space if localepurge has purged any superfluous data:
44 | 
45 | SHOWFREEDSPACE
46 | 
47 | #####################################################
48 | # Commenting out this string enables faster but less
49 | # accurate calculation of freed disk space:
50 | 
51 | #QUICKNDIRTYCALC
52 | 
53 | #####################################################
54 | # Commenting out this string disables verbose output:
55 | 
56 | #VERBOSE
57 | 
58 | #####################################################
59 | # Following locales won't be deleted from this system
60 | # after package installations done with apt-get(8):
61 | 
62 | en
63 | en_US
64 | en_US.UTF-8
65 | ja
66 | ja_JP.UTF-8
67 | 
68 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/opt/custom-installers/docker-ce-cli/install.sh:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | 
 6 | version="27.5.0"
 7 | 
 8 | cd /tmp
 9 | 
10 | ## download tarball
11 | curl -fsSLO https://download.docker.com/linux/static/stable/x86_64/docker-${version}.tgz || \
12 | curl -fsSLO https://download.docker.com/linux/static/edge/x86_64/docker-${version}.tgz
13 | 
14 | ## extract docker (cli) from tarball
15 | tar -x -f /tmp/docker-${version}.tgz --strip-components=1 docker/docker
16 | 
17 | ## install docker (cli)
18 | install -m 755 -o root -g root -p /tmp/docker /usr/local/bin/docker
19 | 
20 | ## cleanup
21 | rm -f /tmp/docker-${version}.tgz /tmp/docker
22 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/opt/custom-installers/nginx/etc/nginx/conf.d/misc.conf:
--------------------------------------------------------------------------------
 1 | # ignore_invalid_headers off;
 2 | # underscores_in_headers on;
 3 | 
 4 | ## reverse proxy configurations (add X-Forwarded-For, etc)
 5 | proxy_set_header Host               $http_host;
 6 | proxy_set_header X-Real-IP          $remote_addr;
 7 | proxy_set_header X-Forwarded-Proto  $scheme;
 8 | proxy_set_header X-Forwarded-Host   $http_host;
 9 | proxy_set_header X-Forwarded-Server $host;
10 | proxy_set_header X-Forwarded-For    $proxy_add_x_forwarded_for;
11 | proxy_redirect off;
12 | proxy_max_temp_file_size 0;
13 | 
14 | ## increase timeout
15 | # send_timeout            600;
16 | # proxy_connect_timeout   600;
17 | # proxy_send_timeout      600;
18 | # proxy_read_timeout      600;
19 | 
20 | ## access log with LTSV
21 | # log_format ltsv 'time:$time_iso8601\t'
22 | #                 'remote_addr:$remote_addr\t'
23 | #                 'request_method:$request_method\t'
24 | #                 'request_length:$request_length\t'
25 | #                 'request_uri:$request_uri\t'
26 | #                 'https:$https\t'
27 | #                 'uri:$uri\t'
28 | #                 'query_string:$query_string\t'
29 | #                 'status:$status\t'
30 | #                 'bytes_sent:$bytes_sent\t'
31 | #                 'body_bytes_sent:$body_bytes_sent\t'
32 | #                 'referer:$http_referer\t'
33 | #                 'useragent:$http_user_agent\t'
34 | #                 'host:$host\t'
35 | #                 'forwardedfor:$http_x_forwarded_for\t'
36 | #                 'request_time:$request_time\t'
37 | #                 'upstream_response_time:$upstream_response_time';
38 | # access_log /var/log/nginx/ltsv_access.log ltsv;
39 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/opt/custom-installers/nginx/install.sh:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | 
 6 | nginx_version="1.22.1-1~bullseye"
 7 | 
 8 | ## install gnupg
 9 | apt-get update
10 | apt-get install -y --no-install-recommends gnupg
11 | 
12 | ## install apt key
13 | curl -sSf http://nginx.org/keys/nginx_signing.key | \
14 |   gpg --no-default-keyring --keyring /usr/share/keyrings/nginx.gpg --import
15 | 
16 | ## add apt-line
17 | (
18 |   echo "deb     [signed-by=/usr/share/keyrings/nginx.gpg] http://nginx.org/packages/debian/ bullseye nginx"
19 |   echo "deb-src [signed-by=/usr/share/keyrings/nginx.gpg] http://nginx.org/packages/debian/ bullseye nginx"
20 |   echo "deb     [signed-by=/usr/share/keyrings/nginx.gpg] http://nginx.org/packages/mainline/debian/ bullseye nginx"
21 |   echo "deb-src [signed-by=/usr/share/keyrings/nginx.gpg] http://nginx.org/packages/mainline/debian/ bullseye nginx"
22 | ) | tee /etc/apt/sources.list.d/nginx.list
23 | 
24 | ## add apt-preferences
25 | cat <<EOS >/etc/apt/preferences.d/nginx
26 | Package: *
27 | Pin: release o=nginx, l=nginx
28 | Pin-Priority: 600
29 | EOS
30 | 
31 | ## etckeeper
32 | if etckeeper unclean 1>/dev/null 2>/dev/null; then
33 |   etckeeper commit "apt: added apt-line, apt-preferences for nginx"
34 | fi
35 | 
36 | ## install nginx
37 | apt-get update
38 | apt-get install -y --no-install-recommends nginx=${nginx_version}
39 | 
40 | ## configure nginx
41 | install -m 644 -o root -g root -p /opt/custom-installers/nginx/etc/nginx/conf.d/misc.conf /etc/nginx/conf.d/misc.conf
42 | if etckeeper unclean 1>/dev/null 2>/dev/null; then
43 |   etckeeper commit "nginx: add conf.d/misc.conf"
44 | fi
45 | 
46 | ## start nginx
47 | service nginx start
48 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/opt/custom-installers/supervisor/etc/supervisor/supervisord.conf:
--------------------------------------------------------------------------------
 1 | ; supervisor config file
 2 | 
 3 | [unix_http_server]
 4 | file=/var/run/supervisor.sock   ; (the path to the socket file)
 5 | chmod=0770                       ; sockef file mode (default 0700)
 6 | chown=root:adm
 7 | 
 8 | [inet_http_server]
 9 | port=0.0.0.0:9001
10 | 
11 | [supervisord]
12 | logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)
13 | pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
14 | childlogdir=/var/log/supervisor            ; ('AUTO' child log dir, default $TEMP)
15 | 
16 | ; the below section must remain in the config file for RPC
17 | ; (supervisorctl/web interface) to work, additional interfaces may be
18 | ; added by defining them in separate rpcinterface: sections
19 | [rpcinterface:supervisor]
20 | supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
21 | 
22 | [supervisorctl]
23 | serverurl=unix:///var/run/supervisor.sock ; use a unix:// URL  for a unix socket
24 | 
25 | ; The [include] section can just contain the "files" setting.  This
26 | ; setting can list multiple files (separated by whitespace or
27 | ; newlines).  It can also contain wildcards.  The filenames are
28 | ; interpreted as relative to this file.  Included files *cannot*
29 | ; include files themselves.
30 | 
31 | [include]
32 | files = /etc/supervisor/conf.d/*.conf
33 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/opt/custom-installers/supervisor/install.sh:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | 
 6 | ## install supervisor
 7 | apt-get install -y --no-install-recommends supervisor
 8 | 
 9 | ## configure supervisor
10 | install -m 644 -o root -g root -p /opt/custom-installers/supervisor/etc/supervisor/supervisord.conf /etc/supervisor/supervisord.conf
11 | if dpkg-query -s openssh-server 1>/dev/null 2>/dev/null; then
12 |   etckeeper commit "supervisor: set socket as root:adm 770, and enabled inet_http_server with 0.0.0.0:9001"
13 | fi
14 | 
15 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/opt/init-wrapper/post-init.d/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/minimum2scp/dockerfiles/df9401ab652f5098a53c05d4f19b9eff1d33c8d2/baseimage-bullseye/build/opt/init-wrapper/post-init.d/.gitkeep


--------------------------------------------------------------------------------
/baseimage-bullseye/build/opt/init-wrapper/pre-init.d/01-git-config:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ##
 4 | ## reset user.email for etckeeper
 5 | ##
 6 | if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
 7 |   git config --global user.email "root@$HOSTNAME" 1>/dev/null 2>/dev/null
 8 | fi
 9 | 
10 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/opt/init-wrapper/pre-init.d/01-set-lang-and-tz:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | 
 5 | ## environment variables
 6 | ##
 7 | ## - DEFAULT_LANG
 8 | ## - DEFAULT_TZ
 9 | 
10 | if [ -n "${DEFAULT_LANG}" ]; then
11 |   sed -i -e "s/LANG=C/LANG=${DEFAULT_LANG}/" /etc/default/locale
12 |   etckeeper commit "set default LANG to ${DEFAULT_LANG}" 1>/dev/null 2>/dev/null
13 | fi
14 | 
15 | if [ -n "${DEFAULT_TZ}" ]; then
16 |   echo "${DEFAULT_TZ}" > /etc/timezone
17 |   # workaround: see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813226
18 |   [ -L /etc/localtime ] && rm /etc/localtime
19 |   dpkg-reconfigure -f noninteractive tzdata 1>/dev/null 2>/dev/null
20 |   etckeeper commit "set timezone to ${DEFAULT_TZ}" 1>/dev/null 2>/dev/null
21 | fi
22 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/opt/init-wrapper/pre-init.d/02-reset-sshd-keys:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | export DEBIAN_FRONTEND=noninteractive
 4 | 
 5 | ##
 6 | ## regenerate ssh host keys
 7 | ##
 8 | if dpkg-query -s openssh-server 1>/dev/null 2>/dev/null; then
 9 |   rm /etc/ssh/ssh_host_*_key /etc/ssh/ssh_host_*_key.pub
10 |   dpkg-reconfigure openssh-server 1>/dev/null 2>/dev/null
11 |   if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
12 |     etckeeper commit "openssh-server: regenerate ssh host keys" 1>/dev/null 2>/dev/null
13 |   fi
14 | fi
15 | 
16 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/opt/init-wrapper/pre-init.d/03-adduser:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ## environment variables
 4 | ##
 5 | ##   - CUSTOM_GROUP            :  group name
 6 | ##   - CUSTOM_GROUP_GID        :  group id
 7 | ##   - CUSTOM_USER             :  user name
 8 | ##   - CUSTOM_USER_UID         :  user id
 9 | ##   - CUSTOM_USER_GECOS       :  gecos field for user
10 | ##   - CUSTOM_USER_SHELL       :  login shell for user
11 | ##
12 | 
13 | if [ -n "${CUSTOM_USER}" ]; then
14 |   ## create group
15 |   if [ -n "${CUSTOM_GROUP}" ]; then
16 |     group=${CUSTOM_GROUP}
17 |   else
18 |     group=${CUSTOM_USER}
19 |   fi
20 |   addgroup ${CUSTOM_GROUP_GID+--gid ${CUSTOM_GROUP_GID}} ${group} 1>/dev/null 2>/dev/null
21 |   etckeeper commit "addgroup ${group}" 1>/dev/null 2>/dev/null
22 | 
23 |   ## create user (without password, without sudo priv)
24 |   adduser \
25 |     --disabled-password \
26 |     --quiet \
27 |     --gecos "${CUSTOM_USER_GECOS}" \
28 |     --shell ${CUSTOM_USER_SHELL-/bin/bash} \
29 |     ${CUSTOM_USER_UID+--uid ${CUSTOM_USER_UID}} \
30 |     --ingroup ${group} \
31 |     ${CUSTOM_USER} 1>/dev/null 2>/dev/null
32 |   etckeeper commit "adduser ${CUSTOM_USER}" 1>/dev/null 2>/dev/null
33 | 
34 |   ## add sudo priv
35 |   adduser ${CUSTOM_USER} sudo 1>/dev/null 2>/dev/null
36 |   adduser ${CUSTOM_USER} adm 1>/dev/null 2>/dev/null
37 |   etckeeper commit "add ${CUSTOM_USER} into sudo, adm group" 1>/dev/null 2>/dev/null
38 | fi
39 | 
40 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/opt/init-wrapper/pre-init.d/06-remove-unnecessary-files:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ##
 4 | ## see contrib/mkimage/debootstrap
 5 | ##
 6 | 
 7 | dpkg-divert --remove /sbin/initctl 1>/dev/null 2>/dev/null
 8 | 
 9 | files=
10 | files="${files} /usr/sbin/policy-rc.d"
11 | files="${files} /sbin/initctl"
12 | 
13 | for f in $files; do
14 |   if [ -f $f ]; then
15 |     rm $f
16 |   fi
17 | done
18 | 
19 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/opt/init-wrapper/pre-init.d/07-docker-ce-cli:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ## environment variables
 4 | ##
 5 | ##   - INSTALL_DOCKER_CE_CLI   : "yes"
 6 | ##
 7 | 
 8 | set -e
 9 | post_init_script=/opt/init-wrapper/post-init.d/${0##*/}
10 | 
11 | clear_post_init (){
12 |   if [ -f ${post_init_script} ]; then
13 |     : > ${post_init_script}
14 |   fi
15 | }
16 | 
17 | write_post_init (){
18 |   cat <<EOS > ${post_init_script}
19 | #!/bin/sh
20 | set -e
21 | /opt/custom-installers/docker-ce-cli/install.sh
22 | EOS
23 | 
24 |   chmod +x ${post_init_script}
25 | }
26 | 
27 | if [ "${INSTALL_DOCKER_CE_CLI}" = yes ]; then
28 |   clear_post_init
29 |   write_post_init
30 | fi
31 | 
32 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/opt/init-wrapper/pre-init.d/07-nginx:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ## environment variables
 4 | ##
 5 | ##   - INSTALL_NGINX   : "yes"
 6 | ##
 7 | 
 8 | set -e
 9 | post_init_script=/opt/init-wrapper/post-init.d/${0##*/}
10 | 
11 | clear_post_init (){
12 |   if [ -f ${post_init_script} ]; then
13 |     : > ${post_init_script}
14 |   fi
15 | }
16 | 
17 | write_post_init (){
18 |   cat <<EOS > ${post_init_script}
19 | #!/bin/sh
20 | set -e
21 | /opt/custom-installers/nginx/install.sh
22 | EOS
23 | 
24 |   chmod +x ${post_init_script}
25 | }
26 | 
27 | if [ "${INSTALL_NGINX}" = yes ]; then
28 |   clear_post_init
29 |   write_post_init
30 | fi
31 | 
32 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/opt/init-wrapper/pre-init.d/10-save-env:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ##
 4 | ## save environment variables to /etc/profile.d/00docker-env.sh
 5 | ##
 6 | export -p > /etc/profile.d/00docker-env.sh
 7 | 
 8 | for v in \
 9 |   HOME \
10 |   HOSTNAME \
11 |   PATH \
12 |   PWD \
13 |   TERM \
14 |   DEFAULT_LANG \
15 |   DEFAULT_TZ \
16 |   USER_PASSWORD \
17 |   USER_SSH_KEY_URI \
18 |   ROOT_PASSWORD \
19 |   ROOT_SSH_KEY_URI \
20 |   CUSTOM_GROUP \
21 |   CUSTOM_GROUP_GID \
22 |   CUSTOM_USER \
23 |   CUSTOM_USER_UID \
24 |   CUSTOM_USER_GECOS \
25 |   CUSTOM_USER_SHELL \
26 |   CUSTOM_USER_PASSWORD \
27 |   CUSTOM_USER_SSH_KEY_URI \
28 |   APT_LINE \
29 |   APT_UPDATE \
30 |   APT_INSTALL_PACKAGES \
31 |   APT_INSTALL_RECOMMENDS \
32 |   APT_INSTALL_SUGGESTS \
33 |   APT_HTTP_PROXY \
34 |   INSTALL_DOCKER_CE_CLI \
35 |   INSTALL_NGINX
36 | do
37 |   sed -i -e "s/^export ${v}=/#export ${v}=/" /etc/profile.d/00docker-env.sh
38 | done
39 | 
40 | if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
41 |   etckeeper commit "add /etc/profile.d/00docker-env.sh" 1>/dev/null 2>/dev/null
42 | fi
43 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/opt/init-wrapper/pre-init.d/99-install-post-init:
--------------------------------------------------------------------------------
1 | #! /bin/sh
2 | 
3 | echo "run-parts --exit-on-error /opt/init-wrapper/post-init.d" >> /etc/rc.local
4 | if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
5 |   etckeeper commit "rc.local: run /opt/init-wrapper/post-init.d/*" 1>/dev/null 2>/dev/null
6 | fi
7 | 
8 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/opt/init-wrapper/sbin/entrypoint.sh:
--------------------------------------------------------------------------------
1 | #! /bin/sh
2 | 
3 | run-parts --exit-on-error /opt/init-wrapper/pre-init.d
4 | exec "$@"
5 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/scripts/00-apt-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | install -m 644 -o root -g root -p /tmp/build/baseimage-bullseye/etc/apt/sources.list /etc/apt/sources.list
 8 | 
 9 | apt-get update
10 | apt-get dist-upgrade -y --fix-missing --fix-broken
11 | 
12 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/scripts/02-init-wrapper:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## install custom init scripts
 9 | ##
10 | find /tmp/build/baseimage-bullseye/opt/init-wrapper/sbin \
11 |      /tmp/build/baseimage-bullseye/opt/init-wrapper/pre-init.d \
12 |      /tmp/build/baseimage-bullseye/opt/init-wrapper/post-init.d \
13 |      -maxdepth 1 -mindepth 1 -type f -a -executable \
14 | | while read f; do
15 |   install -m 755 -o root -g root -p -D ${f} ${f#/tmp/build/baseimage-bullseye}
16 | done
17 | 
18 | find /tmp/build/baseimage-bullseye/opt/init-wrapper/sbin \
19 |      /tmp/build/baseimage-bullseye/opt/init-wrapper/pre-init.d \
20 |      /tmp/build/baseimage-bullseye/opt/init-wrapper/post-init.d \
21 |      -maxdepth 1 -mindepth 1 -type f -a -not -executable \
22 | | while read f; do
23 |   install -m 644 -o root -g root -p -D ${f} ${f#/tmp/build/baseimage-bullseye}
24 | done
25 | 
26 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/scripts/03-custom-installers:
--------------------------------------------------------------------------------
1 | #! /bin/sh
2 | 
3 | set -e
4 | set -x
5 | export DEBIAN_FRONTEND=noninteractive
6 | 
7 | cp -a /tmp/build/baseimage-bullseye/opt/custom-installers /opt/custom-installers
8 | 
9 | 


