Last active
July 20, 2023 16:44
-
-
Save qrkourier/05857ceff398345b93b2a9d1c333deb8 to your computer and use it in GitHub Desktop.
ziti-edge-tunnel Dockerfile for Debian
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# this was the main Dockerfile before we adopted the RH UBI source image. This may still be useful for building arm 32bit images. | |
FROM debian:buster-slim as fetch-ziti-artifacts | |
# This build stage grabs artifacts that are copied into the final image. | |
# It uses the same base as the final image to maximize docker cache hits. | |
ARG ZITI_VERSION | |
ARG GITHUB_BASE_URL | |
ARG GITHUB_REPO | |
WORKDIR /tmp | |
RUN apt-get -q update && apt-get -q install -y --no-install-recommends curl ca-certificates unzip | |
# workaround for `openssl rehash` not working on arm. | |
RUN /bin/bash -c "if ! compgen -G '/etc/ssl/certs/*.[0-9]' > /dev/null; then c_rehash /etc/ssl/certs; fi" | |
COPY fetch-github-releases.sh . | |
RUN bash -x ./fetch-github-releases.sh ziti-edge-tunnel | |
################ | |
# | |
# Main Image | |
# | |
################ | |
FROM debian:buster-slim | |
RUN mkdir -p /usr/local/bin /etc/ssl/certs | |
# libsystemd: install the shared object, necessary in conjunction with --volume "/var/run/dbus/system_bus_socket:/var/run/dbus/system_bus_socket" to communicate with the host's dbus socket to configure systemd-resolved | |
# iproute2: install /sbin/ip, necessary in conjunction with --device="/dev/net/tun:/dev/net/tun" to up the tun device, assign routes, and assign source IP | |
RUN apt-get -q update && apt-get -q install -y --no-install-recommends iproute2 libsystemd0 | |
COPY --from=fetch-ziti-artifacts /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs | |
COPY --from=fetch-ziti-artifacts /tmp/ziti-edge-tunnel /usr/local/bin | |
COPY ./docker-entrypoint.sh / | |
RUN chmod +x /docker-entrypoint.sh | |
RUN mkdir -p /ziti-edge-tunnel | |
ENTRYPOINT [ "/docker-entrypoint.sh" ] | |
CMD [ "run" ] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment