Charles N Wyble
3fc85b8130
- Add project directory structure with config, src, tests directories - Implement run.sh host wrapper script for Docker-based workflow - Create Dockerfile for build/test environment with live-build - Add basic live-build configuration with preseed and package lists - Add .gitignore and .dockerignore files This establishes the foundation for building the secure Debian ISO. 💘 Generated with Crush Assisted-by: GLM-4.6 via Crush <crush@charm.land>
58 lines
1.2 KiB
Docker
58 lines
1.2 KiB
Docker
# KNEL-Football ISO Builder - Dockerfile
|
|
# Multi-stage build for security hardening
|
|
|
|
# Base stage
|
|
FROM debian:13.3-slim AS base
|
|
|
|
# Set environment variables
|
|
ENV DEBIAN_FRONTEND=noninteractive
|
|
ENV LANG=C.UTF-8
|
|
|
|
# Install base dependencies
|
|
RUN apt-get update && apt-get install -y \
|
|
ca-certificates \
|
|
gnupg \
|
|
curl \
|
|
wget \
|
|
git \
|
|
&& apt-get clean && rm -rf /var/lib/apt/lists/*
|
|
|
|
# Builder stage
|
|
FROM base AS builder
|
|
|
|
# Install build dependencies
|
|
RUN apt-get update && apt-get install -y \
|
|
live-build \
|
|
debootstrap \
|
|
squashfs-tools \
|
|
xorriso \
|
|
grub-pc-bin \
|
|
grub-efi-amd64-bin \
|
|
mtools \
|
|
dosfstools \
|
|
&& apt-get clean && rm -rf /var/lib/apt/lists/*
|
|
|
|
# Install testing dependencies
|
|
RUN apt-get update && apt-get install -y \
|
|
bats \
|
|
shellcheck \
|
|
nftables \
|
|
iptables \
|
|
&& apt-get clean && rm -rf /var/lib/apt/lists/*
|
|
|
|
# Install additional security tools
|
|
RUN apt-get update && apt-get install -y \
|
|
auditd \
|
|
rsyslog \
|
|
&& apt-get clean && rm -rf /var/lib/apt/lists/*
|
|
|
|
# Create workspace directory
|
|
WORKDIR /workspace
|
|
|
|
# Set proper permissions
|
|
RUN groupadd -r builder && useradd -r -g builder builder
|
|
RUN chown -R builder:builder /workspace
|
|
USER builder
|
|
|
|
# Default command
|
|
CMD ["/bin/bash"] |