--------------------------------------------------------------------------------
/baseimage-bullseye/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/baseimage-buster/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/debian-buster:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/baseimage-buster
 5 | RUN run-parts --report --exit-on-error /tmp/build/baseimage-buster/scripts && rm -rfv /tmp/build
 6 | EXPOSE 22
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/baseimage-buster/Rakefile:
--------------------------------------------------------------------------------
 1 | require 'erb'
 2 | require 'json'
 3 | require 'rake/clean'
 4 | require 'tempfile'
 5 | 
 6 | CLOBBER.include 'README.md', 'debian-packages.json'
 7 | 
 8 | task :default => ['README.md']
 9 | 
10 | desc 'update debian-packages.json'
11 | file 'debian-packages.json' do |t|
12 |   tag = ENV['TAG'] || 'minimum2scp/baseimage-buster:latest'
13 |   tmpfile = Tempfile.new('packages')
14 |   tmpfile.close
15 |   fields = %w[
16 |     Architecture Conflicts Breaks Depends Enhances Essential Installed-Size Origin Package
17 |     Pre-Depends Priority Provides Recommends Replace Section Status Suggests Version
18 |     binary:Package binary:Summary db:Status-Abbrev db:Status-Want db:Status-Status db:Status-Eflag
19 |     source:Package source:Version
20 |   ]
21 |   field_fmt = fields.map{|f| "${#{f}}"}.join("\\t") + "\\n"
22 |   sh %Q[docker run --rm #{tag} dpkg-query -f '#{field_fmt}' -W > #{tmpfile.path}], :verbose => false
23 |   packages = File.readlines(tmpfile.path).map(&:chomp).map{|row| Hash[fields.zip(row.split("\t"))]}
24 |   File.open(t.name, "w") do |fh|
25 |     fh << JSON.pretty_generate(packages)
26 |   end
27 | end
28 | 
29 | desc 'update README.md'
30 | file 'README.md' => ['README.md.erb', 'debian-packages.json'] do |t|
31 |   packages = JSON.parse(File.read('debian-packages.json'))
32 |   File.open(t.name, "w") do |fh|
33 |     fh << ERB.new(File.read('README.md.erb'), trim_mode: '-').result(binding)
34 |   end
35 | end
36 | 
37 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/etc/apt/sources.list:
--------------------------------------------------------------------------------
 1 | ##
 2 | ## stable
 3 | ##
 4 | 
 5 | deb     http://archive.debian.org/debian/ buster main contrib non-free
 6 | deb-src http://archive.debian.org/debian/ buster main contrib non-free
 7 | 
 8 | deb     http://security.debian.org/ buster/updates main contrib non-free
 9 | deb-src http://security.debian.org/ buster/updates main contrib non-free
10 | 
11 | deb     http://archive.debian.org/debian/ buster-updates main contrib non-free
12 | deb-src http://archive.debian.org/debian/ buster-updates main contrib non-free
13 | 
14 | deb     http://archive.debian.org/debian/ buster-backports main contrib non-free
15 | deb-src http://archive.debian.org/debian/ buster-backports main contrib non-free
16 | 
17 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/etc/locale.nopurge:
--------------------------------------------------------------------------------
 1 | ####################################################
 2 | # This is the configuration file for localepurge(8).
 3 | ####################################################
 4 | 
 5 | ####################################################
 6 | # Uncommenting this string enables the use of dpkg's
 7 | # --path-exclude feature.  In this mode, localepurge
 8 | # will configure dpkg to exclude the desired locales
 9 | # at unpack time.
10 | #
11 | # If enabled, the following 3 options will be
12 | # disabled:
13 | #
14 | #  QUICKNDIRTYCALC
15 | #  SHOWFREEDSPACE
16 | #  VERBOSE
17 | #
18 | # And the following option will be enabled and cannot
19 | # be disabled (unless USE_DPKG is disabled):
20 | #
21 | #  DONTBOTHERNEWLOCALE
22 | #
23 | 
24 | USE_DPKG
25 | ####################################################
26 | 
27 | ####################################################
28 | # Uncommenting this string enables removal of localized 
29 | # man pages based on the configuration information for
30 | # locale files defined below:
31 | 
32 | MANDELETE
33 | 
34 | ####################################################
35 | # Uncommenting this string causes localepurge to simply delete
36 | # locales which have newly appeared on the system without
37 | # bothering you about it:
38 | 
39 | DONTBOTHERNEWLOCALE
40 | 
41 | ####################################################
42 | # Uncommenting this string enables display of freed disk
43 | # space if localepurge has purged any superfluous data:
44 | 
45 | SHOWFREEDSPACE
46 | 
47 | #####################################################
48 | # Commenting out this string enables faster but less
49 | # accurate calculation of freed disk space:
50 | 
51 | #QUICKNDIRTYCALC
52 | 
53 | #####################################################
54 | # Commenting out this string disables verbose output:
55 | 
56 | #VERBOSE
57 | 
58 | #####################################################
59 | # Following locales won't be deleted from this system
60 | # after package installations done with apt-get(8):
61 | 
62 | en
63 | en_US
64 | en_US.UTF-8
65 | ja
66 | ja_JP.UTF-8
67 | 
68 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/opt/custom-installers/docker-ce-cli/install.sh:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | 
 6 | version="27.5.0"
 7 | 
 8 | cd /tmp
 9 | 
10 | ## download tarball
11 | curl -fsSLO https://download.docker.com/linux/static/stable/x86_64/docker-${version}.tgz || \
12 | curl -fsSLO https://download.docker.com/linux/static/edge/x86_64/docker-${version}.tgz
13 | 
14 | ## extract docker (cli) from tarball
15 | tar -x -f /tmp/docker-${version}.tgz --strip-components=1 docker/docker
16 | 
17 | ## install docker (cli)
18 | install -m 755 -o root -g root -p /tmp/docker /usr/local/bin/docker
19 | 
20 | ## cleanup
21 | rm -f /tmp/docker-${version}.tgz /tmp/docker
22 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/opt/custom-installers/nginx/etc/nginx/conf.d/misc.conf:
--------------------------------------------------------------------------------
 1 | # ignore_invalid_headers off;
 2 | # underscores_in_headers on;
 3 | 
 4 | ## reverse proxy configurations (add X-Forwarded-For, etc)
 5 | proxy_set_header Host               $http_host;
 6 | proxy_set_header X-Real-IP          $remote_addr;
 7 | proxy_set_header X-Forwarded-Proto  $scheme;
 8 | proxy_set_header X-Forwarded-Host   $http_host;
 9 | proxy_set_header X-Forwarded-Server $host;
10 | proxy_set_header X-Forwarded-For    $proxy_add_x_forwarded_for;
11 | proxy_redirect off;
12 | proxy_max_temp_file_size 0;
13 | 
14 | ## increase timeout
15 | # send_timeout            600;
16 | # proxy_connect_timeout   600;
17 | # proxy_send_timeout      600;
18 | # proxy_read_timeout      600;
19 | 
20 | ## access log with LTSV
21 | # log_format ltsv 'time:$time_iso8601\t'
22 | #                 'remote_addr:$remote_addr\t'
23 | #                 'request_method:$request_method\t'
24 | #                 'request_length:$request_length\t'
25 | #                 'request_uri:$request_uri\t'
26 | #                 'https:$https\t'
27 | #                 'uri:$uri\t'
28 | #                 'query_string:$query_string\t'
29 | #                 'status:$status\t'
30 | #                 'bytes_sent:$bytes_sent\t'
31 | #                 'body_bytes_sent:$body_bytes_sent\t'
32 | #                 'referer:$http_referer\t'
33 | #                 'useragent:$http_user_agent\t'
34 | #                 'host:$host\t'
35 | #                 'forwardedfor:$http_x_forwarded_for\t'
36 | #                 'request_time:$request_time\t'
37 | #                 'upstream_response_time:$upstream_response_time';
38 | # access_log /var/log/nginx/ltsv_access.log ltsv;
39 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/opt/custom-installers/nginx/install.sh:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | 
 6 | nginx_version="1.22.0-1~buster"
 7 | 
 8 | ## install gnupg
 9 | apt-get update
10 | apt-get install -y --no-install-recommends gnupg
11 | 
12 | ## install apt key
13 | curl -sSf http://nginx.org/keys/nginx_signing.key | \
14 |   gpg --no-default-keyring --keyring /usr/share/keyrings/nginx.gpg --import
15 | 
16 | ## add apt-line
17 | (
18 |   echo "deb     [signed-by=/usr/share/keyrings/nginx.gpg] http://nginx.org/packages/debian/ buster nginx"
19 |   echo "deb-src [signed-by=/usr/share/keyrings/nginx.gpg] http://nginx.org/packages/debian/ buster nginx"
20 |   echo "deb     [signed-by=/usr/share/keyrings/nginx.gpg] http://nginx.org/packages/mainline/debian/ buster nginx"
21 |   echo "deb-src [signed-by=/usr/share/keyrings/nginx.gpg] http://nginx.org/packages/mainline/debian/ buster nginx"
22 | ) | tee /etc/apt/sources.list.d/nginx.list
23 | 
24 | ## add apt-preferences
25 | cat <<EOS >/etc/apt/preferences.d/nginx
26 | Package: *
27 | Pin: release o=nginx, l=nginx
28 | Pin-Priority: 600
29 | EOS
30 | 
31 | ## etckeeper
32 | if etckeeper unclean 1>/dev/null 2>/dev/null; then
33 |   etckeeper commit "apt: added apt-line, apt-preferences for nginx"
34 | fi
35 | 
36 | ## install nginx
37 | apt-get update
38 | apt-get install -y --no-install-recommends nginx=${nginx_version}
39 | 
40 | ## configure nginx
41 | install -m 644 -o root -g root -p /opt/custom-installers/nginx/etc/nginx/conf.d/misc.conf /etc/nginx/conf.d/misc.conf
42 | if etckeeper unclean 1>/dev/null 2>/dev/null; then
43 |   etckeeper commit "nginx: add conf.d/misc.conf"
44 | fi
45 | 
46 | ## start nginx
47 | service nginx start
48 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/opt/custom-installers/supervisor/etc/supervisor/supervisord.conf:
--------------------------------------------------------------------------------
 1 | ; supervisor config file
 2 | 
 3 | [unix_http_server]
 4 | file=/var/run/supervisor.sock   ; (the path to the socket file)
 5 | chmod=0770                       ; sockef file mode (default 0700)
 6 | chown=root:adm
 7 | 
 8 | [inet_http_server]
 9 | port=0.0.0.0:9001
10 | 
11 | [supervisord]
12 | logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)
13 | pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
14 | childlogdir=/var/log/supervisor            ; ('AUTO' child log dir, default $TEMP)
15 | 
16 | ; the below section must remain in the config file for RPC
17 | ; (supervisorctl/web interface) to work, additional interfaces may be
18 | ; added by defining them in separate rpcinterface: sections
19 | [rpcinterface:supervisor]
20 | supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
21 | 
22 | [supervisorctl]
23 | serverurl=unix:///var/run/supervisor.sock ; use a unix:// URL  for a unix socket
24 | 
25 | ; The [include] section can just contain the "files" setting.  This
26 | ; setting can list multiple files (separated by whitespace or
27 | ; newlines).  It can also contain wildcards.  The filenames are
28 | ; interpreted as relative to this file.  Included files *cannot*
29 | ; include files themselves.
30 | 
31 | [include]
32 | files = /etc/supervisor/conf.d/*.conf
33 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/opt/custom-installers/supervisor/install.sh:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | 
 6 | ## install supervisor
 7 | apt-get install -y --no-install-recommends supervisor
 8 | 
 9 | ## configure supervisor
10 | install -m 644 -o root -g root -p /opt/custom-installers/supervisor/etc/supervisor/supervisord.conf /etc/supervisor/supervisord.conf
11 | if dpkg-query -s openssh-server 1>/dev/null 2>/dev/null; then
12 |   etckeeper commit "supervisor: set socket as root:adm 770, and enabled inet_http_server with 0.0.0.0:9001"
13 | fi
14 | 
15 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/opt/init-wrapper/post-init.d/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/minimum2scp/dockerfiles/df9401ab652f5098a53c05d4f19b9eff1d33c8d2/baseimage-buster/build/opt/init-wrapper/post-init.d/.gitkeep


--------------------------------------------------------------------------------
/baseimage-buster/build/opt/init-wrapper/pre-init.d/01-git-config:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ##
 4 | ## reset user.email for etckeeper
 5 | ##
 6 | if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
 7 |   git config --global user.email "root@$HOSTNAME" 1>/dev/null 2>/dev/null
 8 | fi
 9 | 
10 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/opt/init-wrapper/pre-init.d/01-set-lang-and-tz:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | 
 5 | ## environment variables
 6 | ##
 7 | ## - DEFAULT_LANG
 8 | ## - DEFAULT_TZ
 9 | 
10 | if [ -n "${DEFAULT_LANG}" ]; then
11 |   sed -i -e "s/LANG=C/LANG=${DEFAULT_LANG}/" /etc/default/locale
12 |   etckeeper commit "set default LANG to ${DEFAULT_LANG}" 1>/dev/null 2>/dev/null
13 | fi
14 | 
15 | if [ -n "${DEFAULT_TZ}" ]; then
16 |   echo "${DEFAULT_TZ}" > /etc/timezone
17 |   # workaround: see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813226
18 |   [ -L /etc/localtime ] && rm /etc/localtime
19 |   dpkg-reconfigure -f noninteractive tzdata 1>/dev/null 2>/dev/null
20 |   etckeeper commit "set timezone to ${DEFAULT_TZ}" 1>/dev/null 2>/dev/null
21 | fi
22 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/opt/init-wrapper/pre-init.d/02-reset-sshd-keys:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | export DEBIAN_FRONTEND=noninteractive
 4 | 
 5 | ##
 6 | ## regenerate ssh host keys
 7 | ##
 8 | if dpkg-query -s openssh-server 1>/dev/null 2>/dev/null; then
 9 |   rm /etc/ssh/ssh_host_*_key /etc/ssh/ssh_host_*_key.pub
10 |   dpkg-reconfigure openssh-server 1>/dev/null 2>/dev/null
11 |   if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
12 |     etckeeper commit "openssh-server: regenerate ssh host keys" 1>/dev/null 2>/dev/null
13 |   fi
14 | fi
15 | 
16 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/opt/init-wrapper/pre-init.d/03-adduser:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ## environment variables
 4 | ##
 5 | ##   - CUSTOM_GROUP            :  group name
 6 | ##   - CUSTOM_GROUP_GID        :  group id
 7 | ##   - CUSTOM_USER             :  user name
 8 | ##   - CUSTOM_USER_UID         :  user id
 9 | ##   - CUSTOM_USER_GECOS       :  gecos field for user
10 | ##   - CUSTOM_USER_SHELL       :  login shell for user
11 | ##
12 | 
13 | if [ -n "${CUSTOM_USER}" ]; then
14 |   ## create group
15 |   if [ -n "${CUSTOM_GROUP}" ]; then
16 |     group=${CUSTOM_GROUP}
17 |   else
18 |     group=${CUSTOM_USER}
19 |   fi
20 |   addgroup ${CUSTOM_GROUP_GID+--gid ${CUSTOM_GROUP_GID}} ${group} 1>/dev/null 2>/dev/null
21 |   etckeeper commit "addgroup ${group}" 1>/dev/null 2>/dev/null
22 | 
23 |   ## create user (without password, without sudo priv)
24 |   adduser \
25 |     --disabled-password \
26 |     --quiet \
27 |     --gecos "${CUSTOM_USER_GECOS}" \
28 |     --shell ${CUSTOM_USER_SHELL-/bin/bash} \
29 |     ${CUSTOM_USER_UID+--uid ${CUSTOM_USER_UID}} \
30 |     --ingroup ${group} \
31 |     ${CUSTOM_USER} 1>/dev/null 2>/dev/null
32 |   etckeeper commit "adduser ${CUSTOM_USER}" 1>/dev/null 2>/dev/null
33 | 
34 |   ## add sudo priv
35 |   adduser ${CUSTOM_USER} sudo 1>/dev/null 2>/dev/null
36 |   adduser ${CUSTOM_USER} adm 1>/dev/null 2>/dev/null
37 |   etckeeper commit "add ${CUSTOM_USER} into sudo, adm group" 1>/dev/null 2>/dev/null
38 | fi
39 | 
40 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/opt/init-wrapper/pre-init.d/06-remove-unnecessary-files:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ##
 4 | ## see contrib/mkimage/debootstrap
 5 | ##
 6 | 
 7 | dpkg-divert --remove /sbin/initctl 1>/dev/null 2>/dev/null
 8 | 
 9 | files=
10 | files="${files} /usr/sbin/policy-rc.d"
11 | files="${files} /sbin/initctl"
12 | 
13 | for f in $files; do
14 |   if [ -f $f ]; then
15 |     rm $f
16 |   fi
17 | done
18 | 
19 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/opt/init-wrapper/pre-init.d/07-docker-ce-cli:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ## environment variables
 4 | ##
 5 | ##   - INSTALL_DOCKER_CE_CLI   : "yes"
 6 | ##
 7 | 
 8 | set -e
 9 | post_init_script=/opt/init-wrapper/post-init.d/${0##*/}
10 | 
11 | clear_post_init (){
12 |   if [ -f ${post_init_script} ]; then
13 |     : > ${post_init_script}
14 |   fi
15 | }
16 | 
17 | write_post_init (){
18 |   cat <<EOS > ${post_init_script}
19 | #!/bin/sh
20 | set -e
21 | /opt/custom-installers/docker-ce-cli/install.sh
22 | EOS
23 | 
24 |   chmod +x ${post_init_script}
25 | }
26 | 
27 | if [ "${INSTALL_DOCKER_CE_CLI}" = yes ]; then
28 |   clear_post_init
29 |   write_post_init
30 | fi
31 | 
32 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/opt/init-wrapper/pre-init.d/07-nginx:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ## environment variables
 4 | ##
 5 | ##   - INSTALL_NGINX   : "yes"
 6 | ##
 7 | 
 8 | set -e
 9 | post_init_script=/opt/init-wrapper/post-init.d/${0##*/}
10 | 
11 | clear_post_init (){
12 |   if [ -f ${post_init_script} ]; then
13 |     : > ${post_init_script}
14 |   fi
15 | }
16 | 
17 | write_post_init (){
18 |   cat <<EOS > ${post_init_script}
19 | #!/bin/sh
20 | set -e
21 | /opt/custom-installers/nginx/install.sh
22 | EOS
23 | 
24 |   chmod +x ${post_init_script}
25 | }
26 | 
27 | if [ "${INSTALL_NGINX}" = yes ]; then
28 |   clear_post_init
29 |   write_post_init
30 | fi
31 | 
32 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/opt/init-wrapper/pre-init.d/10-save-env:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ##
 4 | ## save environment variables to /etc/profile.d/00docker-env.sh
 5 | ##
 6 | export -p > /etc/profile.d/00docker-env.sh
 7 | 
 8 | for v in \
 9 |   HOME \
10 |   HOSTNAME \
11 |   PATH \
12 |   PWD \
13 |   TERM \
14 |   DEFAULT_LANG \
15 |   DEFAULT_TZ \
16 |   USER_PASSWORD \
17 |   USER_SSH_KEY_URI \
18 |   ROOT_PASSWORD \
19 |   ROOT_SSH_KEY_URI \
20 |   CUSTOM_GROUP \
21 |   CUSTOM_GROUP_GID \
22 |   CUSTOM_USER \
23 |   CUSTOM_USER_UID \
24 |   CUSTOM_USER_GECOS \
25 |   CUSTOM_USER_SHELL \
26 |   CUSTOM_USER_PASSWORD \
27 |   CUSTOM_USER_SSH_KEY_URI \
28 |   APT_LINE \
29 |   APT_UPDATE \
30 |   APT_INSTALL_PACKAGES \
31 |   APT_INSTALL_RECOMMENDS \
32 |   APT_INSTALL_SUGGESTS \
33 |   APT_HTTP_PROXY \
34 |   INSTALL_DOCKER_CE_CLI \
35 |   INSTALL_NGINX
36 | do
37 |   sed -i -e "s/^export ${v}=/#export ${v}=/" /etc/profile.d/00docker-env.sh
38 | done
39 | 
40 | if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
41 |   etckeeper commit "add /etc/profile.d/00docker-env.sh" 1>/dev/null 2>/dev/null
42 | fi
43 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/opt/init-wrapper/pre-init.d/99-install-post-init:
--------------------------------------------------------------------------------
1 | #! /bin/sh
2 | 
3 | sed -i -e "s@^exit 0@run-parts --exit-on-error /opt/init-wrapper/post-init.d@" /etc/rc.local
4 | if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
5 |   etckeeper commit "rc.local: run /opt/init-wrapper/post-init.d/*" 1>/dev/null 2>/dev/null
6 | fi
7 | 
8 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/opt/init-wrapper/sbin/entrypoint.sh:
--------------------------------------------------------------------------------
1 | #! /bin/sh
2 | 
3 | run-parts --exit-on-error /opt/init-wrapper/pre-init.d
4 | exec "$@"
5 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/scripts/00-apt-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | install -m 644 -o root -g root -p /tmp/build/baseimage-buster/etc/apt/sources.list /etc/apt/sources.list
 8 | 
 9 | apt-get update
10 | apt-get dist-upgrade -y --fix-missing --fix-broken
11 | 
12 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/scripts/02-init-wrapper:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## install custom init scripts
 9 | ##
10 | find /tmp/build/baseimage-buster/opt/init-wrapper/sbin \
11 |      /tmp/build/baseimage-buster/opt/init-wrapper/pre-init.d \
12 |      /tmp/build/baseimage-buster/opt/init-wrapper/post-init.d \
13 |      -maxdepth 1 -mindepth 1 -type f -a -executable \
14 | | while read f; do
15 |   install -m 755 -o root -g root -p -D ${f} ${f#/tmp/build/baseimage-buster}
16 | done
17 | 
18 | find /tmp/build/baseimage-buster/opt/init-wrapper/sbin \
19 |      /tmp/build/baseimage-buster/opt/init-wrapper/pre-init.d \
20 |      /tmp/build/baseimage-buster/opt/init-wrapper/post-init.d \
21 |      -maxdepth 1 -mindepth 1 -type f -a -not -executable \
22 | | while read f; do
23 |   install -m 644 -o root -g root -p -D ${f} ${f#/tmp/build/baseimage-buster}
24 | done
25 | 
26 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/scripts/03-custom-installers:
--------------------------------------------------------------------------------
1 | #! /bin/sh
2 | 
3 | set -e
4 | set -x
5 | export DEBIAN_FRONTEND=noninteractive
6 | 
7 | cp -a /tmp/build/baseimage-buster/opt/custom-installers /opt/custom-installers
8 | 
9 | 


--------------------------------------------------------------------------------
/baseimage-buster/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/baseimage-stretch/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/debian-stretch:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/baseimage-stretch
 5 | RUN run-parts --report --exit-on-error /tmp/build/baseimage-stretch/scripts && rm -rfv /tmp/build
 6 | EXPOSE 22
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/baseimage-stretch/Rakefile:
--------------------------------------------------------------------------------
 1 | require 'erb'
 2 | require 'json'
 3 | require 'rake/clean'
 4 | require 'tempfile'
 5 | 
 6 | CLOBBER.include 'README.md', 'debian-packages.json'
 7 | 
 8 | task :default => ['README.md']
 9 | 
10 | desc 'update debian-packages.json'
11 | file 'debian-packages.json' do |t|
12 |   tag = ENV['TAG'] || 'minimum2scp/baseimage-stretch:latest'
13 |   tmpfile = Tempfile.new('packages')
14 |   tmpfile.close
15 |   fields = %w[
16 |     Architecture Conflicts Breaks Depends Enhances Essential Installed-Size Origin Package
17 |     Pre-Depends Priority Provides Recommends Replace Section Status Suggests Version
18 |     binary:Package binary:Summary db:Status-Abbrev db:Status-Want db:Status-Status db:Status-Eflag
19 |     source:Package source:Version
20 |   ]
21 |   field_fmt = fields.map{|f| "${#{f}}"}.join("\\t") + "\\n"
22 |   sh %Q[docker run --rm #{tag} dpkg-query -f '#{field_fmt}' -W > #{tmpfile.path}], :verbose => false
23 |   packages = File.readlines(tmpfile.path).map(&:chomp).map{|row| Hash[fields.zip(row.split("\t"))]}
24 |   File.open(t.name, "w") do |fh|
25 |     fh << JSON.pretty_generate(packages)
26 |   end
27 | end
28 | 
29 | desc 'update README.md'
30 | file 'README.md' => ['README.md.erb', 'debian-packages.json'] do |t|
31 |   packages = JSON.parse(File.read('debian-packages.json'))
32 |   File.open(t.name, "w") do |fh|
33 |     fh << ERB.new(File.read('README.md.erb'), trim_mode: '-').result(binding)
34 |   end
35 | end
36 | 
37 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/etc/apt/sources.list:
--------------------------------------------------------------------------------
 1 | ##
 2 | ## stable
 3 | ##
 4 | 
 5 | deb     http://archive.debian.org/debian/ stretch main contrib non-free
 6 | deb-src http://archive.debian.org/debian/ stretch main contrib non-free
 7 | 
 8 | deb     http://archive.debian.org/debian-security/ stretch/updates main contrib non-free
 9 | deb-src http://archive.debian.org/debian-security/ stretch/updates main contrib non-free
10 | 
11 | #deb     http://archive.debian.org/debian/ stretch-updates main contrib non-free
12 | #deb-src http://archive.debian.org/debian/ stretch-updates main contrib non-free
13 | 
14 | deb     http://archive.debian.org/debian/ stretch-proposed-updates main contrib non-free
15 | deb-src http://archive.debian.org/debian/ stretch-proposed-updates main contrib non-free
16 | 
17 | deb     http://archive.debian.org/debian/ stretch-backports main contrib non-free
18 | deb-src http://archive.debian.org/debian/ stretch-backports main contrib non-free
19 | 
20 | 
21 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/etc/locale.nopurge:
--------------------------------------------------------------------------------
 1 | ####################################################
 2 | # This is the configuration file for localepurge(8).
 3 | ####################################################
 4 | 
 5 | ####################################################
 6 | # Uncommenting this string enables the use of dpkg's
 7 | # --path-exclude feature.  In this mode, localepurge
 8 | # will configure dpkg to exclude the desired locales
 9 | # at unpack time.
10 | #
11 | # If enabled, the following 3 options will be
12 | # disabled:
13 | #
14 | #  QUICKNDIRTYCALC
15 | #  SHOWFREEDSPACE
16 | #  VERBOSE
17 | #
18 | # And the following option will be enabled and cannot
19 | # be disabled (unless USE_DPKG is disabled):
20 | #
21 | #  DONTBOTHERNEWLOCALE
22 | #
23 | 
24 | USE_DPKG
25 | ####################################################
26 | 
27 | ####################################################
28 | # Uncommenting this string enables removal of localized 
29 | # man pages based on the configuration information for
30 | # locale files defined below:
31 | 
32 | MANDELETE
33 | 
34 | ####################################################
35 | # Uncommenting this string causes localepurge to simply delete
36 | # locales which have newly appeared on the system without
37 | # bothering you about it:
38 | 
39 | DONTBOTHERNEWLOCALE
40 | 
41 | ####################################################
42 | # Uncommenting this string enables display of freed disk
43 | # space if localepurge has purged any superfluous data:
44 | 
45 | SHOWFREEDSPACE
46 | 
47 | #####################################################
48 | # Commenting out this string enables faster but less
49 | # accurate calculation of freed disk space:
50 | 
51 | #QUICKNDIRTYCALC
52 | 
53 | #####################################################
54 | # Commenting out this string disables verbose output:
55 | 
56 | #VERBOSE
57 | 
58 | #####################################################
59 | # Following locales won't be deleted from this system
60 | # after package installations done with apt-get(8):
61 | 
62 | en
63 | en_US
64 | en_US.UTF-8
65 | ja
66 | ja_JP.UTF-8
67 | 
68 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/opt/custom-installers/docker-ce-cli/install.sh:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | 
 6 | version="27.5.0"
 7 | 
 8 | cd /tmp
 9 | 
10 | ## download tarball
11 | curl -fsSLO https://download.docker.com/linux/static/stable/x86_64/docker-${version}.tgz || \
12 | curl -fsSLO https://download.docker.com/linux/static/edge/x86_64/docker-${version}.tgz
13 | 
14 | ## extract docker (cli) from tarball
15 | tar -x -f /tmp/docker-${version}.tgz --strip-components=1 docker/docker
16 | 
17 | ## install docker (cli)
18 | install -m 755 -o root -g root -p /tmp/docker /usr/local/bin/docker
19 | 
20 | ## cleanup
21 | rm -f /tmp/docker-${version}.tgz /tmp/docker
22 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/opt/custom-installers/nginx/etc/nginx/conf.d/misc.conf:
--------------------------------------------------------------------------------
 1 | # ignore_invalid_headers off;
 2 | # underscores_in_headers on;
 3 | 
 4 | ## reverse proxy configurations (add X-Forwarded-For, etc)
 5 | proxy_set_header Host               $http_host;
 6 | proxy_set_header X-Real-IP          $remote_addr;
 7 | proxy_set_header X-Forwarded-Proto  $scheme;
 8 | proxy_set_header X-Forwarded-Host   $http_host;
 9 | proxy_set_header X-Forwarded-Server $host;
10 | proxy_set_header X-Forwarded-For    $proxy_add_x_forwarded_for;
11 | proxy_redirect off;
12 | proxy_max_temp_file_size 0;
13 | 
14 | ## increase timeout
15 | # send_timeout            600;
16 | # proxy_connect_timeout   600;
17 | # proxy_send_timeout      600;
18 | # proxy_read_timeout      600;
19 | 
20 | ## access log with LTSV
21 | # log_format ltsv 'time:$time_iso8601\t'
22 | #                 'remote_addr:$remote_addr\t'
23 | #                 'request_method:$request_method\t'
24 | #                 'request_length:$request_length\t'
25 | #                 'request_uri:$request_uri\t'
26 | #                 'https:$https\t'
27 | #                 'uri:$uri\t'
28 | #                 'query_string:$query_string\t'
29 | #                 'status:$status\t'
30 | #                 'bytes_sent:$bytes_sent\t'
31 | #                 'body_bytes_sent:$body_bytes_sent\t'
32 | #                 'referer:$http_referer\t'
33 | #                 'useragent:$http_user_agent\t'
34 | #                 'host:$host\t'
35 | #                 'forwardedfor:$http_x_forwarded_for\t'
36 | #                 'request_time:$request_time\t'
37 | #                 'upstream_response_time:$upstream_response_time';
38 | # access_log /var/log/nginx/ltsv_access.log ltsv;
39 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/opt/custom-installers/nginx/install.sh:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | 
 6 | nginx_version="1.19.6-1~stretch"
 7 | 
 8 | ## install gnupg
 9 | apt-get update
10 | apt-get install -y --no-install-recommends gnupg
11 | 
12 | ## install apt key
13 | curl -sSf http://nginx.org/keys/nginx_signing.key | \
14 |   gpg --no-default-keyring --keyring /usr/share/keyrings/nginx.gpg --import
15 | 
16 | ## add apt-line
17 | (
18 |   echo "deb     [signed-by=/usr/share/keyrings/nginx.gpg] http://nginx.org/packages/debian/ stretch nginx"
19 |   echo "deb-src [signed-by=/usr/share/keyrings/nginx.gpg] http://nginx.org/packages/debian/ stretch nginx"
20 |   echo "deb     [signed-by=/usr/share/keyrings/nginx.gpg] http://nginx.org/packages/mainline/debian/ stretch nginx"
21 |   echo "deb-src [signed-by=/usr/share/keyrings/nginx.gpg] http://nginx.org/packages/mainline/debian/ stretch nginx"
22 | ) | tee /etc/apt/sources.list.d/nginx.list
23 | 
24 | ## add apt-preferences
25 | cat <<EOS >/etc/apt/preferences.d/nginx
26 | Package: *
27 | Pin: release o=nginx, l=nginx
28 | Pin-Priority: 600
29 | EOS
30 | 
31 | ## etckeeper
32 | if etckeeper unclean 1>/dev/null 2>/dev/null; then
33 |   etckeeper commit "apt: added apt-line, apt-preferences for nginx"
34 | fi
35 | 
36 | ## install nginx
37 | apt-get update
38 | apt-get install -y --no-install-recommends nginx=${nginx_version}
39 | 
40 | ## configure nginx
41 | install -m 644 -o root -g root -p /opt/custom-installers/nginx/etc/nginx/conf.d/misc.conf /etc/nginx/conf.d/misc.conf
42 | if etckeeper unclean 1>/dev/null 2>/dev/null; then
43 |   etckeeper commit "nginx: add conf.d/misc.conf"
44 | fi
45 | 
46 | ## start nginx
47 | service nginx start
48 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/opt/custom-installers/supervisor/etc/supervisor/supervisord.conf:
--------------------------------------------------------------------------------
 1 | ; supervisor config file
 2 | 
 3 | [unix_http_server]
 4 | file=/var/run/supervisor.sock   ; (the path to the socket file)
 5 | chmod=0770                       ; sockef file mode (default 0700)
 6 | chown=root:adm
 7 | 
 8 | [inet_http_server]
 9 | port=0.0.0.0:9001
10 | 
11 | [supervisord]
12 | logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)
13 | pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
14 | childlogdir=/var/log/supervisor            ; ('AUTO' child log dir, default $TEMP)
15 | 
16 | ; the below section must remain in the config file for RPC
17 | ; (supervisorctl/web interface) to work, additional interfaces may be
18 | ; added by defining them in separate rpcinterface: sections
19 | [rpcinterface:supervisor]
20 | supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
21 | 
22 | [supervisorctl]
23 | serverurl=unix:///var/run/supervisor.sock ; use a unix:// URL  for a unix socket
24 | 
25 | ; The [include] section can just contain the "files" setting.  This
26 | ; setting can list multiple files (separated by whitespace or
27 | ; newlines).  It can also contain wildcards.  The filenames are
28 | ; interpreted as relative to this file.  Included files *cannot*
29 | ; include files themselves.
30 | 
31 | [include]
32 | files = /etc/supervisor/conf.d/*.conf
33 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/opt/custom-installers/supervisor/install.sh:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | 
 6 | ## install supervisor
 7 | apt-get install -y --no-install-recommends supervisor
 8 | 
 9 | ## configure supervisor
10 | install -m 644 -o root -g root -p /opt/custom-installers/supervisor/etc/supervisor/supervisord.conf /etc/supervisor/supervisord.conf
11 | if dpkg-query -s openssh-server 1>/dev/null 2>/dev/null; then
12 |   etckeeper commit "supervisor: set socket as root:adm 770, and enabled inet_http_server with 0.0.0.0:9001"
13 | fi
14 | 
15 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/opt/init-wrapper/post-init.d/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/minimum2scp/dockerfiles/df9401ab652f5098a53c05d4f19b9eff1d33c8d2/baseimage-stretch/build/opt/init-wrapper/post-init.d/.gitkeep


