Ubuntu-22.04-firecracker

# syntax=docker/dockerfile:1
FROM ubuntu:22.04

ENV DEBIAN_FRONTEND=noninteractive
ENV TZ=UTC

RUN <<EOF
set -eu

apt-get update
apt-get upgrade -y

apt-get install -y \
  bash-completion \
  ca-certificates \
  curl \
  dbus \
  git \
  gnupg \
  htop \
  iproute2 \
  iptables \
  iputils-ping \
  jq \
  kmod \
  lsb-release \
  make \
  net-tools \
  ripgrep \
  sudo \
  systemd \
  udev \
  vim \
  wget

update-alternatives --set iptables /usr/sbin/iptables-legacy
update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy

# Doesn't seem to be needed and produces extra noise in journald.
systemctl mask networkd-dispatcher.service

rm -rf /etc/update-motd.d/*

yes | unminimize
EOF

RUN <<EOF
set -eu

apt-get install -y haveged

sed -i -e 's/^ConditionVirtualization=!container$/#ConditionVirtualization=!container/' /lib/systemd/system/haveged.service

systemctl enable haveged
systemctl mask systemd-random-seed.service
EOF

RUN <<EOF
set -eu

apt-get install -y openssh-server

ssh-keygen -A
chmod 600 /etc/ssh/ssh_host_*

echo "HostKey /etc/ssh/ssh_host_ed25519_key" >> /etc/ssh/sshd_config
echo "AuthenticationMethods publickey" >> /etc/ssh/sshd_config
echo "PrintLastLog no" >> /etc/ssh/sshd_config
echo "AddressFamily inet" >> /etc/ssh/sshd_config
echo "UseDNS no" >> /etc/ssh/sshd_config

systemctl mask sshd-keygen@.service
systemctl mask sshd-keygen.target
EOF

RUN echo "" > /etc/machine-id && echo "" > /var/lib/dbus/machine-id

RUN echo "root:root" | chpasswd