mirror of
https://github.com/balena-os/balena-supervisor.git
synced 2025-01-18 10:46:22 +00:00
392d963348
We change the Makefile and dinctl so that instead of having to deploy and then pull a supervisor image, we save it from the local docker images and load it inside the dind container. We also fix dind so that it uses the dind hack script from the docker repo as official dind images do (this avoids breaking the permissions of /dev/pts/ptmx in the host as in https://github.com/kubernetes/kubernetes/issues/18230). Change-Type: patch Signed-off-by: Pablo Carranza Velez <pablo@resin.io>
49 lines
1.6 KiB
Docker
49 lines
1.6 KiB
Docker
FROM resin/resin-base:2
|
|
|
|
VOLUME /var/lib/docker
|
|
VOLUME /resin-data
|
|
|
|
RUN apt-get update \
|
|
&& apt-get install -y \
|
|
ifupdown \
|
|
rsync \
|
|
dropbear \
|
|
aufs-tools \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
ENV DOCKER_VERSION 1.10.3
|
|
ENV RELEASE_NAME jessie
|
|
|
|
# Change to 'true' to allow blank password dropbear logins on dind HostOS
|
|
ARG PASSWORDLESS_DROPBEAR=false
|
|
|
|
COPY config/certs/ /usr/local/share/ca-certificates/
|
|
RUN rm -f /usr/local/share/ca-certificates/.keepme ; update-ca-certificates
|
|
|
|
RUN apt-key adv --keyserver hkp://pgp.mit.edu:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D \
|
|
&& echo deb https://apt.dockerproject.org/repo debian-${RELEASE_NAME} main > /etc/apt/sources.list.d/docker.list \
|
|
&& apt-get update || true \
|
|
&& apt-get --force-yes install docker-engine=${DOCKER_VERSION}-0~${RELEASE_NAME} \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
ENV DIND_COMMIT 3b5fac462d21ca164b3778647420016315289034
|
|
RUN curl -sL https://raw.githubusercontent.com/docker/docker/${DIND_COMMIT}/hack/dind > /usr/bin/dind \
|
|
&& chmod +x /usr/bin/dind
|
|
|
|
RUN passwd -d root
|
|
|
|
# Change os release to a resin-sync compatible one
|
|
RUN sed -i 's/\(PRETTY_NAME=\).*/\1"ResinOS 1.2.1+dind"/' /etc/os-release
|
|
RUN echo 'VARIANT_ID="dev"' >> /etc/os-release
|
|
|
|
COPY config/openvpn/ /etc/openvpn/
|
|
COPY config/dropbear/config /etc/default/dropbear
|
|
COPY config/services/ /etc/systemd/system/
|
|
COPY resin-vars vpn-init /usr/src/app/
|
|
|
|
RUN if [ "$PASSWORDLESS_DROPBEAR" = "true" ]; then sed -i 's/\(DROPBEAR_EXTRA_ARGS=\).*/\1"-B"/' /etc/default/dropbear; fi
|
|
|
|
RUN systemctl enable resin-supervisor-dind
|
|
|
|
COPY supervisor-image.tar /usr/src/
|