--------------------------------------------------------------------------------
/baseimage-stretch/build/opt/init-wrapper/pre-init.d/01-git-config:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ##
 4 | ## reset user.email for etckeeper
 5 | ##
 6 | if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
 7 |   git config --global user.email "root@$HOSTNAME" 1>/dev/null 2>/dev/null
 8 | fi
 9 | 
10 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/opt/init-wrapper/pre-init.d/01-set-lang-and-tz:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | 
 5 | ## environment variables
 6 | ##
 7 | ## - DEFAULT_LANG
 8 | ## - DEFAULT_TZ
 9 | 
10 | if [ -n "${DEFAULT_LANG}" ]; then
11 |   sed -i -e "s/LANG=C/LANG=${DEFAULT_LANG}/" /etc/default/locale
12 |   etckeeper commit "set default LANG to ${DEFAULT_LANG}" 1>/dev/null 2>/dev/null
13 | fi
14 | 
15 | if [ -n "${DEFAULT_TZ}" ]; then
16 |   echo "${DEFAULT_TZ}" > /etc/timezone
17 |   # workaround: see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813226
18 |   [ -L /etc/localtime ] && rm /etc/localtime
19 |   dpkg-reconfigure -f noninteractive tzdata 1>/dev/null 2>/dev/null
20 |   etckeeper commit "set timezone to ${DEFAULT_TZ}" 1>/dev/null 2>/dev/null
21 | fi
22 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/opt/init-wrapper/pre-init.d/02-reset-sshd-keys:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | export DEBIAN_FRONTEND=noninteractive
 4 | 
 5 | ##
 6 | ## regenerate ssh host keys
 7 | ##
 8 | if dpkg-query -s openssh-server 1>/dev/null 2>/dev/null; then
 9 |   rm /etc/ssh/ssh_host_*_key /etc/ssh/ssh_host_*_key.pub
10 |   dpkg-reconfigure openssh-server 1>/dev/null 2>/dev/null
11 |   if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
12 |     etckeeper commit "openssh-server: regenerate ssh host keys" 1>/dev/null 2>/dev/null
13 |   fi
14 | fi
15 | 
16 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/opt/init-wrapper/pre-init.d/03-adduser:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ## environment variables
 4 | ##
 5 | ##   - CUSTOM_GROUP            :  group name
 6 | ##   - CUSTOM_GROUP_GID        :  group id
 7 | ##   - CUSTOM_USER             :  user name
 8 | ##   - CUSTOM_USER_UID         :  user id
 9 | ##   - CUSTOM_USER_GECOS       :  gecos field for user
10 | ##   - CUSTOM_USER_SHELL       :  login shell for user
11 | ##
12 | 
13 | if [ -n "${CUSTOM_USER}" ]; then
14 |   ## create group
15 |   if [ -n "${CUSTOM_GROUP}" ]; then
16 |     group=${CUSTOM_GROUP}
17 |   else
18 |     group=${CUSTOM_USER}
19 |   fi
20 |   addgroup ${CUSTOM_GROUP_GID+--gid ${CUSTOM_GROUP_GID}} ${group} 1>/dev/null 2>/dev/null
21 |   etckeeper commit "addgroup ${group}" 1>/dev/null 2>/dev/null
22 | 
23 |   ## create user (without password, without sudo priv)
24 |   adduser \
25 |     --disabled-password \
26 |     --quiet \
27 |     --gecos "${CUSTOM_USER_GECOS}" \
28 |     --shell ${CUSTOM_USER_SHELL-/bin/bash} \
29 |     ${CUSTOM_USER_UID+--uid ${CUSTOM_USER_UID}} \
30 |     --ingroup ${group} \
31 |     ${CUSTOM_USER} 1>/dev/null 2>/dev/null
32 |   etckeeper commit "adduser ${CUSTOM_USER}" 1>/dev/null 2>/dev/null
33 | 
34 |   ## add sudo priv
35 |   adduser ${CUSTOM_USER} sudo 1>/dev/null 2>/dev/null
36 |   adduser ${CUSTOM_USER} adm 1>/dev/null 2>/dev/null
37 |   etckeeper commit "add ${CUSTOM_USER} into sudo, adm group" 1>/dev/null 2>/dev/null
38 | fi
39 | 
40 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/opt/init-wrapper/pre-init.d/06-remove-unnecessary-files:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ##
 4 | ## see contrib/mkimage/debootstrap
 5 | ##
 6 | 
 7 | dpkg-divert --remove /sbin/initctl 1>/dev/null 2>/dev/null
 8 | 
 9 | files=
10 | files="${files} /usr/sbin/policy-rc.d"
11 | files="${files} /sbin/initctl"
12 | 
13 | for f in $files; do
14 |   if [ -f $f ]; then
15 |     rm $f
16 |   fi
17 | done
18 | 
19 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/opt/init-wrapper/pre-init.d/07-docker-ce-cli:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ## environment variables
 4 | ##
 5 | ##   - INSTALL_DOCKER_CE_CLI   : "yes"
 6 | ##
 7 | 
 8 | set -e
 9 | post_init_script=/opt/init-wrapper/post-init.d/${0##*/}
10 | 
11 | clear_post_init (){
12 |   if [ -f ${post_init_script} ]; then
13 |     : > ${post_init_script}
14 |   fi
15 | }
16 | 
17 | write_post_init (){
18 |   cat <<EOS > ${post_init_script}
19 | #!/bin/sh
20 | set -e
21 | /opt/custom-installers/docker-ce-cli/install.sh
22 | EOS
23 | 
24 |   chmod +x ${post_init_script}
25 | }
26 | 
27 | if [ "${INSTALL_DOCKER_CE_CLI}" = yes ]; then
28 |   clear_post_init
29 |   write_post_init
30 | fi
31 | 
32 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/opt/init-wrapper/pre-init.d/07-nginx:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ## environment variables
 4 | ##
 5 | ##   - INSTALL_NGINX   : "yes"
 6 | ##
 7 | 
 8 | set -e
 9 | post_init_script=/opt/init-wrapper/post-init.d/${0##*/}
10 | 
11 | clear_post_init (){
12 |   if [ -f ${post_init_script} ]; then
13 |     : > ${post_init_script}
14 |   fi
15 | }
16 | 
17 | write_post_init (){
18 |   cat <<EOS > ${post_init_script}
19 | #!/bin/sh
20 | set -e
21 | /opt/custom-installers/nginx/install.sh
22 | EOS
23 | 
24 |   chmod +x ${post_init_script}
25 | }
26 | 
27 | if [ "${INSTALL_NGINX}" = yes ]; then
28 |   clear_post_init
29 |   write_post_init
30 | fi
31 | 
32 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/opt/init-wrapper/pre-init.d/10-save-env:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ##
 4 | ## save environment variables to /etc/profile.d/00docker-env.sh
 5 | ##
 6 | export -p > /etc/profile.d/00docker-env.sh
 7 | 
 8 | for v in \
 9 |   HOME \
10 |   HOSTNAME \
11 |   PATH \
12 |   PWD \
13 |   TERM \
14 |   DEFAULT_LANG \
15 |   DEFAULT_TZ \
16 |   USER_PASSWORD \
17 |   USER_SSH_KEY_URI \
18 |   ROOT_PASSWORD \
19 |   ROOT_SSH_KEY_URI \
20 |   CUSTOM_GROUP \
21 |   CUSTOM_GROUP_GID \
22 |   CUSTOM_USER \
23 |   CUSTOM_USER_UID \
24 |   CUSTOM_USER_GECOS \
25 |   CUSTOM_USER_SHELL \
26 |   CUSTOM_USER_PASSWORD \
27 |   CUSTOM_USER_SSH_KEY_URI \
28 |   APT_LINE \
29 |   APT_UPDATE \
30 |   APT_INSTALL_PACKAGES \
31 |   APT_INSTALL_RECOMMENDS \
32 |   APT_INSTALL_SUGGESTS \
33 |   APT_HTTP_PROXY \
34 |   INSTALL_DOCKER_CE_CLI \
35 |   INSTALL_NGINX
36 | do
37 |   sed -i -e "s/^export ${v}=/#export ${v}=/" /etc/profile.d/00docker-env.sh
38 | done
39 | 
40 | if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
41 |   etckeeper commit "add /etc/profile.d/00docker-env.sh" 1>/dev/null 2>/dev/null
42 | fi
43 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/opt/init-wrapper/pre-init.d/99-install-post-init:
--------------------------------------------------------------------------------
1 | #! /bin/sh
2 | 
3 | sed -i -e "s@^exit 0@run-parts --exit-on-error /opt/init-wrapper/post-init.d@" /etc/rc.local
4 | if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
5 |   etckeeper commit "rc.local: run /opt/init-wrapper/post-init.d/*" 1>/dev/null 2>/dev/null
6 | fi
7 | 
8 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/opt/init-wrapper/sbin/entrypoint.sh:
--------------------------------------------------------------------------------
1 | #! /bin/sh
2 | 
3 | run-parts --exit-on-error /opt/init-wrapper/pre-init.d
4 | exec "$@"
5 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/scripts/00-apt-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | install -m 644 -o root -g root -p /tmp/build/baseimage-stretch/etc/apt/sources.list /etc/apt/sources.list
 8 | 
 9 | apt-get update
10 | apt-get dist-upgrade -y --fix-missing --fix-broken
11 | 
12 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/scripts/02-init-wrapper:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## install custom init scripts
 9 | ##
10 | find /tmp/build/baseimage-stretch/opt/init-wrapper/sbin \
11 |      /tmp/build/baseimage-stretch/opt/init-wrapper/pre-init.d \
12 |      /tmp/build/baseimage-stretch/opt/init-wrapper/post-init.d \
13 |      -maxdepth 1 -mindepth 1 -type f -a -executable \
14 | | while read f; do
15 |   install -m 755 -o root -g root -p -D ${f} ${f#/tmp/build/baseimage-stretch}
16 | done
17 | 
18 | find /tmp/build/baseimage-stretch/opt/init-wrapper/sbin \
19 |      /tmp/build/baseimage-stretch/opt/init-wrapper/pre-init.d \
20 |      /tmp/build/baseimage-stretch/opt/init-wrapper/post-init.d \
21 |      -maxdepth 1 -mindepth 1 -type f -a -not -executable \
22 | | while read f; do
23 |   install -m 644 -o root -g root -p -D ${f} ${f#/tmp/build/baseimage-stretch}
24 | done
25 | 
26 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/scripts/03-custom-installers:
--------------------------------------------------------------------------------
1 | #! /bin/sh
2 | 
3 | set -e
4 | set -x
5 | export DEBIAN_FRONTEND=noninteractive
6 | 
7 | cp -a /tmp/build/baseimage-stretch/opt/custom-installers /opt/custom-installers
8 | 
9 | 


--------------------------------------------------------------------------------
/baseimage-stretch/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/baseimage/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/debian:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/baseimage
 5 | RUN run-parts --report --exit-on-error /tmp/build/baseimage/scripts && rm -rfv /tmp/build
 6 | EXPOSE 22
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/baseimage/Rakefile:
--------------------------------------------------------------------------------
 1 | require 'erb'
 2 | require 'json'
 3 | require 'rake/clean'
 4 | require 'tempfile'
 5 | 
 6 | CLOBBER.include 'README.md', 'debian-packages.json'
 7 | 
 8 | task :default => ['README.md']
 9 | 
10 | desc 'update debian-packages.json'
11 | file 'debian-packages.json' do |t|
12 |   tag = ENV['TAG'] || 'minimum2scp/baseimage:latest'
13 |   tmpfile = Tempfile.new('packages')
14 |   tmpfile.close
15 |   fields = %w[
16 |     Architecture Conflicts Breaks Depends Enhances Essential Installed-Size Origin Package
17 |     Pre-Depends Priority Provides Recommends Replace Section Status Suggests Version
18 |     binary:Package binary:Summary db:Status-Abbrev db:Status-Want db:Status-Status db:Status-Eflag
19 |     source:Package source:Version
20 |   ]
21 |   field_fmt = fields.map{|f| "${#{f}}"}.join("\\t") + "\\n"
22 |   sh %Q[docker run --rm #{tag} dpkg-query -f '#{field_fmt}' -W > #{tmpfile.path}], :verbose => false
23 |   packages = File.readlines(tmpfile.path).map(&:chomp).map{|row| Hash[fields.zip(row.split("\t"))]}
24 |   File.open(t.name, "w") do |fh|
25 |     fh << JSON.pretty_generate(packages)
26 |   end
27 | end
28 | 
29 | desc 'update README.md'
30 | file 'README.md' => ['README.md.erb', 'debian-packages.json'] do |t|
31 |   packages = JSON.parse(File.read('debian-packages.json'))
32 |   File.open(t.name, "w") do |fh|
33 |     fh << ERB.new(File.read('README.md.erb'), trim_mode: '-').result(binding)
34 |   end
35 | end
36 | 
37 | 


--------------------------------------------------------------------------------
/baseimage/build/etc/apt/sources.list:
--------------------------------------------------------------------------------
 1 | ##
 2 | ## stable
 3 | ##
 4 | 
 5 | #deb     http://deb.debian.org/debian/ stable main contrib non-free
 6 | #deb-src http://deb.debian.org/debian/ stable main contrib non-free
 7 | 
 8 | #deb     http://security.debian.org/debian-security stable-security main contrib non-free
 9 | #deb-src http://security.debian.org/debian-security stable-security main contrib non-free
10 | 
11 | ##
12 | ## testing
13 | ##
14 | 
15 | #deb     http://deb.debian.org/debian/ testing main contrib non-free non-free-firmware
16 | #deb-src http://deb.debian.org/debian/ testing main contrib non-free non-free-firmware
17 | 
18 | ##
19 | ## sid
20 | ##
21 | 
22 | deb     http://deb.debian.org/debian/ sid main contrib non-free non-free-firmware
23 | #deb-src http://deb.debian.org/debian/ sid main contrib non-free non-free-firmware
24 | 
25 | ##
26 | ## experimental
27 | ##
28 | 
29 | #deb     http://deb.debian.org/debian/ experimental main contrib non-free non-free-firmware
30 | #deb-src http://deb.debian.org/debian/ experimental main contrib non-free non-free-firmware
31 | 
32 | 


--------------------------------------------------------------------------------
/baseimage/build/etc/locale.nopurge:
--------------------------------------------------------------------------------
 1 | ####################################################
 2 | # This is the configuration file for localepurge(8).
 3 | ####################################################
 4 | 
 5 | ####################################################
 6 | # Uncommenting this string enables the use of dpkg's
 7 | # --path-exclude feature.  In this mode, localepurge
 8 | # will configure dpkg to exclude the desired locales
 9 | # at unpack time.
10 | #
11 | # If enabled, the following 3 options will be
12 | # disabled:
13 | #
14 | #  QUICKNDIRTYCALC
15 | #  SHOWFREEDSPACE
16 | #  VERBOSE
17 | #
18 | # And the following option will be enabled and cannot
19 | # be disabled (unless USE_DPKG is disabled):
20 | #
21 | #  DONTBOTHERNEWLOCALE
22 | #
23 | 
24 | USE_DPKG
25 | ####################################################
26 | 
27 | ####################################################
28 | # Uncommenting this string enables removal of localized 
29 | # man pages based on the configuration information for
30 | # locale files defined below:
31 | 
32 | MANDELETE
33 | 
34 | ####################################################
35 | # Uncommenting this string causes localepurge to simply delete
36 | # locales which have newly appeared on the system without
37 | # bothering you about it:
38 | 
39 | DONTBOTHERNEWLOCALE
40 | 
41 | ####################################################
42 | # Uncommenting this string enables display of freed disk
43 | # space if localepurge has purged any superfluous data:
44 | 
45 | SHOWFREEDSPACE
46 | 
47 | #####################################################
48 | # Commenting out this string enables faster but less
49 | # accurate calculation of freed disk space:
50 | 
51 | #QUICKNDIRTYCALC
52 | 
53 | #####################################################
54 | # Commenting out this string disables verbose output:
55 | 
56 | #VERBOSE
57 | 
58 | #####################################################
59 | # Following locales won't be deleted from this system
60 | # after package installations done with apt-get(8):
61 | 
62 | en
63 | en_US
64 | en_US.UTF-8
65 | ja
66 | ja_JP.UTF-8
67 | 
68 | 


--------------------------------------------------------------------------------
/baseimage/build/opt/custom-installers/docker-ce-cli/install.sh:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | 
 6 | version="27.5.0"
 7 | 
 8 | cd /tmp
 9 | 
10 | ## download tarball
11 | curl -fsSLO https://download.docker.com/linux/static/stable/x86_64/docker-${version}.tgz || \
12 | curl -fsSLO https://download.docker.com/linux/static/edge/x86_64/docker-${version}.tgz
13 | 
14 | ## extract docker (cli) from tarball
15 | tar -x -f /tmp/docker-${version}.tgz --strip-components=1 docker/docker
16 | 
17 | ## install docker (cli)
18 | install -m 755 -o root -g root -p /tmp/docker /usr/local/bin/docker
19 | 
20 | ## cleanup
21 | rm -f /tmp/docker-${version}.tgz /tmp/docker
22 | 


--------------------------------------------------------------------------------
/baseimage/build/opt/custom-installers/nginx/etc/nginx/conf.d/misc.conf:
--------------------------------------------------------------------------------
 1 | # ignore_invalid_headers off;
 2 | # underscores_in_headers on;
 3 | 
 4 | ## reverse proxy configurations (add X-Forwarded-For, etc)
 5 | proxy_set_header Host               $http_host;
 6 | proxy_set_header X-Real-IP          $remote_addr;
 7 | proxy_set_header X-Forwarded-Proto  $scheme;
 8 | proxy_set_header X-Forwarded-Host   $http_host;
 9 | proxy_set_header X-Forwarded-Server $host;
10 | proxy_set_header X-Forwarded-For    $proxy_add_x_forwarded_for;
11 | proxy_redirect off;
12 | proxy_max_temp_file_size 0;
13 | 
14 | ## increase timeout
15 | # send_timeout            600;
16 | # proxy_connect_timeout   600;
17 | # proxy_send_timeout      600;
18 | # proxy_read_timeout      600;
19 | 
20 | ## access log with LTSV
21 | # log_format ltsv 'time:$time_iso8601\t'
22 | #                 'remote_addr:$remote_addr\t'
23 | #                 'request_method:$request_method\t'
24 | #                 'request_length:$request_length\t'
25 | #                 'request_uri:$request_uri\t'
26 | #                 'https:$https\t'
27 | #                 'uri:$uri\t'
28 | #                 'query_string:$query_string\t'
29 | #                 'status:$status\t'
30 | #                 'bytes_sent:$bytes_sent\t'
31 | #                 'body_bytes_sent:$body_bytes_sent\t'
32 | #                 'referer:$http_referer\t'
33 | #                 'useragent:$http_user_agent\t'
34 | #                 'host:$host\t'
35 | #                 'forwardedfor:$http_x_forwarded_for\t'
36 | #                 'request_time:$request_time\t'
37 | #                 'upstream_response_time:$upstream_response_time';
38 | # access_log /var/log/nginx/ltsv_access.log ltsv;
39 | 


