-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathDockerfile-debian
90 lines (87 loc) · 3.62 KB
/
Dockerfile-debian
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
################################################################### #### # ##
# >> DOCKERFILE-GLFTPD-WEBUI :: WEBUI (debian)
################################################################### #### # ##
# debian (systemd, dbus broker)
# user: www-data uid=33 gid=33 home=/var/www
# install nginx, php and gl webui app
ARG WEBUI_PORT
ARG WEBUI_CERT
FROM debian:bookworm-slim
HEALTHCHECK CMD busybox wget -qO /dev/null http://127.0.0.1/health
ARG DEBIAN_FRONTEND=noninteractive
ARG DEBCONF_NOWARNINGS="yes"
LABEL org.opencontainers.image.source=https://github.com/silv3rr/glftpd-webui
LABEL org.opencontainers.image.description="Web-gui to manage glftpd"
EXPOSE ${WEBUI_PORT:-443}
WORKDIR /app
COPY --chown=0:0 bin/entrypoint.sh /
COPY --chown=0:0 bin/auth.sh /
COPY --chown=0:0 etc/sudoers.d/glftpd-web /etc/sudoers.d/
COPY --chown=0:0 etc/nginx /etc/nginx
COPY --chown=0:0 etc/nginx/http.d/webui.conf.template /etc/nginx/http.d/webui.conf
COPY --chown=0:0 etc/nginx/http.d/auth-server.conf.template /etc/nginx/http.d/auth-server.conf
COPY --chown=0:0 etc/nginx/auth.d/auth_off.conf.template /etc/nginx/auth.d/auth_off.conf
COPY --chown=0:0 etc/nginx/auth.d/auth_basic.conf.template /etc/nginx/auth.d/auth_basic.conf
COPY --chown=0:0 bin/gltool.sh bin/gotty bin/debian/passchk bin/debian/pywho bin/debian/spy etc/pywho.conf etc/spy.conf /usr/local/bin/
COPY --chown=0:0 etc/dot_gotty /var/www/.gotty
#COPY --chown=0:0 etc/webspy/ /usr/local/bin/webspy/
COPY --chown=33:33 assets/ /app/assets/
COPY --chown=33:33 lib/ /app/lib/
COPY --chown=33:33 src/ui /app/
COPY --chown=33:33 src/config.php.dist /app/config.php
COPY --chown=33:33 templates/ /app/templates/
COPY --chown=33:33 src/auth /auth/
COPY --chown=33:33 README.md docs /app/templates/
SHELL ["/bin/bash", "-eo", "pipefail", "-c"]
# hadolint ignore=SC2016,SC2086,DL3018,DL3008
RUN test -n "$http_proxy" && \
echo "Acquire::http::Proxy \"$http_proxy\";" | tee /etc/apt/apt.conf.d/01proxy; \
apt-get update && \
apt-get upgrade -y && \
apt-get -yq install --no-install-recommends \
xinetd \
nginx \
php \
php-fpm \
#php-session \
php-ftp \
php-curl \
php-json \
php-ctype \
apache2-utils \
openssl \
bash \
grep \
sed \
gawk \
busybox \
sudo \
inetutils-ping \
bind9-dnsutils && \
rm -rf /tmp/* /var/tmp/*; \
#install -d -m 0755 -o www-data -g www-data /run/nginx && \
#install -d -m 0755 -o www-data -g www-data /run/php && \
rm -f /etc/nginx/sites-enabled/default && \
ln -sf /etc/nginx/http.d/webui.conf /etc/nginx/sites-enabled/webui && \
ln -sf /etc/nginx/http.d/auth-server.conf /etc/nginx/sites-enabled/auth-server && \
ln -sf /etc/nginx/http.d/health.conf /etc/nginx/sites-enabled/health && \
ln -sf /dev/stdout /var/log/nginx/access.log && \
ln -sf /dev/stderr /var/log/nginx/error.log && \
#sed -i 's|listen = 127.0.0.1:9000|listen = /run/php/php-fpm.sock|' /etc/php*/php-fpm.d/www.conf && \
#sed -i 's/;listen.\(owner\|group\) = nobody/listen.\1 = nginx/' /etc/php*/php-fpm.d/www.conf && \
# generate self-signed cert
if [ "${WEBUI_CERT:-1}" -eq 1 ]; then \
if [ ! -e /etc/nginx/webui.crt ] && [ ! -e /etc/nginx/webui.key ]; then \
openssl req -x509 -nodes -newkey rsa:2048 -days 3650 \
-config /etc/nginx/webui.cnf \
-keyout /etc/nginx/webui.key \
-out /etc/nginx/webui.crt && \
chmod 600 /etc/nginx/webui.key; \
fi; \
fi && \
chown 0:0 /auth && \
echo 'shit:$apr1$8kedvKJ7$PuY2hy.QQh6iLP3Ckwm740' > /etc/nginx/.htpasswd && \
chown www-data:root /etc/nginx/.htpasswd && \
#addgroup nobody ping && \
rm -rf /tmp/* /var/tmp/*
ENTRYPOINT [ "/entrypoint.sh" ]