--------------------------------------------------------------------------------
/baseimage/build/opt/custom-installers/nginx/install.sh:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | 
 6 | apt-get update
 7 | apt-get install -y --no-install-recommends -t unstable nginx
 8 | if invoke-rc.d --quiet nginx status >/dev/null; then
 9 |   :
10 | else
11 |   invoke-rc.d nginx start
12 | fi
13 | 
14 | install -m 644 -o root -g root -p /opt/custom-installers/nginx/etc/nginx/conf.d/misc.conf /etc/nginx/conf.d/misc.conf
15 | if etckeeper unclean 1>/dev/null 2>/dev/null; then
16 |   etckeeper commit "nginx: add conf.d/misc.conf"
17 | fi
18 | 
19 | # nginx_version="1.22.1-1~bullseye"
20 | # 
21 | # ## install gnupg
22 | # apt-get install -y --no-install-recommends gnupg
23 | # 
24 | # ## install apt key
25 | # curl -sSf http://nginx.org/keys/nginx_signing.key | \
26 | #   gpg --no-default-keyring --keyring /usr/share/keyrings/nginx.gpg --import
27 | # 
28 | # ## add apt-line
29 | # (
30 | #   echo "deb     [signed-by=/usr/share/keyrings/nginx.gpg] http://nginx.org/packages/debian/ bullseye nginx"
31 | #   echo "deb-src [signed-by=/usr/share/keyrings/nginx.gpg] http://nginx.org/packages/debian/ bullseye nginx"
32 | #   echo "deb     [signed-by=/usr/share/keyrings/nginx.gpg] http://nginx.org/packages/mainline/debian/ bullseye nginx"
33 | #   echo "deb-src [signed-by=/usr/share/keyrings/nginx.gpg] http://nginx.org/packages/mainline/debian/ bullseye nginx"
34 | # ) | tee /etc/apt/sources.list.d/nginx.list
35 | # 
36 | # ## add apt-preferences
37 | # cat <<EOS >/etc/apt/preferences.d/nginx
38 | # Package: *
39 | # Pin: release o=nginx, l=nginx
40 | # Pin-Priority: 600
41 | # EOS
42 | # 
43 | # ## etckeeper
44 | # if etckeeper unclean 1>/dev/null 2>/dev/null; then
45 | #   etckeeper commit "apt: added apt-line, apt-preferences for nginx"
46 | # fi
47 | # 
48 | # ## install nginx
49 | # apt-get update
50 | # apt-get install -y --no-install-recommends nginx=${nginx_version}
51 | # 
52 | # ## configure nginx
53 | # install -m 644 -o root -g root -p /opt/custom-installers/nginx/etc/nginx/conf.d/misc.conf /etc/nginx/conf.d/misc.conf
54 | # if etckeeper unclean 1>/dev/null 2>/dev/null; then
55 | #   etckeeper commit "nginx: add conf.d/misc.conf"
56 | # fi
57 | # 
58 | # ## start nginx
59 | # service nginx start
60 | 


--------------------------------------------------------------------------------
/baseimage/build/opt/custom-installers/supervisor/etc/supervisor/supervisord.conf:
--------------------------------------------------------------------------------
 1 | ; supervisor config file
 2 | 
 3 | [unix_http_server]
 4 | file=/var/run/supervisor.sock   ; (the path to the socket file)
 5 | chmod=0770                       ; sockef file mode (default 0700)
 6 | chown=root:adm
 7 | 
 8 | [inet_http_server]
 9 | port=0.0.0.0:9001
10 | 
11 | [supervisord]
12 | logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)
13 | pidfile=/var/run/supervisord.pid ; (supervisord pidfile;default supervisord.pid)
14 | childlogdir=/var/log/supervisor            ; ('AUTO' child log dir, default $TEMP)
15 | 
16 | ; the below section must remain in the config file for RPC
17 | ; (supervisorctl/web interface) to work, additional interfaces may be
18 | ; added by defining them in separate rpcinterface: sections
19 | [rpcinterface:supervisor]
20 | supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
21 | 
22 | [supervisorctl]
23 | serverurl=unix:///var/run/supervisor.sock ; use a unix:// URL  for a unix socket
24 | 
25 | ; The [include] section can just contain the "files" setting.  This
26 | ; setting can list multiple files (separated by whitespace or
27 | ; newlines).  It can also contain wildcards.  The filenames are
28 | ; interpreted as relative to this file.  Included files *cannot*
29 | ; include files themselves.
30 | 
31 | [include]
32 | files = /etc/supervisor/conf.d/*.conf
33 | 


--------------------------------------------------------------------------------
/baseimage/build/opt/custom-installers/supervisor/install.sh:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | 
 6 | ## install supervisor
 7 | apt-get install -y --no-install-recommends supervisor
 8 | 
 9 | ## configure supervisor
10 | install -m 644 -o root -g root -p /opt/custom-installers/supervisor/etc/supervisor/supervisord.conf /etc/supervisor/supervisord.conf
11 | if dpkg-query -s openssh-server 1>/dev/null 2>/dev/null; then
12 |   etckeeper commit "supervisor: set socket as root:adm 770, and enabled inet_http_server with 0.0.0.0:9001"
13 | fi
14 | 
15 | 


--------------------------------------------------------------------------------
/baseimage/build/opt/init-wrapper/post-init.d/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/minimum2scp/dockerfiles/df9401ab652f5098a53c05d4f19b9eff1d33c8d2/baseimage/build/opt/init-wrapper/post-init.d/.gitkeep


--------------------------------------------------------------------------------
/baseimage/build/opt/init-wrapper/pre-init.d/01-git-config:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ##
 4 | ## reset user.email for etckeeper
 5 | ##
 6 | if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
 7 |   git config --global user.email "root@$HOSTNAME" 1>/dev/null 2>/dev/null
 8 | fi
 9 | 
10 | 


--------------------------------------------------------------------------------
/baseimage/build/opt/init-wrapper/pre-init.d/01-set-lang-and-tz:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | 
 5 | ## environment variables
 6 | ##
 7 | ## - DEFAULT_LANG
 8 | ## - DEFAULT_TZ
 9 | 
10 | if [ -n "${DEFAULT_LANG}" ]; then
11 |   sed -i -e "s/LANG=C/LANG=${DEFAULT_LANG}/" /etc/default/locale
12 |   etckeeper commit "set default LANG to ${DEFAULT_LANG}" 1>/dev/null 2>/dev/null
13 | fi
14 | 
15 | if [ -n "${DEFAULT_TZ}" ]; then
16 |   echo "${DEFAULT_TZ}" > /etc/timezone
17 |   # workaround: see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813226
18 |   [ -L /etc/localtime ] && rm /etc/localtime
19 |   dpkg-reconfigure -f noninteractive tzdata 1>/dev/null 2>/dev/null
20 |   etckeeper commit "set timezone to ${DEFAULT_TZ}" 1>/dev/null 2>/dev/null
21 | fi
22 | 


--------------------------------------------------------------------------------
/baseimage/build/opt/init-wrapper/pre-init.d/02-reset-sshd-keys:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | export DEBIAN_FRONTEND=noninteractive
 4 | 
 5 | ##
 6 | ## regenerate ssh host keys
 7 | ##
 8 | if dpkg-query -s openssh-server 1>/dev/null 2>/dev/null; then
 9 |   rm /etc/ssh/ssh_host_*_key /etc/ssh/ssh_host_*_key.pub
10 |   dpkg-reconfigure openssh-server 1>/dev/null 2>/dev/null
11 |   if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
12 |     etckeeper commit "openssh-server: regenerate ssh host keys" 1>/dev/null 2>/dev/null
13 |   fi
14 | fi
15 | 
16 | 


--------------------------------------------------------------------------------
/baseimage/build/opt/init-wrapper/pre-init.d/03-adduser:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ## environment variables
 4 | ##
 5 | ##   - CUSTOM_GROUP            :  group name
 6 | ##   - CUSTOM_GROUP_GID        :  group id
 7 | ##   - CUSTOM_USER             :  user name
 8 | ##   - CUSTOM_USER_UID         :  user id
 9 | ##   - CUSTOM_USER_GECOS       :  gecos field for user
10 | ##   - CUSTOM_USER_SHELL       :  login shell for user
11 | ##
12 | 
13 | if [ -n "${CUSTOM_USER}" ]; then
14 |   ## create group
15 |   if [ -n "${CUSTOM_GROUP}" ]; then
16 |     group=${CUSTOM_GROUP}
17 |   else
18 |     group=${CUSTOM_USER}
19 |   fi
20 |   addgroup ${CUSTOM_GROUP_GID+--gid ${CUSTOM_GROUP_GID}} ${group} 1>/dev/null 2>/dev/null
21 |   etckeeper commit "addgroup ${group}" 1>/dev/null 2>/dev/null
22 | 
23 |   ## create user (without password, without sudo priv)
24 |   adduser \
25 |     --disabled-password \
26 |     --quiet \
27 |     --gecos "${CUSTOM_USER_GECOS}" \
28 |     --shell ${CUSTOM_USER_SHELL-/bin/bash} \
29 |     ${CUSTOM_USER_UID+--uid ${CUSTOM_USER_UID}} \
30 |     --ingroup ${group} \
31 |     ${CUSTOM_USER} 1>/dev/null 2>/dev/null
32 |   etckeeper commit "adduser ${CUSTOM_USER}" 1>/dev/null 2>/dev/null
33 | 
34 |   ## add sudo priv
35 |   adduser ${CUSTOM_USER} sudo 1>/dev/null 2>/dev/null
36 |   adduser ${CUSTOM_USER} adm 1>/dev/null 2>/dev/null
37 |   etckeeper commit "add ${CUSTOM_USER} into sudo, adm group" 1>/dev/null 2>/dev/null
38 | fi
39 | 
40 | 


--------------------------------------------------------------------------------
/baseimage/build/opt/init-wrapper/pre-init.d/06-remove-unnecessary-files:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ##
 4 | ## see contrib/mkimage/debootstrap
 5 | ##
 6 | 
 7 | dpkg-divert --remove /sbin/initctl 1>/dev/null 2>/dev/null
 8 | 
 9 | files=
10 | files="${files} /usr/sbin/policy-rc.d"
11 | files="${files} /sbin/initctl"
12 | 
13 | for f in $files; do
14 |   if [ -f $f ]; then
15 |     rm $f
16 |   fi
17 | done
18 | 
19 | 


--------------------------------------------------------------------------------
/baseimage/build/opt/init-wrapper/pre-init.d/07-docker-ce-cli:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ## environment variables
 4 | ##
 5 | ##   - INSTALL_DOCKER_CE_CLI   : "yes"
 6 | ##
 7 | 
 8 | set -e
 9 | post_init_script=/opt/init-wrapper/post-init.d/${0##*/}
10 | 
11 | clear_post_init (){
12 |   if [ -f ${post_init_script} ]; then
13 |     : > ${post_init_script}
14 |   fi
15 | }
16 | 
17 | write_post_init (){
18 |   cat <<EOS > ${post_init_script}
19 | #!/bin/sh
20 | set -e
21 | /opt/custom-installers/docker-ce-cli/install.sh
22 | EOS
23 | 
24 |   chmod +x ${post_init_script}
25 | }
26 | 
27 | if [ "${INSTALL_DOCKER_CE_CLI}" = yes ]; then
28 |   clear_post_init
29 |   write_post_init
30 | fi
31 | 
32 | 


--------------------------------------------------------------------------------
/baseimage/build/opt/init-wrapper/pre-init.d/07-nginx:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ## environment variables
 4 | ##
 5 | ##   - INSTALL_NGINX   : "yes"
 6 | ##
 7 | 
 8 | set -e
 9 | post_init_script=/opt/init-wrapper/post-init.d/${0##*/}
10 | 
11 | clear_post_init (){
12 |   if [ -f ${post_init_script} ]; then
13 |     : > ${post_init_script}
14 |   fi
15 | }
16 | 
17 | write_post_init (){
18 |   cat <<EOS > ${post_init_script}
19 | #!/bin/sh
20 | set -e
21 | /opt/custom-installers/nginx/install.sh
22 | EOS
23 | 
24 |   chmod +x ${post_init_script}
25 | }
26 | 
27 | if [ "${INSTALL_NGINX}" = yes ]; then
28 |   clear_post_init
29 |   write_post_init
30 | fi
31 | 
32 | 


--------------------------------------------------------------------------------
/baseimage/build/opt/init-wrapper/pre-init.d/10-save-env:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | ##
 4 | ## save environment variables to /etc/profile.d/00docker-env.sh
 5 | ##
 6 | export -p > /etc/profile.d/00docker-env.sh
 7 | 
 8 | for v in \
 9 |   HOME \
10 |   HOSTNAME \
11 |   PATH \
12 |   PWD \
13 |   TERM \
14 |   DEFAULT_LANG \
15 |   DEFAULT_TZ \
16 |   USER_PASSWORD \
17 |   USER_SSH_KEY_URI \
18 |   ROOT_PASSWORD \
19 |   ROOT_SSH_KEY_URI \
20 |   CUSTOM_GROUP \
21 |   CUSTOM_GROUP_GID \
22 |   CUSTOM_USER \
23 |   CUSTOM_USER_UID \
24 |   CUSTOM_USER_GECOS \
25 |   CUSTOM_USER_SHELL \
26 |   CUSTOM_USER_PASSWORD \
27 |   CUSTOM_USER_SSH_KEY_URI \
28 |   APT_LINE \
29 |   APT_UPDATE \
30 |   APT_INSTALL_PACKAGES \
31 |   APT_INSTALL_RECOMMENDS \
32 |   APT_INSTALL_SUGGESTS \
33 |   APT_HTTP_PROXY \
34 |   INSTALL_DOCKER_CE_CLI \
35 |   INSTALL_NGINX
36 | do
37 |   sed -i -e "s/^export ${v}=/#export ${v}=/" /etc/profile.d/00docker-env.sh
38 | done
39 | 
40 | if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
41 |   etckeeper commit "add /etc/profile.d/00docker-env.sh" 1>/dev/null 2>/dev/null
42 | fi
43 | 


--------------------------------------------------------------------------------
/baseimage/build/opt/init-wrapper/pre-init.d/99-install-post-init:
--------------------------------------------------------------------------------
1 | #! /bin/sh
2 | 
3 | echo "run-parts --exit-on-error /opt/init-wrapper/post-init.d" >> /etc/rc.local
4 | if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
5 |   etckeeper commit "rc.local: run /opt/init-wrapper/post-init.d/*" 1>/dev/null 2>/dev/null
6 | fi
7 | 
8 | 


--------------------------------------------------------------------------------
/baseimage/build/opt/init-wrapper/sbin/entrypoint.sh:
--------------------------------------------------------------------------------
1 | #! /bin/sh
2 | 
3 | run-parts --exit-on-error /opt/init-wrapper/pre-init.d
4 | exec "$@"
5 | 


--------------------------------------------------------------------------------
/baseimage/build/scripts/00-apt-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | install -m 644 -o root -g root -p /tmp/build/baseimage/etc/apt/sources.list /etc/apt/sources.list
 8 | 
 9 | apt-get update
10 | apt-get dist-upgrade -y --fix-missing --fix-broken
11 | 
12 | 


--------------------------------------------------------------------------------
/baseimage/build/scripts/02-init-wrapper:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## install custom init scripts
 9 | ##
10 | find /tmp/build/baseimage/opt/init-wrapper/sbin \
11 |      /tmp/build/baseimage/opt/init-wrapper/pre-init.d \
12 |      /tmp/build/baseimage/opt/init-wrapper/post-init.d \
13 |      -maxdepth 1 -mindepth 1 -type f -a -executable \
14 | | while read f; do
15 |   install -m 755 -o root -g root -p -D ${f} ${f#/tmp/build/baseimage}
16 | done
17 | 
18 | find /tmp/build/baseimage/opt/init-wrapper/sbin \
19 |      /tmp/build/baseimage/opt/init-wrapper/pre-init.d \
20 |      /tmp/build/baseimage/opt/init-wrapper/post-init.d \
21 |      -maxdepth 1 -mindepth 1 -type f -a -not -executable \
22 | | while read f; do
23 |   install -m 644 -o root -g root -p -D ${f} ${f#/tmp/build/baseimage}
24 | done
25 | 
26 | 


--------------------------------------------------------------------------------
/baseimage/build/scripts/03-custom-installers:
--------------------------------------------------------------------------------
1 | #! /bin/sh
2 | 
3 | set -e
4 | set -x
5 | export DEBIAN_FRONTEND=noninteractive
6 | 
7 | cp -a /tmp/build/baseimage/opt/custom-installers /opt/custom-installers
8 | 
9 | 


--------------------------------------------------------------------------------
/baseimage/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/debian-bookworm/README.md.erb:
--------------------------------------------------------------------------------
 1 | # about minimum2scp/debian-bookworm image
 2 | 
 3 |  * Debian bookworm (12.x) amd64
 4 |  * Almost same as debian:bookworm image ([semi official debian image](https://registry.hub.docker.com/_/debian/))
 5 | 
 6 | ## build minimum2scp/debian image
 7 | 
 8 | Run following commands on your Debian (requires debootstrap)
 9 | 
10 | ```
11 | $ git clone https://github.com/minimum2scp/dockerfiles.git
12 | $ cd dockerfiles/debian-bookworm
13 | $ rake mkimage TAG=minimum2scp/debian-bookworm:latest
14 | ```
15 | 
16 | ## packages
17 | 
18 | installed packages:
19 | 
20 | ```
21 | <% fields = %w[db:Status-Abbrev Package Version Architecture binary:Summary] -%>
22 | <% width = Hash[fields[0..-2].map{|k| [k, packages.map{|pkg| pkg[k].size}.max] }] -%>
23 | <% packages.each do |package| -%>
24 | <%= fields.map{|k| "%<#{k}>-#{width[k]}s" }.join(" " * 2) % Hash[fields.map{|k| [k.to_sym, package[k]] }] %>
25 | <% end -%>
26 | ```
27 | 


--------------------------------------------------------------------------------
/debian-bullseye/README.md.erb:
--------------------------------------------------------------------------------
 1 | # about minimum2scp/debian-bullseye image
 2 | 
 3 |  * Debian bullseye (11.x) amd64
 4 |  * Almost same as debian:bullseye image ([semi official debian image](https://registry.hub.docker.com/_/debian/))
 5 | 
 6 | ## build minimum2scp/debian-bullseye image
 7 | 
 8 | Run following commands on your Debian (requires debootstrap)
 9 | 
10 | ```
11 | $ git clone https://github.com/minimum2scp/dockerfiles.git
12 | $ cd dockerfiles/debian-bullseye
13 | $ rake mkimage TAG=minimum2scp/debian-bullseye:latest
14 | ```
15 | 
16 | ## packages
17 | 
18 | installed packages:
19 | 
20 | ```
21 | <% fields = %w[db:Status-Abbrev Package Version Architecture binary:Summary] -%>
22 | <% width = Hash[fields[0..-2].map{|k| [k, packages.map{|pkg| pkg[k].size}.max] }] -%>
23 | <% packages.each do |package| -%>
24 | <%= fields.map{|k| "%<#{k}>-#{width[k]}s" }.join(" " * 2) % Hash[fields.map{|k| [k.to_sym, package[k]] }] %>
25 | <% end -%>
26 | ```
27 | 


--------------------------------------------------------------------------------
/debian-buster/README.md.erb:
--------------------------------------------------------------------------------
 1 | # about minimum2scp/debian-buster image
 2 | 
 3 |  * Debian buster (10.x) amd64
 4 |  * Almost same as debian:buster image ([semi official debian image](https://registry.hub.docker.com/_/debian/))
 5 | 
 6 | ## build minimum2scp/debian-buster image
 7 | 
 8 | Run following commands on your Debian (requires debootstrap)
 9 | 
10 | ```
11 | $ git clone https://github.com/minimum2scp/dockerfiles.git
12 | $ cd dockerfiles/debian-buster
13 | $ rake mkimage TAG=minimum2scp/debian-buster:latest
14 | ```
15 | 
16 | ## packages
17 | 
18 | installed packages:
19 | 
20 | ```
21 | <% fields = %w[db:Status-Abbrev Package Version Architecture binary:Summary] -%>
22 | <% width = Hash[fields[0..-2].map{|k| [k, packages.map{|pkg| pkg[k].size}.max] }] -%>
23 | <% packages.each do |package| -%>
24 | <%= fields.map{|k| "%<#{k}>-#{width[k]}s" }.join(" " * 2) % Hash[fields.map{|k| [k.to_sym, package[k]] }] %>
25 | <% end -%>
26 | ```
27 | 


--------------------------------------------------------------------------------
/debian-stretch/README.md.erb:
--------------------------------------------------------------------------------
 1 | # about minimum2scp/debian-stretch image
 2 | 
 3 |  * Debian stretch (9.x) amd64
 4 |  * Almost same as debian:stretch image ([semi official debian image](https://registry.hub.docker.com/_/debian/))
 5 | 
 6 | ## build minimum2scp/debian-stretch image
 7 | 
 8 | Run following commands on your Debian (requires debootstrap)
 9 | 
10 | ```
11 | $ git clone https://github.com/minimum2scp/dockerfiles.git
12 | $ cd dockerfiles/debian-stretch
13 | $ rake mkimage TAG=minimum2scp/debian-stretch:latest
14 | ```
15 | 
16 | ## packages
17 | 
18 | installed packages:
19 | 
20 | ```
21 | <% fields = %w[db:Status-Abbrev Package Version Architecture binary:Summary] -%>
22 | <% width = Hash[fields[0..-2].map{|k| [k, packages.map{|pkg| pkg[k].size}.max] }] -%>
23 | <% packages.each do |package| -%>
24 | <%= fields.map{|k| "%<#{k}>-#{width[k]}s" }.join(" " * 2) % Hash[fields.map{|k| [k.to_sym, package[k]] }] %>
25 | <% end -%>
26 | ```
27 | 


--------------------------------------------------------------------------------
/debian/README.md.erb:
--------------------------------------------------------------------------------
 1 | # about minimum2scp/debian image
 2 | 
 3 |  * Debian sid amd64, this image follows updates of debian sid, almost every day.
 4 |  * Almost same as debian:sid image ([semi official debian image](https://registry.hub.docker.com/_/debian/))
 5 | 
 6 | ## build minimum2scp/debian image
 7 | 
 8 | Run following commands on your Debian (requires debootstrap)
 9 | 
10 | ```
11 | $ git clone https://github.com/minimum2scp/dockerfiles.git
12 | $ cd dockerfiles/debian
13 | $ rake mkimage TAG=minimum2scp/debian:latest
14 | ```
15 | 
16 | ## packages
17 | 
18 | installed packages:
19 | 
20 | ```
21 | <% fields = %w[db:Status-Abbrev Package Version Architecture binary:Summary] -%>
22 | <% width = Hash[fields[0..-2].map{|k| [k, packages.map{|pkg| pkg[k].size}.max] }] -%>
23 | <% packages.each do |package| -%>
24 | <%= fields.map{|k| "%<#{k}>-#{width[k]}s" }.join(" " * 2) % Hash[fields.map{|k| [k.to_sym, package[k]] }] %>
25 | <% end -%>
26 | ```
27 | 


--------------------------------------------------------------------------------
/es-kibana/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/baseimage:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/es-kibana
 5 | RUN run-parts --report --exit-on-error /tmp/build/es-kibana/scripts && rm -rfv /tmp/build
 6 | EXPOSE 22 5601 9200
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/es-kibana/build/opt/init-wrapper/pre-init.d/11-es-java-opts:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | if [ -z "${ES_JAVA_OPTS}" ]; then
 4 |   ES_JAVA_OPTS="-Xms512m -Xmx512m"
 5 | fi
 6 | 
 7 | sed -i -e "s/^#ES_JAVA_OPTS=/ES_JAVA_OPTS=\"${ES_JAVA_OPTS}\"/" /etc/default/elasticsearch
 8 | 
 9 | if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
10 |   etckeeper commit "elasticsearch: changed ES_JAVA_OPTS"
11 | fi
12 | 
13 | 


--------------------------------------------------------------------------------
/es-kibana/build/opt/init-wrapper/pre-init.d/12-save-enve:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | for v in \
 4 |   ES_JAVA_OPTS
 5 | do
 6 |   sed -i -e "s/^export ${v}=/#export ${v}=/" /etc/profile.d/00docker-env.sh
 7 | done
 8 | 
 9 | if dpkg-query -s etckeeper 1>/dev/null 2>/dev/null; then
10 |   etckeeper commit "changed /etc/profile.d/00docker-env.sh" 1>/dev/null 2>/dev/null
11 | fi
12 | 
13 | 


--------------------------------------------------------------------------------
/es-kibana/build/scripts/00-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## reset user.email for etckeeper
 9 | ##
10 | git config --global user.email "root@`hostname`"
11 | 
12 | ##
13 | ## upgrade installed packages
14 | ##
15 | apt-get update
16 | apt-get dist-upgrade --no-install-recommends -y
17 | 
18 | 


--------------------------------------------------------------------------------
/es-kibana/build/scripts/01-setup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | elasticsearch_version=7.17.10
 8 | kibana_version=7.17.10
 9 | 
10 | ##
11 | ## install deps
12 | ##
13 | apt-get install --no-install-recommends -y gnupg
14 | 
15 | ##
16 | ## install GPG key
17 | ##
18 | curl -sSL https://artifacts.elastic.co/GPG-KEY-elasticsearch | \
19 |   gpg --no-default-keyring --keyring /tmp/elasticsearch.gpg --import
20 | gpg --no-default-keyring --keyring /tmp/elasticsearch.gpg \
21 |   --export --output /etc/apt/keyrings/elasticsearch.gpg
22 | rm /tmp/elasticsearch.gpg
23 | 
24 | ##
25 | ## add apt-line for elasticsearch, kibana
26 | ##
27 | echo "deb [signed-by=/etc/apt/keyrings/elasticsearch.gpg] https://artifacts.elastic.co/packages/7.x/apt stable main" > /etc/apt/sources.list.d/elastic-7.x.list
28 | etckeeper commit "apt: Added apt-line for elasticsearch"
29 | apt-get update
30 | 
31 | ##
32 | ## install elasticsearch
33 | ##
34 | apt-get install elasticsearch=${elasticsearch_version}
35 | update-rc.d elasticsearch defaults 95 10
36 | etckeeper commit "enabled elasticsearch"
37 | sed -i -e 's/^#network.host: .*$/network.host: 0.0.0.0/' /etc/elasticsearch/elasticsearch.yml
38 | etckeeper commit "elasticsearch: bind 0.0.0.0"
39 | ( echo ''; echo 'discovery.type: single-node' ) | tee -a /etc/elasticsearch/elasticsearch.yml
40 | etckeeper commit "elasticsearch: single-node configuration"
41 | 
42 | ##
43 | ## install kibana
44 | ##
45 | apt-get install kibana=${kibana_version}
46 | update-rc.d kibana defaults 95 10
47 | etckeeper commit "enabled kibana"
48 | sed -i -e 's/^#server.host: .*$/server.host: "0.0.0.0"/' /etc/kibana/kibana.yml
49 | etckeeper commit "kibana: bind 0.0.0.0"
50 | 
51 | 


--------------------------------------------------------------------------------
/es-kibana/build/scripts/02-init-wrapper:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## install custom init scripts
 9 | ##
10 | find /tmp/build/es-kibana/opt/init-wrapper/sbin \
11 |      /tmp/build/es-kibana/opt/init-wrapper/pre-init.d \
12 |      /tmp/build/es-kibana/opt/init-wrapper/post-init.d \
13 |      -maxdepth 1 -mindepth 1 -type f -a -executable \
14 | | while read f; do
15 |   install -m 755 -o root -g root -p -D ${f} ${f#/tmp/build/es-kibana}
16 | done
17 | 
18 | find /tmp/build/es-kibana/opt/init-wrapper/sbin \
19 |      /tmp/build/es-kibana/opt/init-wrapper/pre-init.d \
20 |      /tmp/build/es-kibana/opt/init-wrapper/post-init.d \
21 |      -maxdepth 1 -mindepth 1 -type f -a -not -executable \
22 | | while read f; do
23 |   install -m 644 -o root -g root -p -D ${f} ${f#/tmp/build/es-kibana}
24 | done
25 | 
26 | 


--------------------------------------------------------------------------------
/es-kibana/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/nodejs/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/baseimage:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/nodejs
 5 | RUN run-parts --report --exit-on-error /tmp/build/nodejs/scripts && rm -rfv /tmp/build
 6 | EXPOSE 22
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/nodejs/README.md:
--------------------------------------------------------------------------------
 1 | # about minimum2scp/nodejs image
 2 | 
 3 |  * based on minimum2scp/baseimage (see https://github.com/minimum2scp/dockerfiles/tree/master/baseimage)
 4 |  * node.js v20.18.1 is installed with [nodenv](https://github.com/nodenv/nodenv)
 5 |  * nodenv is installed in /opt/nodenv
 6 |  * [yarn](https://yarnpkg.com/) is installed with deb package
 7 | 
 8 | ## start container
 9 | 
10 | ```
11 | docker run -d  minimum2scp/nodejs
12 | ```
13 | 
14 | ## ssh login to container
15 | 
16 | ssh login to container:
17 | 
18 | ```
19 | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no debian@<container IP address>
20 | ```
21 | 
22 | or use published port:
23 | 
24 | ```
25 | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p <published ssh port> debian@localhost
26 | ```
27 | 
28 |  * user "debian" is available
29 |  * password is "debian"
30 |  * user "debian" can use sudo command without password
31 |  * `id debian`: `uid=2000(debian) gid=2000(debian) groups=2000(debian),4(adm),27(sudo)`
32 | 
33 | ## processes
34 | 
35 | ```
36 | UID        PID  PPID  C STIME TTY      STAT   TIME CMD
37 | root         1     0  0 03:42 ?        Ss     0:00 init [2]
38 | root        37     1  0 03:42 ?        Ssl    0:00 /usr/sbin/rsyslogd
39 | root        62     1  0 03:42 ?        Ss     0:00 /usr/sbin/cron
40 | root        88     1  0 03:42 ?        Ss     0:00 /usr/sbin/sshd
41 | root       124    88  0 03:42 ?        Ss     0:00  \_ sshd: debian [priv]
42 | debian     126   124  0 03:42 ?        S      0:00      \_ sshd: debian@pts/0
43 | debian     127   126  0 03:42 pts/0    Ss     0:00          \_ -bash
44 | debian     178   127  0 03:42 pts/0    R+     0:00              \_ ps -ef fww
45 | ```
46 | 
47 | ## ports
48 | 
49 |  * TCP/22: sshd
50 | 
51 | ## nodenv
52 | 
53 | nodenv is installed in `/opt/nodenv`, and enabled by `/etc/profile.d/nodenv.sh`.
54 | 
55 | If you need root privilege, use `sudo bash -lc "..."`.
56 | For example, install LTS version of nodejs:
57 | 
58 | ```
59 | sudo bash -lc "nodenv install 18.20.5"
60 | ```
61 | 
62 | 
63 | 


--------------------------------------------------------------------------------
/nodejs/build/helpers/latest-nodejs-version:
--------------------------------------------------------------------------------
 1 | #! /bin/bash
 2 | 
 3 | set -eo pipefail
 4 | 
 5 | curl -fsS https://nodejs.org/download/release/index.json | \
 6 | jq -r --arg v "${1}" '.[] | select( .version | startswith("\($ARGS.named.v)") ) | .version | sub("^v"; "")' | \
 7 | sort --version-sort | \
 8 | tail -n 1
 9 | 
10 | 


--------------------------------------------------------------------------------
/nodejs/build/scripts/00-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## reset user.email for etckeeper
 9 | ##
10 | git config --global user.email "root@`hostname`"
11 | 
12 | ##
13 | ## upgrade installed packages
14 | ##
15 | apt-get update
16 | apt-get dist-upgrade --no-install-recommends -y
17 | 
18 | 


--------------------------------------------------------------------------------
/nodejs/build/scripts/01-setup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ## packages: build tools
 8 | packages="build-essential"
 9 | 
10 | ## helper script dependencies
11 | packages="${packages} jq"
12 | 
13 | ## install packages
14 | apt-get install --no-install-recommends -y ${packages}
15 | 
16 | 


--------------------------------------------------------------------------------
/nodejs/build/scripts/02-nodenv:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | nodenv_root=/opt/nodenv
 8 | 
 9 | ## get latest nodejs version (20.x.x) from https://nodejs.org/download/release/index.json
10 | node_version=$(/bin/bash /tmp/build/nodejs/helpers/latest-nodejs-version v20.)
11 | 
12 | ## install nodenv into /opt/nodenv
13 | git clone https://github.com/nodenv/nodenv.git                   ${nodenv_root}
14 | 
15 | ## install nodenv plugins
16 | git clone https://github.com/nodenv/node-build.git               ${nodenv_root}/plugins/node-build
17 | git clone https://github.com/nodenv/nodenv-update.git            ${nodenv_root}/plugins/nodenv-update
18 | git clone https://github.com/nodenv/nodenv-aliases.git           ${nodenv_root}/plugins/nodenv-aliases
19 | 
20 | ## install /etc/profile.d/nodenv.sh
21 | cat <<PROFILE > /etc/profile.d/nodenv.sh
22 | export NODENV_ROOT=${nodenv_root}
23 | export PATH=\${NODENV_ROOT}/bin:\${PATH}
24 | eval "\$(nodenv init -)"
25 | PROFILE
26 | if etckeeper unclean 1>/dev/null 2>/dev/null; then
27 |   sudo etckeeper commit "add /etc/profile.d/nodenv.sh to use ${nodenv_root}"
28 | fi
29 | 
30 | ### create shims,versions
31 | set +e
32 | bash -l -c "nodenv rehash"
33 | set -e
34 | 
35 | ## install nodejs
36 | bash -l -c "nodenv install ${node_version}"
37 | bash -l -c "nodenv global ${node_version}"
38 | 
39 | 


--------------------------------------------------------------------------------
/nodejs/build/scripts/03-yarn:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## install yarn (https://yarnpkg.com/en/docs/install)
 9 | ##
10 | apt-get install -y --no-install-recommends gnupg
11 | curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | \
12 |   gpg --no-default-keyring --keyring /tmp/yarn.gpg --import
13 | gpg --no-default-keyring --keyring /tmp/yarn.gpg \
14 |   --export --output /etc/apt/keyrings/yarn.gpg
15 | rm /tmp/yarn.gpg
16 | 
17 | echo "deb [signed-by=/etc/apt/keyrings/yarn.gpg] http://dl.yarnpkg.com/debian/ stable main" > /etc/apt/sources.list.d/yarn.list
18 | if etckeeper unclean 1>/dev/null 2>/dev/null; then
19 |   etckeeper commit "add apt-line for yarn"
20 | fi
21 | apt-get update
22 | apt-get install -y --no-install-recommends yarn
23 | 
24 | 


--------------------------------------------------------------------------------
/nodejs/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/norikra/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/ruby:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/norikra
 5 | RUN run-parts --report --exit-on-error /tmp/build/norikra/scripts && rm -rfv /tmp/build
 6 | EXPOSE 22 9001 26571 26578
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/norikra/build/etc/supervisor/conf.d/norikra.conf:
--------------------------------------------------------------------------------
 1 | [program:norikra]
 2 | command = /opt/rbenv/shims/norikra start -s /home/debian/norikra/data/stats.json
 3 | numprocs = 1
 4 | directory = /home/debian/norikra
 5 | umask = 022
 6 | autostart = true
 7 | autorestart = true
 8 | startretries = 1
 9 | user = debian
10 | stdout_logfile = /var/log/supervisor/norikra.log
11 | stderr_logfile = /var/log/supervisor/norikra.log
12 | redirect_stderr = true
13 | 
14 | environment=RBENV_VERSION=jruby-9.1.5.0,LANG=ja_JP.UTF-8
15 | 
16 | 


--------------------------------------------------------------------------------
/norikra/build/scripts/00-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## reset user.email for etckeeper
 9 | ##
10 | git config --global user.email "root@`hostname`"
11 | 
12 | ##
13 | ## upgrade installed packages
14 | ##
15 | apt-get update
16 | apt-get dist-upgrade --no-install-recommends -y
17 | 
18 | 


--------------------------------------------------------------------------------
/norikra/build/scripts/01-setup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ## install java
 8 | apt-get install -y --no-install-recommends default-jre-headless
 9 | 
10 | 


--------------------------------------------------------------------------------
/norikra/build/scripts/02-rbenv:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | jruby_version=9.4.2.0
 8 | 
 9 | ## install jruby by rbenv
10 | bash -l -c "rbenv install jruby-${jruby_version}"
11 | 
12 | ## install norikra with JRuby
13 | bash -l -c "RBENV_VERSION=jruby-${jruby_version} gem install norikra -N"
14 | 
15 | ## install norikura-client with CRuby
16 | bash -l -c "RBENV_VERSION=system gem install norikra-client -N"
17 | 
18 | 
19 | 


--------------------------------------------------------------------------------
/norikra/build/scripts/03-norikra:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ## install supervisor
 8 | ## (see baseimage/build/opt/custom-installers)
 9 | /opt/custom-installers/supervisor/install.sh
10 | 
11 | ## run norikra server by supervisor
12 | install -m 644 -o root -g root -p /tmp/build/norikra/etc/supervisor/conf.d/norikra.conf /etc/supervisor/conf.d/norikra.conf
13 | etckeeper commit "supervisor: add norikra"
14 | 
15 | sudo -u debian mkdir -p /home/debian/norikra/data
16 | 
17 | 


--------------------------------------------------------------------------------
/norikra/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/rails7/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/ruby:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/rails7
 5 | RUN run-parts --report --exit-on-error /tmp/build/rails7/scripts && rm -rfv /tmp/build
 6 | EXPOSE 22
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/rails7/README.md:
--------------------------------------------------------------------------------
 1 | # about minimum2scp/rails7 image
 2 | 
 3 |  * based on minimum2scp/ruby (see https://github.com/minimum2scp/dockerfiles/tree/master/ruby)
 4 |  * Ruby on Rails 7.x is installed by gem (1)
 5 |  * RDBMS client, headers packages are installed
 6 |    * SQLite3: sqlite3, libsqlite3-dev
 7 |    * MySQL: mysql-client, libmysqlclient-dev
 8 |    * PostgreSQL: postgresql-client, libpq-dev
 9 |  * nodejs is installed with nodenv (`NODENV_ROOT=/opt/nodenv/`)
10 |  * [yarn](https://yarnpkg.com/) is installed with debian package
11 | 
12 | ## start container
13 | 
14 | ```
15 | docker run -d  minimum2scp/rails7
16 | ```
17 | 
18 | ## ssh login to container
19 | 
20 | ssh login to container:
21 | 
22 | ```
23 | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no debian@<container IP address>
24 | ```
25 | 
26 | or use published port:
27 | 
28 | ```
29 | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p <published ssh port> debian@localhost
30 | ```
31 | 
32 |  * user "debian" is available
33 |  * password is "debian"
34 |  * user "debian" can use sudo command without password
35 |  * `id debian`: `uid=2000(debian) gid=2000(debian) groups=2000(debian),4(adm),27(sudo)`
36 | 
37 | ## processes
38 | 
39 | ```
40 | UID        PID  PPID  C STIME TTY      STAT   TIME CMD
41 | root         1     0  0 03:42 ?        Ss     0:00 init [2]
42 | root        37     1  0 03:42 ?        Ssl    0:00 /usr/sbin/rsyslogd
43 | root        62     1  0 03:42 ?        Ss     0:00 /usr/sbin/cron
44 | root        88     1  0 03:42 ?        Ss     0:00 /usr/sbin/sshd
45 | root       124    88  0 03:42 ?        Ss     0:00  \_ sshd: debian [priv]
46 | debian     126   124  0 03:42 ?        S      0:00      \_ sshd: debian@pts/0
47 | debian     127   126  0 03:42 pts/0    Ss     0:00          \_ -bash
48 | debian     178   127  0 03:42 pts/0    R+     0:00              \_ ps -ef fww
49 | ```
50 | 
51 | ## ports
52 | 
53 |  * TCP/22: sshd
54 | 
55 | 


--------------------------------------------------------------------------------
/rails7/build/helpers/latest-nodejs-version:
--------------------------------------------------------------------------------
 1 | #! /bin/bash
 2 | 
 3 | set -eo pipefail
 4 | 
 5 | curl -fsS https://nodejs.org/download/release/index.json | \
 6 | jq -r --arg v "${1}" '.[] | select( .version | startswith("\($ARGS.named.v)") ) | .version | sub("^v"; "")' | \
 7 | sort --version-sort | \
 8 | tail -n 1
 9 | 
10 | 


--------------------------------------------------------------------------------
/rails7/build/scripts/00-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## reset user.email for etckeeper
 9 | ##
10 | git config --global user.email "root@`hostname`"
11 | 
12 | ##
13 | ## upgrade installed packages
14 | ##
15 | apt-get update
16 | apt-get dist-upgrade --no-install-recommends -y
17 | 
18 | 


--------------------------------------------------------------------------------
/rails7/build/scripts/01-setup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ## RDBMS client and headers, and rails
 8 | packages="sqlite3 libsqlite3-dev"
 9 | packages="$packages mysql-client libmysqlclient-dev"
10 | packages="$packages postgresql-client libpq-dev"
11 | packages="$packages jq"
12 | 
13 | ## install packages
14 | apt-get install --install-recommends -y ${packages}
15 | 
16 | ## install ruby (see https://github.com/minimum2scp/ruby-binary)
17 | curl -L --create-dirs -o /tmp/build/rails7/tmp/ruby-binary/install.sh https://raw.githubusercontent.com/minimum2scp/ruby-binary/master/install.sh
18 | sh /tmp/build/rails7/tmp/ruby-binary/install.sh -t v0.1.231 -v 3.2.5
19 | bash -lc "rbenv global 3.2.5"
20 | 
21 | ## install rails (by gem)
22 | bash -lc "RBENV_VERSION=3.2.5 gem install -N rails --version '~> 7.0'"
23 | 
24 | 


--------------------------------------------------------------------------------
/rails7/build/scripts/02-nodenv:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | nodenv_root=/opt/nodenv
 8 | 
 9 | ## get latest nodejs version (20.x.x) from https://nodejs.org/download/release/index.json
10 | node_version=$(/bin/bash /tmp/build/rails7/helpers/latest-nodejs-version v20.)
11 | 
12 | ## install nodenv into /opt/nodenv
13 | git clone https://github.com/nodenv/nodenv.git                   ${nodenv_root}
14 | 
15 | ## install nodenv plugins
16 | git clone https://github.com/nodenv/node-build.git               ${nodenv_root}/plugins/node-build
17 | git clone https://github.com/nodenv/nodenv-update.git            ${nodenv_root}/plugins/nodenv-update
18 | git clone https://github.com/nodenv/nodenv-aliases.git           ${nodenv_root}/plugins/nodenv-aliases
19 | 
20 | ## install /etc/profile.d/nodenv.sh
21 | cat <<PROFILE > /etc/profile.d/nodenv.sh
22 | export NODENV_ROOT=${nodenv_root}
23 | export PATH=\${NODENV_ROOT}/bin:\${PATH}
24 | eval "\$(nodenv init -)"
25 | PROFILE
26 | if etckeeper unclean 1>/dev/null 2>/dev/null; then
27 |   sudo etckeeper commit "add /etc/profile.d/nodenv.sh to use ${nodenv_root}"
28 | fi
29 | 
30 | ### create shims,versions
31 | set +e
32 | bash -l -c "nodenv rehash"
33 | set -e
34 | 
35 | ## install nodejs
36 | bash -l -c "nodenv install ${node_version}"
37 | bash -l -c "nodenv global ${node_version}"
38 | 
39 | 


--------------------------------------------------------------------------------
/rails7/build/scripts/03-yarn:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## install yarn (https://yarnpkg.com/en/docs/install)
 9 | ##
10 | apt-get install -y --no-install-recommends gnupg
11 | curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | \
12 |   gpg --no-default-keyring --keyring /tmp/yarn.gpg --import
13 | gpg --no-default-keyring --keyring /tmp/yarn.gpg \
14 |   --export --output /etc/apt/keyrings/yarn.gpg
15 | rm /tmp/yarn.gpg
16 | 
17 | echo "deb [signed-by=/etc/apt/keyrings/yarn.gpg] http://dl.yarnpkg.com/debian/ stable main" > /etc/apt/sources.list.d/yarn.list
18 | if etckeeper unclean 1>/dev/null 2>/dev/null; then
19 |   etckeeper commit "add apt-line for yarn"
20 | fi
21 | apt-get update
22 | apt-get install -y --no-install-recommends yarn
23 | 
24 | 


--------------------------------------------------------------------------------
/rails7/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/ruby-bookworm/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/baseimage-bookworm:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/ruby-bookworm
 5 | RUN run-parts --report --exit-on-error /tmp/build/ruby-bookworm/scripts && rm -rfv /tmp/build
 6 | Expose 22
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/ruby-bookworm/build/scripts/00-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## reset user.email for etckeeper
 9 | ##
10 | git config --global user.email "root@`hostname`"
11 | 
12 | ##
13 | ## upgrade installed packages
14 | ##
15 | apt-get update
16 | apt-get dist-upgrade --no-install-recommends -y
17 | 
18 | 


--------------------------------------------------------------------------------
/ruby-bookworm/build/scripts/01-setup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ## packages: ruby and build tools
 8 | packages="ruby ruby-dev bundler rake pry"
 9 | packages="$packages build-essential autoconf bison ca-certificates libgdbm-dev libncurses-dev libreadline-dev tcl-dev tk-dev zlib1g-dev libssl-dev libffi-dev libyaml-dev libgmp-dev"
10 | packages="$packages gem2deb"
11 | 
12 | ## install packages
13 | apt-get install --no-install-recommends -y ${packages}
14 | 
15 | 


--------------------------------------------------------------------------------
/ruby-bookworm/build/scripts/02-rbenv:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ## download and run install-rbenv.sh in minimum2scp/ruby-binary repository
 8 | curl -o /tmp/build/ruby-bookworm/tmp/install-rbenv.sh https://raw.githubusercontent.com/minimum2scp/ruby-binary/master/install-rbenv.sh
 9 | chmod +x /tmp/build/ruby-bookworm/tmp/install-rbenv.sh
10 | /tmp/build/ruby-bookworm/tmp/install-rbenv.sh
11 | 
12 | 


--------------------------------------------------------------------------------
/ruby-bookworm/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/ruby-bookworm/build/tmp/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/minimum2scp/dockerfiles/df9401ab652f5098a53c05d4f19b9eff1d33c8d2/ruby-bookworm/build/tmp/.gitkeep


--------------------------------------------------------------------------------
/ruby-bullseye/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/baseimage-bullseye:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/ruby-bullseye
 5 | RUN run-parts --report --exit-on-error /tmp/build/ruby-bullseye/scripts && rm -rfv /tmp/build
 6 | Expose 22
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/ruby-bullseye/build/scripts/00-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## reset user.email for etckeeper
 9 | ##
10 | git config --global user.email "root@`hostname`"
11 | 
12 | ##
13 | ## upgrade installed packages
14 | ##
15 | apt-get update
16 | apt-get dist-upgrade --no-install-recommends -y
17 | 
18 | 


--------------------------------------------------------------------------------
/ruby-bullseye/build/scripts/01-setup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ## packages: ruby and build tools
 8 | packages="ruby ruby-dev bundler rake pry"
 9 | packages="$packages build-essential autoconf bison ca-certificates libgdbm-dev libncurses-dev libreadline-dev tcl-dev tk-dev zlib1g-dev libssl-dev libffi-dev libyaml-dev libgmp-dev"
10 | packages="$packages gem2deb"
11 | 
12 | ## install packages
13 | apt-get install --no-install-recommends -y ${packages}
14 | 
15 | 


--------------------------------------------------------------------------------
/ruby-bullseye/build/scripts/02-rbenv:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ## download and run install-rbenv.sh in minimum2scp/ruby-binary repository
 8 | curl -o /tmp/build/ruby-bullseye/tmp/install-rbenv.sh https://raw.githubusercontent.com/minimum2scp/ruby-binary/master/install-rbenv.sh
 9 | chmod +x /tmp/build/ruby-bullseye/tmp/install-rbenv.sh
10 | /tmp/build/ruby-bullseye/tmp/install-rbenv.sh
11 | 
12 | 


--------------------------------------------------------------------------------
/ruby-bullseye/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/ruby-bullseye/build/tmp/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/minimum2scp/dockerfiles/df9401ab652f5098a53c05d4f19b9eff1d33c8d2/ruby-bullseye/build/tmp/.gitkeep


--------------------------------------------------------------------------------
/ruby-buster/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/baseimage-buster:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/ruby-buster
 5 | RUN run-parts --report --exit-on-error /tmp/build/ruby-buster/scripts && rm -rfv /tmp/build
 6 | Expose 22
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/ruby-buster/build/scripts/00-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## reset user.email for etckeeper
 9 | ##
10 | git config --global user.email "root@`hostname`"
11 | 
12 | ##
13 | ## upgrade installed packages
14 | ##
15 | apt-get update
16 | apt-get dist-upgrade --no-install-recommends -y
17 | 
18 | 


--------------------------------------------------------------------------------
/ruby-buster/build/scripts/01-setup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ## packages: ruby2.5, and build tools
 8 | packages="ruby ruby-dev bundler rake pry"
 9 | packages="$packages build-essential autoconf bison ca-certificates libgdbm-dev libncurses-dev libreadline-dev tcl-dev tk-dev zlib1g-dev libssl-dev libffi-dev libyaml-dev libgmp-dev"
10 | packages="$packages gem2deb"
11 | 
12 | ## install packages
13 | apt-get install --no-install-recommends -y ${packages}
14 | 
15 | 


--------------------------------------------------------------------------------
/ruby-buster/build/scripts/02-rbenv:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ## download and run install-rbenv.sh in minimum2scp/ruby-binary repository
 8 | curl -o /tmp/build/ruby-buster/tmp/install-rbenv.sh https://raw.githubusercontent.com/minimum2scp/ruby-binary/master/install-rbenv.sh
 9 | chmod +x /tmp/build/ruby-buster/tmp/install-rbenv.sh
10 | /tmp/build/ruby-buster/tmp/install-rbenv.sh
11 | 
12 | 


--------------------------------------------------------------------------------
/ruby-buster/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/ruby-buster/build/tmp/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/minimum2scp/dockerfiles/df9401ab652f5098a53c05d4f19b9eff1d33c8d2/ruby-buster/build/tmp/.gitkeep


--------------------------------------------------------------------------------
/ruby-full/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/ruby:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/ruby-full
 5 | RUN run-parts --report --exit-on-error /tmp/build/ruby-full/scripts && rm -rfv /tmp/build
 6 | EXPOSE 22
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/ruby-full/README.md:
--------------------------------------------------------------------------------
 1 | # about minimum2scp/ruby-full image
 2 | 
 3 |  * based on minimum2scp/ruby (see https://github.com/minimum2scp/dockerfiles/tree/master/ruby)
 4 |  * ruby 2.7.8, 3.0.7, 3.1.6, 3.2.5, 3.3.4  is installed by rbenv
 5 |  * ruby 3.3.7 is installed by debian package
 6 | 
 7 | ## ssh login to container
 8 | 
 9 | ssh login to container:
10 | 
11 | ```
12 | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no debian@<container IP address>
13 | ```
14 | 
15 | or use published port:
16 | 
17 | ```
18 | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p <published ssh port> debian@localhost
19 | ```
20 | 
21 |  * user "debian" is available
22 |  * password is "debian"
23 |  * user "debian" can use sudo command without password
24 |  * `id debian`: `uid=2000(debian) gid=2000(debian) groups=2000(debian),4(adm),27(sudo)`
25 | 
26 | ## processes
27 | 
28 | ```
29 | UID        PID  PPID  C STIME TTY      STAT   TIME CMD
30 | root         1     0  0 03:25 ?        Ss     0:00 init [2]  
31 | root        38     1  0 03:25 ?        Ssl    0:00 /usr/sbin/rsyslogd
32 | root        63     1  0 03:25 ?        Ss     0:00 /usr/sbin/cron
33 | root        74     1  0 03:25 ?        Ss     0:00 /usr/sbin/sshd
34 | root        81    74  0 03:27 ?        Ss     0:00  \_ sshd: debian [priv]
35 | debian      83    81  0 03:27 ?        S      0:00      \_ sshd: debian@pts/0
36 | debian      84    83  0 03:27 pts/0    Ss     0:00          \_ -bash
37 | debian     135    84  0 03:27 pts/0    R+     0:00              \_ ps -ef fww
38 | ```
39 | 
40 | ## ports
41 | 
42 |  * TCP/22: sshd
43 | 
44 | ## about rbenv
45 | 
46 | ### rbenv versions, and default ruby
47 | 
48 | rbenv gloabl (/opt/rbenv/version) is not defined, and some rubies are built.
49 | 
50 | ```
51 | % docker run --rm -t minimum2scp/ruby-full:latest /bin/bash -l -c "rbenv versions"
52 | * system (set by /opt/rbenv/version)
53 |   2.7.8
54 |   3.0.7
55 |   3.1.6
56 |   3.2.5
57 |   3.3.4
58 | % docker run --rm -t minimum2scp/ruby-full:latest /bin/bash -l -c "ruby -v"
59 | ruby 3.3.7 (2025-01-15 revision be31f993d7) [x86_64-linux-gnu]
60 | ```
61 | 
62 | 
63 | 


--------------------------------------------------------------------------------
/ruby-full/build/scripts/00-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## reset user.email for etckeeper
 9 | ##
10 | git config --global user.email "root@`hostname`"
11 | 
12 | ##
13 | ## upgrade installed packages
14 | ##
15 | apt-get update
16 | apt-get dist-upgrade --no-install-recommends -y
17 | 
18 | 


--------------------------------------------------------------------------------
/ruby-full/build/scripts/01-setup:
--------------------------------------------------------------------------------
1 | #! /bin/sh
2 | 
3 | set -e
4 | set -x
5 | export DEBIAN_FRONTEND=noninteractive
6 | 
7 | 


--------------------------------------------------------------------------------
/ruby-full/build/scripts/02-rbenv:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ## run rbenv-update
 8 | bash -l -c "rbenv update"
 9 | 
10 | ## install subversion to build ruby 1.8.7-p375 (requires svn commands)
11 | #apt-get install --no-install-recommends -y subversion
12 | 
13 | ## install pre-build binary (see https://github.com/minimum2scp/ruby-binary)
14 | curl -L --create-dirs -o /tmp/build/ruby-full/tmp/ruby-binary/install.sh https://raw.githubusercontent.com/minimum2scp/ruby-binary/master/install.sh
15 | sh /tmp/build/ruby-full/tmp/ruby-binary/install.sh -t v0.1.231
16 | 
17 | ## install openssl 1.1 series into /opt/openssl-<version>
18 | openssl_version=1.1.1w
19 | openssl_tarball_url=https://github.com/openssl/openssl/releases/download/OpenSSL_1_1_1w/openssl-1.1.1w.tar.gz
20 | curl -sSfL -o /tmp/build/openssl-${openssl_version}.tar.gz ${openssl_tarball_url}
21 | cd /tmp/build
22 | tar xf openssl-${openssl_version}.tar.gz
23 | cd openssl-${openssl_version}
24 | ./config --prefix=/opt/openssl-${openssl_version} --openssldir=/opt/openssl-${openssl_version} shared zlib
25 | make
26 | make install
27 | rm -rf /opt/openssl-${openssl_version}/certs
28 | ln -s /etc/ssl/certs /opt/openssl-${openssl_version}
29 | 
30 | 


--------------------------------------------------------------------------------
/ruby-full/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/ruby-full/build/tmp/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/minimum2scp/dockerfiles/df9401ab652f5098a53c05d4f19b9eff1d33c8d2/ruby-full/build/tmp/.gitkeep


--------------------------------------------------------------------------------
/ruby-stretch/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/baseimage-stretch:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/ruby-stretch
 5 | RUN run-parts --report --exit-on-error /tmp/build/ruby-stretch/scripts && rm -rfv /tmp/build
 6 | Expose 22
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/ruby-stretch/build/scripts/00-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## reset user.email for etckeeper
 9 | ##
10 | git config --global user.email "root@`hostname`"
11 | 
12 | ##
13 | ## upgrade installed packages
14 | ##
15 | apt-get update
16 | apt-get dist-upgrade --no-install-recommends -y
17 | 
18 | 


--------------------------------------------------------------------------------
/ruby-stretch/build/scripts/01-setup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ## packages: ruby2.3, and build tools
 8 | packages="ruby ruby-dev rake"
 9 | packages="$packages build-essential autoconf bison ca-certificates libgdbm-dev libncursesw5-dev libncurses5-dev libreadline-dev tcl-dev tk-dev zlib1g-dev libssl-dev libffi-dev libyaml-dev libgmp-dev"
10 | packages="$packages gem2deb"
11 | 
12 | ## install packages
13 | apt-get install --no-install-recommends -y ${packages}
14 | 
15 | ## update rubygems
16 | gem update --system 3.1.6
17 | 
18 | ## install bundler, pry by gem command
19 | gem install bundler --version 2.1.4
20 | gem install pry
21 | 
22 | 


--------------------------------------------------------------------------------
/ruby-stretch/build/scripts/02-rbenv:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ## download and run install-rbenv.sh in minimum2scp/ruby-binary repository
 8 | curl -o /tmp/build/ruby-stretch/tmp/install-rbenv.sh https://raw.githubusercontent.com/minimum2scp/ruby-binary/master/install-rbenv.sh
 9 | chmod +x /tmp/build/ruby-stretch/tmp/install-rbenv.sh
10 | /tmp/build/ruby-stretch/tmp/install-rbenv.sh
11 | 
12 | 


--------------------------------------------------------------------------------
/ruby-stretch/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/ruby-stretch/build/tmp/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/minimum2scp/dockerfiles/df9401ab652f5098a53c05d4f19b9eff1d33c8d2/ruby-stretch/build/tmp/.gitkeep


--------------------------------------------------------------------------------
/ruby/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/baseimage:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/ruby
 5 | RUN run-parts --report --exit-on-error /tmp/build/ruby/scripts && rm -rfv /tmp/build
 6 | Expose 22
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/ruby/build/scripts/00-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## reset user.email for etckeeper
 9 | ##
10 | git config --global user.email "root@`hostname`"
11 | 
12 | ##
13 | ## upgrade installed packages
14 | ##
15 | apt-get update
16 | apt-get dist-upgrade --no-install-recommends -y
17 | 
18 | 


--------------------------------------------------------------------------------
/ruby/build/scripts/01-setup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ## packages: ruby and build tools
 8 | packages="ruby ruby-dev bundler rake pry"
 9 | packages="$packages build-essential autoconf bison ca-certificates libgdbm-dev libncurses-dev libreadline-dev tcl-dev tk-dev zlib1g-dev libssl-dev libffi-dev libyaml-dev libgmp-dev"
10 | packages="$packages gem2deb"
11 | 
12 | ## install packages
13 | apt-get install --no-install-recommends -y ${packages}
14 | 
15 | 


--------------------------------------------------------------------------------
/ruby/build/scripts/02-rbenv:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ## download and run install-rbenv.sh in minimum2scp/ruby-binary repository
 8 | curl -o /tmp/build/ruby/tmp/install-rbenv.sh https://raw.githubusercontent.com/minimum2scp/ruby-binary/master/install-rbenv.sh
 9 | chmod +x /tmp/build/ruby/tmp/install-rbenv.sh
10 | /tmp/build/ruby/tmp/install-rbenv.sh
11 | 
12 | 


--------------------------------------------------------------------------------
/ruby/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/ruby/build/tmp/.gitkeep:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/minimum2scp/dockerfiles/df9401ab652f5098a53c05d4f19b9eff1d33c8d2/ruby/build/tmp/.gitkeep


--------------------------------------------------------------------------------
/spec/baseimage-bookworm/01apt_spec.rb:
--------------------------------------------------------------------------------
 1 | require 'spec_helper'
 2 | 
 3 | describe 'minimum2scp/baseimage-bookworm' do
 4 |   describe 'apt' do
 5 |     before(:all) do
 6 |       start_container({
 7 |         'Image' => ENV['DOCKER_IMAGE'] || "minimum2scp/#{File.basename(__dir__)}:latest",
 8 |       })
 9 |     end
10 | 
11 |     after(:all) do
12 |       stop_container
13 |     end
14 | 
15 |     describe command('apt list --upgradable') do
16 |       let(:pre_command){ 'sudo apt-get update -qq' }
17 |       its(:stdout) {
18 |         should_not match /\[upgradable from: /
19 |       }
20 |       its(:exit_status){ should eq 0 }
21 |     end
22 | 
23 |     packages = JSON.parse(File.read("#{File.basename(__dir__)}/debian-packages.json"))
24 |     packages.each do |package|
25 |       name = package["Package"]
26 |       version = package["Version"]
27 |       describe package(name) do
28 |         it {
29 |           should be_installed.with_version(version)
30 |         }
31 |       end
32 |     end
33 |   end
34 | end
35 | 


--------------------------------------------------------------------------------
/spec/baseimage-bullseye/01apt_spec.rb:
--------------------------------------------------------------------------------
 1 | require 'spec_helper'
 2 | 
 3 | describe 'minimum2scp/baseimage-bullseye' do
 4 |   describe 'apt' do
 5 |     before(:all) do
 6 |       start_container({
 7 |         'Image' => ENV['DOCKER_IMAGE'] || "minimum2scp/#{File.basename(__dir__)}:latest",
 8 |       })
 9 |     end
10 | 
11 |     after(:all) do
12 |       stop_container
13 |     end
14 | 
15 |     describe command('apt list --upgradable') do
16 |       let(:pre_command){ 'sudo apt-get update -qq' }
17 |       its(:stdout) {
18 |         should_not match /\[upgradable from: /
19 |       }
20 |       its(:exit_status){ should eq 0 }
21 |     end
22 | 
23 |     packages = JSON.parse(File.read("#{File.basename(__dir__)}/debian-packages.json"))
24 |     packages.each do |package|
25 |       name = package["Package"]
26 |       version = package["Version"]
27 |       describe package(name) do
28 |         it {
29 |           should be_installed.with_version(version)
30 |         }
31 |       end
32 |     end
33 |   end
34 | end
35 | 


--------------------------------------------------------------------------------
/spec/baseimage-buster/01apt_spec.rb:
--------------------------------------------------------------------------------
 1 | require 'spec_helper'
 2 | 
 3 | describe 'minimum2scp/baseimage-buster' do
 4 |   describe 'apt' do
 5 |     before(:all) do
 6 |       start_container({
 7 |         'Image' => ENV['DOCKER_IMAGE'] || "minimum2scp/#{File.basename(__dir__)}:latest",
 8 |       })
 9 |     end
10 | 
11 |     after(:all) do
12 |       stop_container
13 |     end
14 | 
15 |     describe command('apt list --upgradable') do
16 |       let(:pre_command){ 'sudo apt-get update -qq' }
17 |       its(:stdout) {
18 |         should_not match /\[upgradable from: /
19 |       }
20 |       its(:exit_status){ should eq 0 }
21 |     end
22 | 
23 |     packages = JSON.parse(File.read("#{File.basename(__dir__)}/debian-packages.json"))
24 |     packages.each do |package|
25 |       name = package["Package"]
26 |       version = package["Version"]
27 |       describe package(name) do
28 |         it {
29 |           should be_installed.with_version(version)
30 |         }
31 |       end
32 |     end
33 |   end
34 | end
35 | 


--------------------------------------------------------------------------------
/spec/baseimage-stretch/01apt_spec.rb:
--------------------------------------------------------------------------------
 1 | require 'spec_helper'
 2 | 
 3 | describe 'minimum2scp/baseimage-stretch' do
 4 |   describe 'apt' do
 5 |     before(:all) do
 6 |       start_container({
 7 |         'Image' => ENV['DOCKER_IMAGE'] || "minimum2scp/#{File.basename(__dir__)}:latest",
 8 |       })
 9 |     end
10 | 
11 |     after(:all) do
12 |       stop_container
13 |     end
14 | 
15 |     describe command('apt list --upgradable') do
16 |       let(:pre_command){ 'sudo apt-get update -qq' }
17 |       its(:stdout) {
18 |         should_not match /\[upgradable from: /
19 |       }
20 |       its(:exit_status){ should eq 0 }
21 |     end
22 | 
23 |     packages = JSON.parse(File.read("#{File.basename(__dir__)}/debian-packages.json"))
24 |     packages.each do |package|
25 |       name = package["Package"]
26 |       version = package["Version"]
27 |       describe package(name) do
28 |         it {
29 |           should be_installed.with_version(version)
30 |         }
31 |       end
32 |     end
33 |   end
34 | end
35 | 


--------------------------------------------------------------------------------
/spec/baseimage/01apt_spec.rb:
--------------------------------------------------------------------------------
 1 | require 'spec_helper'
 2 | 
 3 | describe 'minimum2scp/baseimage' do
 4 |   describe 'apt' do
 5 |     before(:all) do
 6 |       start_container({
 7 |         'Image' => ENV['DOCKER_IMAGE'] || "minimum2scp/#{File.basename(__dir__)}:latest",
 8 |       })
 9 |     end
10 | 
11 |     after(:all) do
12 |       stop_container
13 |     end
14 | 
15 |     describe command('apt list --upgradable') do
16 |       let(:pre_command){ 'sudo apt-get update -qq' }
17 |       its(:stdout) {
18 |         should_not match /\[upgradable from: /
19 |       }
20 |       its(:exit_status){ should eq 0 }
21 |     end
22 | 
23 |     packages = JSON.parse(File.read("#{File.basename(__dir__)}/debian-packages.json"))
24 |     packages.each do |package|
25 |       name = package["Package"]
26 |       version = package["Version"]
27 |       describe package(name) do
28 |         it {
29 |           should be_installed.with_version(version)
30 |         }
31 |       end
32 |     end
33 |   end
34 | end
35 | 


--------------------------------------------------------------------------------
/spec/debian-bookworm/01apt_spec.rb:
--------------------------------------------------------------------------------
 1 | require 'spec_helper'
 2 | 
 3 | describe 'minimum2scp/debian-bookworm' do
 4 |   describe 'apt' do
 5 |     before(:all) do
 6 |       set :backend, :docker
 7 |       set :docker_image, ENV['DOCKER_IMAGE'] || "minimum2scp/#{File.basename(__dir__)}:latest"
 8 |     end
 9 | 
10 |     after(:all) do
11 |       set :backend, :ssh
12 |       set :docker_image, nil
13 |     end
14 | 
15 |     describe command('apt list --upgradable') do
16 |       let(:pre_command){ 'apt-get update -qq' }
17 |       its(:stdout) {
18 |         should_not match /\[upgradable from: /
19 |       }
20 |       its(:exit_status){ should eq 0 }
21 |     end
22 | 
23 |     packages = JSON.parse(File.read("#{File.basename(__dir__)}/debian-packages.json"))
24 |     packages.each do |package|
25 |       name = package["Package"]
26 |       version = package["Version"]
27 |       describe package(name) do
28 |         it {
29 |           should be_installed.with_version(version)
30 |         }
31 |       end
32 |     end
33 |   end
34 | end
35 | 


--------------------------------------------------------------------------------
/spec/debian-bullseye/01apt_spec.rb:
--------------------------------------------------------------------------------
 1 | require 'spec_helper'
 2 | 
 3 | describe 'minimum2scp/debian-bullseye' do
 4 |   describe 'apt' do
 5 |     before(:all) do
 6 |       set :backend, :docker
 7 |       set :docker_image, ENV['DOCKER_IMAGE'] || "minimum2scp/#{File.basename(__dir__)}:latest"
 8 |     end
 9 | 
10 |     after(:all) do
11 |       set :backend, :ssh
12 |       set :docker_image, nil
13 |     end
14 | 
15 |     describe command('apt list --upgradable') do
16 |       let(:pre_command){ 'apt-get update -qq' }
17 |       its(:stdout) {
18 |         should_not match /\[upgradable from: /
19 |       }
20 |       its(:exit_status){ should eq 0 }
21 |     end
22 | 
23 |     packages = JSON.parse(File.read("#{File.basename(__dir__)}/debian-packages.json"))
24 |     packages.each do |package|
25 |       name = package["Package"]
26 |       version = package["Version"]
27 |       describe package(name) do
28 |         it {
29 |           should be_installed.with_version(version)
30 |         }
31 |       end
32 |     end
33 |   end
34 | end
35 | 


--------------------------------------------------------------------------------
/spec/debian-buster/01apt_spec.rb:
--------------------------------------------------------------------------------
 1 | require 'spec_helper'
 2 | 
 3 | describe 'minimum2scp/debian-buster' do
 4 |   describe 'apt' do
 5 |     before(:all) do
 6 |       set :backend, :docker
 7 |       set :docker_image, ENV['DOCKER_IMAGE'] || "minimum2scp/#{File.basename(__dir__)}:latest"
 8 |     end
 9 | 
10 |     after(:all) do
11 |       set :backend, :ssh
12 |       set :docker_image, nil
13 |     end
14 | 
15 |     describe command('apt list --upgradable') do
16 |       let(:pre_command){ 'apt-get update -qq' }
17 |       its(:stdout) {
18 |         should_not match /\[upgradable from: /
19 |       }
20 |       its(:exit_status){ should eq 0 }
21 |     end
22 | 
23 |     packages = JSON.parse(File.read("#{File.basename(__dir__)}/debian-packages.json"))
24 |     packages.each do |package|
25 |       name = package["Package"]
26 |       version = package["Version"]
27 |       describe package(name) do
28 |         it {
29 |           should be_installed.with_version(version)
30 |         }
31 |       end
32 |     end
33 |   end
34 | end
35 | 


--------------------------------------------------------------------------------
/spec/debian-stretch/01apt_spec.rb:
--------------------------------------------------------------------------------
 1 | require 'spec_helper'
 2 | 
 3 | describe 'minimum2scp/debian-stretch' do
 4 |   describe 'apt' do
 5 |     before(:all) do
 6 |       set :backend, :docker
 7 |       set :docker_image, ENV['DOCKER_IMAGE'] || "minimum2scp/#{File.basename(__dir__)}:latest"
 8 |     end
 9 | 
10 |     after(:all) do
11 |       set :backend, :ssh
12 |       set :docker_image, nil
13 |     end
14 | 
15 |     describe command('apt list --upgradable') do
16 |       let(:pre_command){ 'apt-get update -qq' }
17 |       its(:stdout) {
18 |         should_not match /\[upgradable from: /
19 |       }
20 |       its(:exit_status){ should eq 0 }
21 |     end
22 | 
23 |     packages = JSON.parse(File.read("#{File.basename(__dir__)}/debian-packages.json"))
24 |     packages.each do |package|
25 |       name = package["Package"]
26 |       version = package["Version"]
27 |       describe package(name) do
28 |         it {
29 |           should be_installed.with_version(version)
30 |         }
31 |       end
32 |     end
33 |   end
34 | end
35 | 


--------------------------------------------------------------------------------
/spec/debian/01apt_spec.rb:
--------------------------------------------------------------------------------
 1 | require 'spec_helper'
 2 | 
 3 | describe 'minimum2scp/debian' do
 4 |   describe 'apt' do
 5 |     before(:all) do
 6 |       set :backend, :docker
 7 |       set :docker_image, ENV['DOCKER_IMAGE'] || "minimum2scp/#{File.basename(__dir__)}:latest"
 8 |     end
 9 | 
10 |     after(:all) do
11 |       set :backend, :ssh
12 |       set :docker_image, nil
13 |     end
14 | 
15 |     describe command('apt list --upgradable') do
16 |       let(:pre_command){ 'apt-get update -qq' }
17 |       its(:stdout) {
18 |         should_not match /\[upgradable from: /
19 |       }
20 |       its(:exit_status){ should eq 0 }
21 |     end
22 | 
23 |     packages = JSON.parse(File.read("#{File.basename(__dir__)}/debian-packages.json"))
24 |     packages.each do |package|
25 |       name = package["Package"]
26 |       version = package["Version"]
27 |       describe package(name) do
28 |         it {
29 |           should be_installed.with_version(version)
30 |         }
31 |       end
32 |     end
33 |   end
34 | end
35 | 


--------------------------------------------------------------------------------
/spec/es-kibana/00base_spec.rb:
--------------------------------------------------------------------------------
 1 | require 'spec_helper'
 2 | 
 3 | describe 'minimum2scp/es-kibana' do
 4 |   context 'without env' do
 5 |     before(:all) do
 6 |       start_container({
 7 |         'Image' => ENV['DOCKER_IMAGE'] || "minimum2scp/#{File.basename(__dir__)}:latest",
 8 |       })
 9 |     end
10 | 
11 |     after(:all) do
12 |       stop_container
13 |     end
14 | 
15 |     #Dir["#{__dir__}/../baseimage/*_spec.rb"].sort.each do |spec|
16 |     #  load spec
17 |     #end
18 | 
19 |     describe file('/tmp/build') do
20 |       it { should_not be_directory }
21 |     end
22 | 
23 |     %w[
24 |       elasticsearch
25 |       kibana
26 |     ].each do |pkg|
27 |       describe package(pkg) do
28 |         it { should be_installed }
29 |       end
30 |     end
31 | 
32 |     describe file('/etc/default/elasticsearch') do
33 |       its(:content){ should match /^ES_JAVA_OPTS="-Xms512m -Xmx512m"$/ }
34 |     end
35 | 
36 |     describe service('elasticsearch') do
37 |       it { should be_running }
38 |       it { should be_enabled }
39 |     end
40 | 
41 |     describe service('kibana') do
42 |       it { should be_running }
43 |       it { should be_enabled }
44 |     end
45 |   end
46 | 
47 |   context 'with env [ES_JAVA_OPTS="-Xms1024m -Xmx1024m"]' do
48 |     before(:all) do
49 |       start_container({
50 |         'Image' => ENV['DOCKER_IMAGE'] || "minimum2scp/#{File.basename(__dir__)}:latest",
51 |         'Env' => [ 'ES_JAVA_OPTS=-Xms1024m -Xmx1024m' ]
52 |       })
53 |     end
54 | 
55 |     after(:all) do
56 |       stop_container
57 |     end
58 | 
59 |     describe file('/etc/default/elasticsearch') do
60 |       its(:content){ should match /^ES_JAVA_OPTS="-Xms1024m -Xmx1024m"$/ }
61 |     end
62 | 
63 |     describe service('elasticsearch') do
64 |       it { should be_running }
65 |       it { should be_enabled }
66 |     end
67 | 
68 |     describe service('kibana') do
69 |       it { should be_running }
70 |       it { should be_enabled }
71 |     end
72 | 
73 |     describe file('/etc/profile.d/00docker-env.sh') do
74 |       its(:content){ should match /^#export ES_JAVA_OPTS='-Xms1024m -Xmx1024m'$/ }
75 |     end
76 |   end
77 | end
78 | 


--------------------------------------------------------------------------------
/spec/norikra/00base_spec.rb:
--------------------------------------------------------------------------------
 1 | require 'spec_helper'
 2 | 
 3 | describe 'minimum2scp/norikra' do
 4 |   context 'without env' do
 5 |     before(:all) do
 6 |       start_container({
 7 |         'Image' => ENV['DOCKER_IMAGE'] || "minimum2scp/#{File.basename(__dir__)}:latest",
 8 |       })
 9 |     end
10 | 
11 |     after(:all) do
12 |       stop_container
13 |     end
14 | 
15 |     #Dir["#{__dir__}/../baseimage/*_spec.rb"].sort.each do |spec|
16 |     #  load spec
17 |     #end
18 | 
19 |     describe file('/tmp/build') do
20 |       it { should_not be_directory }
21 |     end
22 | 
23 |     describe package('norikra') do
24 |       let(:path){ '/opt/rbenv/versions/jruby-9.4.2.0/bin:$PATH' }
25 |       it { should be_installed.by('gem') }
26 |     end
27 |   end
28 | end
29 | 


--------------------------------------------------------------------------------
/spec/squid/00base_spec.rb:
--------------------------------------------------------------------------------
 1 | require 'spec_helper'
 2 | 
 3 | describe 'minimum2scp/squid' do
 4 |   context 'without env' do
 5 |     before(:all) do
 6 |       start_container({
 7 |         'Image' => ENV['DOCKER_IMAGE'] || "minimum2scp/#{File.basename(__dir__)}:latest",
 8 |       })
 9 |     end
10 | 
11 |     after(:all) do
12 |       stop_container
13 |     end
14 | 
15 |     #Dir["#{__dir__}/../baseimage/*_spec.rb"].sort.each do |spec|
16 |     #  load spec
17 |     #end
18 | 
19 |     describe file('/tmp/build') do
20 |       it { should_not be_directory }
21 |     end
22 | 
23 |     %w[
24 |       squid
25 |     ].each do |pkg|
26 |       describe package(pkg) do
27 |         it { should be_installed }
28 |       end
29 |     end
30 |   end
31 | end
32 | 


--------------------------------------------------------------------------------
/spec/systemd-bookworm/00base_spec.rb:
--------------------------------------------------------------------------------
 1 | require 'spec_helper'
 2 | 
 3 | describe 'minimum2scp/systemd-bookworm' do
 4 |   context 'without env' do
 5 |     before(:all) do
 6 |       start_container({
 7 |         'Image' => ENV['DOCKER_IMAGE'] || "minimum2scp/#{File.basename(__dir__)}:latest",
 8 |         'HostConfig' => { 'Privileged' => true },
 9 |       })
10 |     end
11 | 
12 |     after(:all) do
13 |       stop_container
14 |     end
15 | 
16 |     %w[
17 |       systemd systemd-sysv dbus libpam-systemd less
18 |     ].each do |pkg|
19 |       describe package(pkg) do
20 |         it { should be_installed }
21 |       end
22 |     end
23 |   end
24 | end
25 | 


--------------------------------------------------------------------------------
/spec/systemd-bullseye/00base_spec.rb:
--------------------------------------------------------------------------------
 1 | require 'spec_helper'
 2 | 
 3 | describe 'minimum2scp/systemd-bullseye' do
 4 |   context 'without env' do
 5 |     before(:all) do
 6 |       start_container({
 7 |         'Image' => ENV['DOCKER_IMAGE'] || "minimum2scp/#{File.basename(__dir__)}:latest",
 8 |         'HostConfig' => { 'Privileged' => true },
 9 |       })
10 |     end
11 | 
12 |     after(:all) do
13 |       stop_container
14 |     end
15 | 
16 |     %w[
17 |       systemd systemd-sysv dbus libpam-systemd less
18 |     ].each do |pkg|
19 |       describe package(pkg) do
20 |         it { should be_installed }
21 |       end
22 |     end
23 |   end
24 | end
25 | 


--------------------------------------------------------------------------------
/spec/systemd-buster/00base_spec.rb:
--------------------------------------------------------------------------------
 1 | require 'spec_helper'
 2 | 
 3 | describe 'minimum2scp/systemd-buster' do
 4 |   context 'without env' do
 5 |     before(:all) do
 6 |       start_container({
 7 |         'Image' => ENV['DOCKER_IMAGE'] || "minimum2scp/#{File.basename(__dir__)}:latest",
 8 |         'HostConfig' => { 'Privileged' => true },
 9 |       })
10 |     end
11 | 
12 |     after(:all) do
13 |       stop_container
14 |     end
15 | 
16 |     %w[
17 |       systemd systemd-sysv dbus libpam-systemd less
18 |     ].each do |pkg|
19 |       describe package(pkg) do
20 |         it { should be_installed }
21 |       end
22 |     end
23 |   end
24 | end
25 | 


--------------------------------------------------------------------------------
/spec/systemd-stretch/00base_spec.rb:
--------------------------------------------------------------------------------
 1 | require 'spec_helper'
 2 | 
 3 | describe 'minimum2scp/systemd' do
 4 |   context 'without env' do
 5 |     before(:all) do
 6 |       start_container({
 7 |         'Image' => ENV['DOCKER_IMAGE'] || "minimum2scp/#{File.basename(__dir__)}:latest",
 8 |         'HostConfig' => { 'Privileged' => true },
 9 |       })
10 |     end
11 | 
12 |     after(:all) do
13 |       stop_container
14 |     end
15 | 
16 |     %w[
17 |       systemd systemd-sysv dbus libpam-systemd less
18 |     ].each do |pkg|
19 |       describe package(pkg) do
20 |         it { should be_installed }
21 |       end
22 |     end
23 |   end
24 | end
25 | 


--------------------------------------------------------------------------------
/spec/systemd/00base_spec.rb:
--------------------------------------------------------------------------------
 1 | require 'spec_helper'
 2 | 
 3 | describe 'minimum2scp/systemd' do
 4 |   context 'without env' do
 5 |     before(:all) do
 6 |       start_container({
 7 |         'Image' => ENV['DOCKER_IMAGE'] || "minimum2scp/#{File.basename(__dir__)}:latest",
 8 |         'HostConfig' => { 'Privileged' => true },
 9 |       })
10 |     end
11 | 
12 |     after(:all) do
13 |       stop_container
14 |     end
15 | 
16 |     %w[
17 |       systemd systemd-sysv dbus libpam-systemd less
18 |     ].each do |pkg|
19 |       describe package(pkg) do
20 |         it { should be_installed }
21 |       end
22 |     end
23 |   end
24 | end
25 | 


--------------------------------------------------------------------------------
/squid/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/baseimage:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/squid
 5 | RUN run-parts --report --exit-on-error /tmp/build/squid/scripts && rm -rfv /tmp/build
 6 | EXPOSE 22 3128
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/squid/README.md:
--------------------------------------------------------------------------------
 1 | # about minimum2scp/squid image
 2 | 
 3 |  * based on minimum2scp/baseimage (see https://github.com/minimum2scp/dockerfiles/tree/master/baseimage)
 4 |  * squid package installed
 5 | 
 6 | ## start container
 7 | 
 8 | ```
 9 | docker run -d -p 3128:3128 minimum2scp/squid
10 | ```
11 | 
12 | and then use from localhost:
13 | 
14 | ```
15 | export http_proxy=http://127.0.0.1:3128
16 | curl http://example.com/
17 | ```
18 | 
19 | ## ssh login to container
20 | 
21 | ssh login to container:
22 | 
23 | ```
24 | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no debian@<container IP address>
25 | ```
26 | 
27 | or use published port:
28 | 
29 | ```
30 | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p <published ssh port> debian@localhost
31 | ```
32 | 
33 |  * user "debian" is available
34 |  * password is "debian"
35 |  * user "debian" can use sudo command without password
36 |  * `id debian`: `uid=2000(debian) gid=2000(debian) groups=2000(debian),4(adm),27(sudo)`
37 | 
38 | ## processes
39 | 
40 | ```
41 | UID        PID  PPID  C STIME TTY      STAT   TIME CMD
42 | root         1     0  0 23:50 ?        Ss     0:00 init [2]
43 | root       412     1  0 23:50 ?        Ssl    0:00 /usr/sbin/rsyslogd
44 | root       437     1  0 23:50 ?        Ss     0:00 /usr/sbin/cron
45 | root       471     1  0 23:50 ?        Ss     0:00 /usr/sbin/squid -YC -f /etc/squid/squid.conf
46 | proxy      473   471  0 23:50 ?        S      0:00  \_ (squid-1) -YC -f /etc/squid/squid.conf
47 | proxy      486   473  0 23:50 ?        S      0:00      \_ (logfile-daemon) /var/log/squid/access.log
48 | proxy      492   473  0 23:50 ?        S      0:00      \_ (pinger)
49 | root       482     1  0 23:50 ?        Ss     0:00 /usr/sbin/sshd
50 | root       493   482  0 23:50 ?        Ss     0:00  \_ sshd: debian [priv]
51 | debian     495   493  0 23:50 ?        S      0:00      \_ sshd: debian@pts/0
52 | debian     496   495  0 23:50 pts/0    Ss     0:00          \_ -bash
53 | debian     501   496  0 23:50 pts/0    R+     0:00              \_ ps -ef fw
54 | ```
55 | 
56 | ## ports
57 | 
58 |  * TCP/22: sshd
59 |  * TCP/3128: squid
60 |  * TCP/3129: squid (transparent)
61 | 
62 | 


--------------------------------------------------------------------------------
/squid/build/etc/squid/squid.acl.conf:
--------------------------------------------------------------------------------
1 | acl localnet src 10.0.0.0/8    # RFC1918 possible internal network
2 | acl localnet src 172.16.0.0/12 # RFC1918 possible internal network
3 | acl localnet src 192.168.0.0/16        # RFC1918 possible internal network
4 | acl localnet src fc00::/7       # RFC 4193 local private network range
5 | acl localnet src fe80::/10      # RFC 4291 link-local (directly plugged) machines
6 | 
7 | http_access allow localnet
8 | 


--------------------------------------------------------------------------------
/squid/build/etc/squid/squid.local.conf:
--------------------------------------------------------------------------------
1 | shutdown_lifetime 3 seconds
2 | http_port 3129 transparent
3 | 


--------------------------------------------------------------------------------
/squid/build/scripts/00-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## reset user.email for etckeeper
 9 | ##
10 | git config --global user.email "root@`hostname`"
11 | 
12 | ##
13 | ## upgrade installed packages
14 | ##
15 | apt-get update
16 | apt-get dist-upgrade --no-install-recommends -y
17 | 
18 | 


--------------------------------------------------------------------------------
/squid/build/scripts/01-setup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## install squid
 9 | ##
10 | apt-get install --no-install-recommends -y squid
11 | 
12 | ##
13 | ## configure squid
14 | ##
15 | cp -a /etc/squid/squid.conf /etc/squid/squid.conf.orig
16 | ( echo "include /etc/squid/squid.acl.conf";
17 |   cat /etc/squid/squid.conf;
18 |   echo "";
19 |   echo "include /etc/squid/squid.local.conf";
20 | ) > /etc/squid/squid.conf.new
21 | mv /etc/squid/squid.conf.new /etc/squid/squid.conf
22 | install -m 644 -o root -g root -p /tmp/build/squid/etc/squid/squid.acl.conf /etc/squid/squid.acl.conf
23 | install -m 644 -o root -g root -p /tmp/build/squid/etc/squid/squid.local.conf /etc/squid/squid.local.conf
24 | etckeeper commit "squid: allow from localnet, shorten shutdown_lifetime"
25 | 
26 | ##
27 | ## workaround for squid init script: "/etc/init.d/squid3 stop" fails
28 | ##
29 | cp -a /etc/init.d/squid /etc/init.d/squid.orig
30 | install -m 755 -o root -g root -p /tmp/build/squid/etc/init.d/squid /etc/init.d/squid
31 | etckeeper commit "squid: workaround for init script"
32 | 
33 | ##
34 | ## add user to proxy group
35 | ##
36 | adduser debian proxy
37 | etckeeper commit "add debian user to proxy group"
38 | 
39 | 


--------------------------------------------------------------------------------
/squid/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/systemd-bookworm/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/baseimage-bookworm:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/systemd-bookworm
 5 | RUN run-parts --report --exit-on-error /tmp/build/systemd-bookworm/scripts && rm -rfv /tmp/build
 6 | EXPOSE 22
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/systemd-bookworm/README.md:
--------------------------------------------------------------------------------
 1 | # about minimum2scp/systemd-bookworm image
 2 | 
 3 |  * based on minimum2scp/baseimage-bookworm (see https://github.com/minimum2scp/dockerfiles/tree/master/baseimage)
 4 |  * use systemd as /sbin/init
 5 | 
 6 | ## start container
 7 | 
 8 | ```
 9 | docker run --privileged -d minimum2scp/systemd-bookworm:latest
10 | ```
11 | 
12 | ## ssh login to container
13 | 
14 | ssh login to container:
15 | 
16 | ```
17 | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no debian@<container IP address>
18 | ```
19 | 
20 | or use published port:
21 | 
22 | ```
23 | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p <published ssh port> debian@localhost
24 | ```
25 | 
26 |  * user "debian" is available
27 |  * password is "debian"
28 |  * user "debian" can use sudo command without password
29 |  * `id debian`: `uid=2000(debian) gid=2000(debian) groups=2000(debian),4(adm),27(sudo)`
30 | 
31 | ## processes
32 | 
33 | ```
34 | UID        PID  PPID  C STIME TTY      STAT   TIME CMD
35 | root         1     0  0 17:46 ?        Ss     0:00 /sbin/init
36 | root       466     1  0 17:46 ?        Ss     0:00 /lib/systemd/systemd-journald
37 | root       475     1  0 17:46 ?        Ss     0:00 /usr/sbin/cron -f
38 | message+   476     1  0 17:46 ?        Ss     0:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
39 | root       477     1  0 17:46 ?        Ss     0:00 /usr/sbin/sshd -D
40 | root       544   477  0 17:46 ?        Ss     0:00  \_ sshd: debian [priv]
41 | debian     548   544  0 17:46 ?        S      0:00      \_ sshd: debian@pts/0
42 | debian     549   548  0 17:46 pts/0    Ss     0:00          \_ -bash
43 | debian     554   549  0 17:46 pts/0    R+     0:00              \_ ps -ef fw
44 | root       479     1  0 17:46 ?        Ssl    0:00 /usr/sbin/rsyslogd -n
45 | root       481     1  0 17:46 ?        Ss     0:00 /lib/systemd/systemd-logind
46 | ```
47 | 
48 | ## ports
49 | 
50 |  * TCP/22: sshd
51 | 
52 | 


--------------------------------------------------------------------------------
/systemd-bookworm/build/scripts/00-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## reset user.email for etckeeper
 9 | ##
10 | git config --global user.email "root@`hostname`"
11 | 
12 | ##
13 | ## upgrade installed packages
14 | ##
15 | apt-get update
16 | apt-get dist-upgrade --no-install-recommends -y
17 | 
18 | 


--------------------------------------------------------------------------------
/systemd-bookworm/build/scripts/01-setup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | apt-get install --no-install-recommends -y systemd systemd-sysv dbus libpam-systemd less
 8 | 
 9 | ## use less for systemctl, journalctl
10 | echo '#export SYSTEMD_EDITOR='     >  /etc/profile.d/systemd-vars.sh
11 | echo 'export SYSTEMD_PAGER=less'   >> /etc/profile.d/systemd-vars.sh
12 | echo '#export SYSTEMD_LESS=FRSXMK' >> /etc/profile.d/systemd-vars.sh
13 | 
14 | echo 'Defaults env_keep += "SYSTEMD_EDITOR SYSTEMD_PAGER SYSTEMD_LESS"' \
15 |   > /etc/sudoers.d/systemd-vars
16 | 
17 | etckeeper commit "profile, sudoers: use less for systemd pager"
18 | 
19 | ## disable tty1
20 | systemctl mask getty@tty1.service
21 | etckeeper commit "systemd: masked getty@tty1.service"
22 | 
23 | ## disable systemd-timesyncd
24 | systemctl mask systemd-timesyncd.service
25 | etckeeper commit "systemd: masked systemd-timesyncd.service"
26 | 
27 | 


--------------------------------------------------------------------------------
/systemd-bookworm/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/systemd-bullseye/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/baseimage-bullseye:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/systemd-bullseye
 5 | RUN run-parts --report --exit-on-error /tmp/build/systemd-bullseye/scripts && rm -rfv /tmp/build
 6 | EXPOSE 22
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/systemd-bullseye/README.md:
--------------------------------------------------------------------------------
 1 | # about minimum2scp/systemd-bullseye image
 2 | 
 3 |  * based on minimum2scp/baseimage-bullseye (see https://github.com/minimum2scp/dockerfiles/tree/master/baseimage-bullseye)
 4 |  * use systemd as /sbin/init
 5 | 
 6 | ## start container
 7 | 
 8 | ```
 9 | docker run --privileged -d minimum2scp/systemd-bullseye:latest
10 | ```
11 | 
12 | ## ssh login to container
13 | 
14 | ssh login to container:
15 | 
16 | ```
17 | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no debian@<container IP address>
18 | ```
19 | 
20 | or use published port:
21 | 
22 | ```
23 | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p <published ssh port> debian@localhost
24 | ```
25 | 
26 |  * user "debian" is available
27 |  * password is "debian"
28 |  * user "debian" can use sudo command without password
29 |  * `id debian`: `uid=2000(debian) gid=2000(debian) groups=2000(debian),4(adm),27(sudo)`
30 | 
31 | ## processes
32 | 
33 | ```
34 | UID        PID  PPID  C STIME TTY      STAT   TIME CMD
35 | root         1     0  0 17:46 ?        Ss     0:00 /sbin/init
36 | root       466     1  0 17:46 ?        Ss     0:00 /lib/systemd/systemd-journald
37 | root       475     1  0 17:46 ?        Ss     0:00 /usr/sbin/cron -f
38 | message+   476     1  0 17:46 ?        Ss     0:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
39 | root       477     1  0 17:46 ?        Ss     0:00 /usr/sbin/sshd -D
40 | root       544   477  0 17:46 ?        Ss     0:00  \_ sshd: debian [priv]
41 | debian     548   544  0 17:46 ?        S      0:00      \_ sshd: debian@pts/0
42 | debian     549   548  0 17:46 pts/0    Ss     0:00          \_ -bash
43 | debian     554   549  0 17:46 pts/0    R+     0:00              \_ ps -ef fw
44 | root       479     1  0 17:46 ?        Ssl    0:00 /usr/sbin/rsyslogd -n
45 | root       481     1  0 17:46 ?        Ss     0:00 /lib/systemd/systemd-logind
46 | ```
47 | 
48 | ## ports
49 | 
50 |  * TCP/22: sshd
51 | 
52 | 


--------------------------------------------------------------------------------
/systemd-bullseye/build/scripts/00-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## reset user.email for etckeeper
 9 | ##
10 | git config --global user.email "root@`hostname`"
11 | 
12 | ##
13 | ## upgrade installed packages
14 | ##
15 | apt-get update
16 | apt-get dist-upgrade --no-install-recommends -y
17 | 
18 | 


--------------------------------------------------------------------------------
/systemd-bullseye/build/scripts/01-setup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | apt-get install --no-install-recommends -y systemd systemd-sysv dbus libpam-systemd less
 8 | 
 9 | ## use less for systemctl, journalctl
10 | echo '#export SYSTEMD_EDITOR='     >  /etc/profile.d/systemd-vars.sh
11 | echo 'export SYSTEMD_PAGER=less'   >> /etc/profile.d/systemd-vars.sh
12 | echo '#export SYSTEMD_LESS=FRSXMK' >> /etc/profile.d/systemd-vars.sh
13 | 
14 | echo 'Defaults env_keep += "SYSTEMD_EDITOR SYSTEMD_PAGER SYSTEMD_LESS"' \
15 |   > /etc/sudoers.d/systemd-vars
16 | 
17 | etckeeper commit "profile, sudoers: use less for systemd pager"
18 | 
19 | ## disable tty1
20 | systemctl mask getty@tty1.service
21 | etckeeper commit "systemd: masked getty@tty1.service"
22 | 
23 | ## disable systemd-timesyncd
24 | systemctl mask systemd-timesyncd.service
25 | etckeeper commit "systemd: masked systemd-timesyncd.service"
26 | 
27 | 


--------------------------------------------------------------------------------
/systemd-bullseye/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/systemd-buster/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/baseimage-buster:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/systemd-buster
 5 | RUN run-parts --report --exit-on-error /tmp/build/systemd-buster/scripts && rm -rfv /tmp/build
 6 | EXPOSE 22
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/systemd-buster/README.md:
--------------------------------------------------------------------------------
 1 | # about minimum2scp/systemd-buster image
 2 | 
 3 |  * based on minimum2scp/baseimage-buster (see https://github.com/minimum2scp/dockerfiles/tree/master/baseimage-buster)
 4 |  * use systemd as /sbin/init
 5 | 
 6 | ## start container
 7 | 
 8 | ```
 9 | docker run --privileged -d minimum2scp/systemd-buster:latest
10 | ```
11 | 
12 | ## ssh login to container
13 | 
14 | ssh login to container:
15 | 
16 | ```
17 | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no debian@<container IP address>
18 | ```
19 | 
20 | or use published port:
21 | 
22 | ```
23 | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p <published ssh port> debian@localhost
24 | ```
25 | 
26 |  * user "debian" is available
27 |  * password is "debian"
28 |  * user "debian" can use sudo command without password
29 |  * `id debian`: `uid=2000(debian) gid=2000(debian) groups=2000(debian),4(adm),27(sudo)`
30 | 
31 | ## processes
32 | 
33 | ```
34 | UID        PID  PPID  C STIME TTY      STAT   TIME CMD
35 | root         1     0  0 17:46 ?        Ss     0:00 /sbin/init
36 | root       466     1  0 17:46 ?        Ss     0:00 /lib/systemd/systemd-journald
37 | root       475     1  0 17:46 ?        Ss     0:00 /usr/sbin/cron -f
38 | message+   476     1  0 17:46 ?        Ss     0:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
39 | root       477     1  0 17:46 ?        Ss     0:00 /usr/sbin/sshd -D
40 | root       544   477  0 17:46 ?        Ss     0:00  \_ sshd: debian [priv]
41 | debian     548   544  0 17:46 ?        S      0:00      \_ sshd: debian@pts/0
42 | debian     549   548  0 17:46 pts/0    Ss     0:00          \_ -bash
43 | debian     554   549  0 17:46 pts/0    R+     0:00              \_ ps -ef fw
44 | root       479     1  0 17:46 ?        Ssl    0:00 /usr/sbin/rsyslogd -n
45 | root       481     1  0 17:46 ?        Ss     0:00 /lib/systemd/systemd-logind
46 | ```
47 | 
48 | ## ports
49 | 
50 |  * TCP/22: sshd
51 | 
52 | 


--------------------------------------------------------------------------------
/systemd-buster/build/scripts/00-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## reset user.email for etckeeper
 9 | ##
10 | git config --global user.email "root@`hostname`"
11 | 
12 | ##
13 | ## upgrade installed packages
14 | ##
15 | apt-get update
16 | apt-get dist-upgrade --no-install-recommends -y
17 | 
18 | 


--------------------------------------------------------------------------------
/systemd-buster/build/scripts/01-setup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | apt-get install --no-install-recommends -y systemd systemd-sysv dbus libpam-systemd less
 8 | 
 9 | ## use less for systemctl, journalctl
10 | echo '#export SYSTEMD_EDITOR='     >  /etc/profile.d/systemd-vars.sh
11 | echo 'export SYSTEMD_PAGER=less'   >> /etc/profile.d/systemd-vars.sh
12 | echo '#export SYSTEMD_LESS=FRSXMK' >> /etc/profile.d/systemd-vars.sh
13 | 
14 | echo 'Defaults env_keep += "SYSTEMD_EDITOR SYSTEMD_PAGER SYSTEMD_LESS"' \
15 |   > /etc/sudoers.d/systemd-vars
16 | 
17 | etckeeper commit "profile, sudoers: use less for systemd pager"
18 | 
19 | ## disable tty1
20 | systemctl mask getty@tty1.service
21 | etckeeper commit "systemd: masked getty@tty1.service"
22 | 
23 | ## disable systemd-timesyncd
24 | systemctl mask systemd-timesyncd.service
25 | etckeeper commit "systemd: masked systemd-timesyncd.service"
26 | 
27 | 


--------------------------------------------------------------------------------
/systemd-buster/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/systemd-stretch/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/baseimage-stretch:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/systemd-stretch
 5 | RUN run-parts --report --exit-on-error /tmp/build/systemd-stretch/scripts && rm -rfv /tmp/build
 6 | EXPOSE 22
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/systemd-stretch/README.md:
--------------------------------------------------------------------------------
 1 | # about minimum2scp/systemd-stretch image
 2 | 
 3 |  * based on minimum2scp/baseimage-stretch (see https://github.com/minimum2scp/dockerfiles/tree/master/baseimage-stretch)
 4 |  * use systemd as /sbin/init
 5 | 
 6 | ## start container
 7 | 
 8 | ```
 9 | docker run --privileged -d minimum2scp/systemd-stretch:latest
10 | ```
11 | 
12 | ## ssh login to container
13 | 
14 | ssh login to container:
15 | 
16 | ```
17 | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no debian@<container IP address>
18 | ```
19 | 
20 | or use published port:
21 | 
22 | ```
23 | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p <published ssh port> debian@localhost
24 | ```
25 | 
26 |  * user "debian" is available
27 |  * password is "debian"
28 |  * user "debian" can use sudo command without password
29 |  * `id debian`: `uid=2000(debian) gid=2000(debian) groups=2000(debian),4(adm),27(sudo)`
30 | 
31 | ## processes
32 | 
33 | ```
34 | UID        PID  PPID  C STIME TTY      STAT   TIME CMD
35 | root         1     0  1 01:17 ?        Ss     0:00 /sbin/init
36 | root       458     1  1 01:17 ?        Ss     0:00 /lib/systemd/systemd-journald
37 | root       471     1  0 01:17 ?        Ss     0:00 /usr/sbin/sshd -D
38 | root       714   471  0 01:17 ?        Ss     0:00  \_ sshd: debian [priv]
39 | debian     722   714  0 01:17 ?        S      0:00      \_ sshd: debian@pts/0
40 | debian     723   722  0 01:17 pts/0    Ss     0:00          \_ -bash
41 | debian     730   723  0 01:17 pts/0    R+     0:00              \_ ps -ef fw
42 | root       472     1  0 01:17 ?        Ssl    0:00 /usr/sbin/rsyslogd -n
43 | message+   474     1  0 01:17 ?        Ss     0:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
44 | root       480     1  0 01:17 ?        Ss     0:00 /lib/systemd/systemd-logind
45 | root       481     1  0 01:17 ?        Ss     0:00 /usr/sbin/cron -f
46 | ```
47 | 
48 | ## ports
49 | 
50 |  * TCP/22: sshd
51 | 
52 | 


--------------------------------------------------------------------------------
/systemd-stretch/build/scripts/00-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## reset user.email for etckeeper
 9 | ##
10 | git config --global user.email "root@`hostname`"
11 | 
12 | ##
13 | ## upgrade installed packages
14 | ##
15 | apt-get update
16 | apt-get dist-upgrade --no-install-recommends -y
17 | 
18 | 


--------------------------------------------------------------------------------
/systemd-stretch/build/scripts/01-setup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | apt-get install --no-install-recommends -y systemd systemd-sysv dbus libpam-systemd less
 8 | 
 9 | ## use less for systemctl, journalctl
10 | echo '#export SYSTEMD_EDITOR='     >  /etc/profile.d/systemd-vars.sh
11 | echo 'export SYSTEMD_PAGER=less'   >> /etc/profile.d/systemd-vars.sh
12 | echo '#export SYSTEMD_LESS=FRSXMK' >> /etc/profile.d/systemd-vars.sh
13 | 
14 | echo 'Defaults env_keep += "SYSTEMD_EDITOR SYSTEMD_PAGER SYSTEMD_LESS"' \
15 |   > /etc/sudoers.d/systemd-vars
16 | 
17 | etckeeper commit "profile, sudoers: use less for systemd pager"
18 | 
19 | ## disable tty1
20 | systemctl mask getty@tty1.service
21 | etckeeper commit "systemd: masked getty@tty1.service"
22 | 
23 | ## disable systemd-timesyncd
24 | systemctl mask systemd-timesyncd.service
25 | etckeeper commit "systemd: masked systemd-timesyncd.service"
26 | 
27 | 


--------------------------------------------------------------------------------
/systemd-stretch/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/systemd/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/baseimage:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/systemd
 5 | RUN run-parts --report --exit-on-error /tmp/build/systemd/scripts && rm -rfv /tmp/build
 6 | EXPOSE 22
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/systemd/README.md:
--------------------------------------------------------------------------------
 1 | # about minimum2scp/systemd image
 2 | 
 3 |  * based on minimum2scp/baseimage (see https://github.com/minimum2scp/dockerfiles/tree/master/baseimage)
 4 |  * use systemd as /sbin/init
 5 | 
 6 | ## start container
 7 | 
 8 | ```
 9 | docker run --privileged -d minimum2scp/systemd:latest
10 | ```
11 | 
12 | ## ssh login to container
13 | 
14 | ssh login to container:
15 | 
16 | ```
17 | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no debian@<container IP address>
18 | ```
19 | 
20 | or use published port:
21 | 
22 | ```
23 | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p <published ssh port> debian@localhost
24 | ```
25 | 
26 |  * user "debian" is available
27 |  * password is "debian"
28 |  * user "debian" can use sudo command without password
29 |  * `id debian`: `uid=2000(debian) gid=2000(debian) groups=2000(debian),4(adm),27(sudo)`
30 | 
31 | ## processes
32 | 
33 | ```
34 | UID        PID  PPID  C STIME TTY      STAT   TIME CMD
35 | root         1     0  0 17:46 ?        Ss     0:00 /sbin/init
36 | root       466     1  0 17:46 ?        Ss     0:00 /lib/systemd/systemd-journald
37 | root       475     1  0 17:46 ?        Ss     0:00 /usr/sbin/cron -f
38 | message+   476     1  0 17:46 ?        Ss     0:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
39 | root       477     1  0 17:46 ?        Ss     0:00 /usr/sbin/sshd -D
40 | root       544   477  0 17:46 ?        Ss     0:00  \_ sshd: debian [priv]
41 | debian     548   544  0 17:46 ?        S      0:00      \_ sshd: debian@pts/0
42 | debian     549   548  0 17:46 pts/0    Ss     0:00          \_ -bash
43 | debian     554   549  0 17:46 pts/0    R+     0:00              \_ ps -ef fw
44 | root       479     1  0 17:46 ?        Ssl    0:00 /usr/sbin/rsyslogd -n
45 | root       481     1  0 17:46 ?        Ss     0:00 /lib/systemd/systemd-logind
46 | ```
47 | 
48 | ## ports
49 | 
50 |  * TCP/22: sshd
51 | 
52 | 


--------------------------------------------------------------------------------
/systemd/build/scripts/00-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## reset user.email for etckeeper
 9 | ##
10 | git config --global user.email "root@`hostname`"
11 | 
12 | ##
13 | ## upgrade installed packages
14 | ##
15 | apt-get update
16 | apt-get dist-upgrade --no-install-recommends -y
17 | 
18 | 


--------------------------------------------------------------------------------
/systemd/build/scripts/01-setup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | apt-get install --no-install-recommends -y systemd systemd-sysv dbus libpam-systemd less
 8 | 
 9 | ## use less for systemctl, journalctl
10 | echo '#export SYSTEMD_EDITOR='     >  /etc/profile.d/systemd-vars.sh
11 | echo 'export SYSTEMD_PAGER=less'   >> /etc/profile.d/systemd-vars.sh
12 | echo '#export SYSTEMD_LESS=FRSXMK' >> /etc/profile.d/systemd-vars.sh
13 | 
14 | echo 'Defaults env_keep += "SYSTEMD_EDITOR SYSTEMD_PAGER SYSTEMD_LESS"' \
15 |   > /etc/sudoers.d/systemd-vars
16 | 
17 | etckeeper commit "profile, sudoers: use less for systemd pager"
18 | 
19 | ## disable tty1
20 | systemctl mask getty@tty1.service
21 | etckeeper commit "systemd: masked getty@tty1.service"
22 | 
23 | ## disable systemd-timesyncd
24 | systemctl mask systemd-timesyncd.service
25 | etckeeper commit "systemd: masked systemd-timesyncd.service"
26 | 
27 | 


--------------------------------------------------------------------------------
/systemd/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/tdiary/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/ruby:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/tdiary
 5 | RUN run-parts --report --exit-on-error /tmp/build/tdiary/scripts && rm -rfv /tmp/build
 6 | EXPOSE 22 80 9001
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/tdiary/build/etc/nginx/conf.d/tdiary.conf:
--------------------------------------------------------------------------------
 1 | upstream tdiary {
 2 |         server localhost:19292;
 3 | }
 4 | 
 5 | server {
 6 |         listen 80 default_server;
 7 |         listen [::]:80 default_server ipv6only=on;
 8 | 
 9 |         server_name localhost;
10 | 
11 |         root /var/www/html;
12 |         #index index.html index.htm;
13 | 
14 |         location / {
15 |                 alias /home/debian/go/src/github.com/tdiary/tdiary-core/public;
16 |                 try_files $uri $uri/index.html @tdiary;
17 |         }
18 | 
19 |         location @tdiary {
20 |                 proxy_pass http://tdiary;
21 |         }
22 | }
23 | 
24 | 


--------------------------------------------------------------------------------
/tdiary/build/etc/supervisor/conf.d/tdiary.conf:
--------------------------------------------------------------------------------
 1 | [program:tdiary]
 2 | command = /home/debian/tdiary/start.sh
 3 | numprocs = 1
 4 | directory = /home/debian/tdiary
 5 | umask = 022
 6 | autostart = true
 7 | autorestart = true
 8 | startsecs = 3
 9 | startretries = 5
10 | user = debian
11 | stdout_logfile = /var/log/supervisor/tdiary.log
12 | stderr_logfile = /var/log/supervisor/tdiary.log
13 | redirect_stderr = true
14 | stopasgroup = true
15 | killasgroup = true
16 | 
17 | 


--------------------------------------------------------------------------------
/tdiary/build/home/debian/go/src/github.com/tdiary/tdiary-core/Gemfile.local:
--------------------------------------------------------------------------------
 1 | gem "tdiary",                   :path => "."
 2 | gem "tdiary-contrib",           :path => "../tdiary-contrib"
 3 | #gem "tdiary-cache-memcached",  :path => "../tdiary-cache-memcached"
 4 | #gem "tdiary-cache-redis",      :path => "../tdiary-cache-redis"
 5 | #gem "tdiary-cache-null",       :path => "../tdiary-cache-null"
 6 | #gem "tdiary-io-mongodb",       :path => "../tdiary-io-mongodb"
 7 | #gem "tdiary-io-rdb",           :path => "../tdiary-io-rdb"
 8 | #gem "tdiary-style-emptdiary",  :path => "../tdiary-style-emptdiary"
 9 | #gem "tdiary-style-etdiary",    :path => "../tdiary-style-etdiary"
10 | gem "tdiary-style-rd",         :path => "../tdiary-style-rd"
11 | gem "tdiary-style-gfm",        :path => "../tdiary-style-gfm"
12 | 
13 | gem "faraday", "< 1.0.0"
14 | 


--------------------------------------------------------------------------------
/tdiary/build/home/debian/tdiary/.htpasswd:
--------------------------------------------------------------------------------
1 | debian:tUsIhoneaygI6
2 | 


--------------------------------------------------------------------------------
/tdiary/build/home/debian/tdiary/start.sh:
--------------------------------------------------------------------------------
 1 | #! /bin/bash -l
 2 | 
 3 | export HOME=/home/debian
 4 | export LANG=ja_JP.UTF-8
 5 | 
 6 | cd $HOME/go/src/github.com/tdiary/tdiary-core
 7 | 
 8 | env | sort
 9 | echo ""
10 | bundle exec gem env
11 | echo ""
12 | 
13 | exec bundle exec rackup -o 0.0.0.0 -p 19292
14 | 
15 | 


--------------------------------------------------------------------------------
/tdiary/build/scripts/00-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## reset user.email for etckeeper
 9 | ##
10 | git config --global user.email "root@`hostname`"
11 | 
12 | ##
13 | ## upgrade installed packages
14 | ##
15 | apt-get update
16 | apt-get dist-upgrade --no-install-recommends -y
17 | 
18 | 


--------------------------------------------------------------------------------
/tdiary/build/scripts/01-setup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## install ruby (see https://github.com/minimum2scp/ruby-binary)
 9 | ##
10 | curl -L --create-dirs -o /tmp/build/tdiary/tmp/ruby-binary/install.sh https://raw.githubusercontent.com/minimum2scp/ruby-binary/master/install.sh
11 | sh /tmp/build/tdiary/tmp/ruby-binary/install.sh -t v0.1.231 -v 3.2.5
12 | bash -lc "rbenv global 3.2.5"
13 | 
14 | ##
15 | ## tdiary dependencies
16 | ##   * libsqlite3-dev: tdiary-core/Gemfile -> sqlite3
17 | ##   * libidn11-dev: tdiary-style-gfm -> twitter-text -> idn-ruby
18 | apt-get install -y --no-install-recommends libsqlite3-dev libidn11-dev
19 | 
20 | ##
21 | ## setup tdiary
22 | ##
23 | sudo -H -u debian /tmp/build/tdiary/user-scripts/setup-tdiary.sh
24 | 
25 | ##
26 | ## install supervisor
27 | ## (see baseimage/build/opt/custom-installers)
28 | ##
29 | /opt/custom-installers/supervisor/install.sh
30 | 
31 | ##
32 | ## add tdiary to supervisor
33 | ##
34 | install -m 644 -o root -g root -p /tmp/build/tdiary/etc/supervisor/conf.d/tdiary.conf /etc/supervisor/conf.d/tdiary.conf
35 | etckeeper commit "supervisor: add tdiary"
36 | 
37 | ##
38 | ## install nginx
39 | ## (see baseimage/build/opt/custom-installers)
40 | ##
41 | /opt/custom-installers/nginx/install.sh
42 | 
43 | ##
44 | ## configure nginx
45 | ##
46 | install -m 644 -o root -g root -p /tmp/build/tdiary/etc/nginx/conf.d/tdiary.conf /etc/nginx/conf.d/tdiary.conf
47 | #rm /etc/nginx/conf.d/default.conf
48 | rm /etc/nginx/sites-enabled/default
49 | etckeeper commit "nginx: configured for tdiary"
50 | 
51 | 


--------------------------------------------------------------------------------
/tdiary/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------
/tdiary/build/user-scripts/setup-tdiary.sh:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | GHQ_ROOT=$HOME/go/src
 8 | DATA_ROOT=$HOME/tdiary
 9 | 
10 | ##
11 | ## git clone tdiary-xxx
12 | ##
13 | mkdir -p $GHQ_ROOT/github.com/tdiary/
14 | for repo in tdiary-core \
15 |             tdiary-contrib \
16 |             tdiary-blogkit \
17 |             tdiary-cache-redis \
18 |             tdiary-cache-memcached \
19 |             tdiary-cache-null \
20 |             tdiary-io-mongodb \
21 |             tdiary-io-rdb \
22 |             tdiary-theme \
23 |             tdiary-theme-nonfree \
24 |             tdiary-style-emptdiary \
25 |             tdiary-style-etdiary \
26 |             tdiary-style-gfm \
27 |             tdiary-style-rd \
28 | ; do
29 |   git clone https://github.com/tdiary/${repo}.git $GHQ_ROOT/github.com/tdiary/${repo}
30 | done
31 | 
32 | ## run bundle install
33 | cd $GHQ_ROOT/github.com/tdiary/tdiary-core
34 | mkdir -p vendor/bundle
35 | bash -l -c "bundle config set --local path vendor/bundle"
36 | bash -l -c "bundle install --jobs=4"
37 | 
38 | ## add Gemfile.local
39 | install -m 644 -p /tmp/build/tdiary/$GHQ_ROOT/github.com/tdiary/tdiary-core/Gemfile.local $GHQ_ROOT/github.com/tdiary/tdiary-core/Gemfile.local
40 | 
41 | ## run bundle install again
42 | bash -l -c "bundle lock --update faraday octokit"
43 | bash -l -c "bundle install"
44 | bash -l -c "bundle clean"
45 | 
46 | ## show diff
47 | GIT_PAGER= git diff Gemfile.lock
48 | 
49 | ##
50 | ## tdiary data
51 | ##
52 | mkdir -p $DATA_ROOT/data
53 | 
54 | ## add .htpasswd (user=debian, password=debian)
55 | install -m 600 -p /tmp/build/tdiary/$DATA_ROOT/.htpasswd    $DATA_ROOT/.htpasswd
56 | 
57 | ## add tdiary.conf, start.sh
58 | install -m 644 -p /tmp/build/tdiary/$DATA_ROOT/tdiary.conf  $DATA_ROOT/tdiary.conf
59 | install -m 755 -p /tmp/build/tdiary/$DATA_ROOT/start.sh     $DATA_ROOT/start.sh
60 | 
61 | ## symlink .htpasswd, tdiary.conf into tdiary-core
62 | cd $GHQ_ROOT/github.com/tdiary/tdiary-core
63 | ln -s $DATA_ROOT/.htpasswd $DATA_ROOT/tdiary.conf .
64 | 
65 | 


--------------------------------------------------------------------------------
/template/Dockerfile:
--------------------------------------------------------------------------------
 1 | FROM minimum2scp/baseimage:latest
 2 | LABEL maintainer="YAMADA Tsuyoshi <tyamada@minimum2scp.org>"
 3 | 
 4 | COPY build /tmp/build/template
 5 | RUN run-parts --report --exit-on-error /tmp/build/template/scripts && rm -rfv /tmp/build
 6 | EXPOSE 22
 7 | 
 8 | ENTRYPOINT ["/opt/init-wrapper/sbin/entrypoint.sh"]
 9 | CMD ["/sbin/init"]
10 | 
11 | 


--------------------------------------------------------------------------------
/template/README.md:
--------------------------------------------------------------------------------
 1 | # about minimum2scp/template image
 2 | 
 3 |  * based on minimum2scp/baseimage (see https://github.com/minimum2scp/dockerfiles/tree/master/baseimage)
 4 |  * xxx is installed
 5 | 
 6 | ## start container
 7 | 
 8 | ```
 9 | docker run -d  minimum2scp/template
10 | ```
11 | 
12 | ## ssh login to container
13 | 
14 | ssh login to container:
15 | 
16 | ```
17 | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no debian@<container IP address>
18 | ```
19 | 
20 | or use published port:
21 | 
22 | ```
23 | ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p <published ssh port> debian@localhost
24 | ```
25 | 
26 |  * user "debian" is available
27 |  * password is "debian"
28 |  * user "debian" can use sudo command without password
29 |  * `id debian`: `uid=2000(debian) gid=2000(debian) groups=2000(debian),4(adm),27(sudo)`
30 | 
31 | ## processes
32 | 
33 | ```
34 | UID        PID  PPID  C STIME TTY      STAT   TIME CMD
35 | root         1     0  0 03:42 ?        Ss     0:00 init [2]
36 | root        37     1  0 03:42 ?        Ssl    0:00 /usr/sbin/rsyslogd
37 | root        62     1  0 03:42 ?        Ss     0:00 /usr/sbin/cron
38 | root        88     1  0 03:42 ?        Ss     0:00 /usr/sbin/sshd
39 | root       124    88  0 03:42 ?        Ss     0:00  \_ sshd: debian [priv]
40 | debian     126   124  0 03:42 ?        S      0:00      \_ sshd: debian@pts/0
41 | debian     127   126  0 03:42 pts/0    Ss     0:00          \_ -bash
42 | debian     178   127  0 03:42 pts/0    R+     0:00              \_ ps -ef fww
43 | ```
44 | 
45 | ## ports
46 | 
47 |  * TCP/22: sshd
48 | 
49 | 


--------------------------------------------------------------------------------
/template/build/scripts/00-update:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## reset user.email for etckeeper
 9 | ##
10 | git config --global user.email "root@`hostname`"
11 | 
12 | ##
13 | ## upgrade installed packages
14 | ##
15 | apt-get update
16 | apt-get dist-upgrade --no-install-recommends -y
17 | 
18 | 


--------------------------------------------------------------------------------
/template/build/scripts/01-setup:
--------------------------------------------------------------------------------
1 | #! /bin/sh
2 | 
3 | set -e
4 | set -x
5 | export DEBIAN_FRONTEND=noninteractive
6 | 
7 | 
8 | 


--------------------------------------------------------------------------------
/template/build/scripts/99-cleanup:
--------------------------------------------------------------------------------
 1 | #! /bin/sh
 2 | 
 3 | set -e
 4 | set -x
 5 | export DEBIAN_FRONTEND=noninteractive
 6 | 
 7 | ##
 8 | ## unset user.email (etckeeper)
 9 | ##
10 | git config --global --unset user.email
11 | 
12 | ##
13 | ## etckeeper
14 | ##
15 | etckeeper vcs gc
16 | 
17 | ##
18 | ## apt
19 | ##
20 | apt-get autoremove --purge -y
21 | apt-get clean
22 | 
23 | 


--------------------------------------------------------------------------------