build: add webssh container

NethServer · Mar 7, 2024 · aa2bd6f · aa2bd6f
1 parent f0967ca
commit aa2bd6f
Show file tree

Hide file tree

Showing 3 changed files with 64 additions and 2 deletions.
diff --git a/build-images.sh b/build-images.sh
@@ -14,6 +14,12 @@ promtail_version=2.7.1
 loki_version=2.9.4
 prometheus_version=2.50.1
 grafana_version=10.3.3
+webssh_version=1.6.2
+
+echo "Build webssh container" # from https://github.com/huashengdun/webssh
+pushd webssh
+./build-images.sh "${webssh_version}"
+popd
 
 # Create a new empty container image
 container=$(buildah from scratch)
@@ -37,8 +43,8 @@ buildah add "${container}" ui/dist /ui
 # Setup the entrypoint, ask to reserve one TCP port with the label and set a rootless container
 buildah config --entrypoint=/ \
     --label="org.nethserver.authorizations=traefik@any:routeadm node:tunadm" \
-    --label="org.nethserver.tcp-ports-demand=9" \
-    --label="org.nethserver.images=ghcr.io/nethserver/nethsecurity-vpn:$tag ghcr.io/nethserver/nethsecurity-api:$tag ghcr.io/nethserver/nethsecurity-ui:$tag ghcr.io/nethserver/nethsecurity-proxy:$tag docker.io/grafana/promtail:$promtail_version docker.io/grafana/loki:$loki_version docker.io/prom/prometheus:v$prometheus_version docker.io/grafana/grafana:$grafana_version" \
+    --label="org.nethserver.tcp-ports-demand=10" \
+    --label="org.nethserver.images=ghcr.io/nethserver/nethsecurity-vpn:$tag ghcr.io/nethserver/nethsecurity-api:$tag ghcr.io/nethserver/nethsecurity-ui:$tag ghcr.io/nethserver/nethsecurity-proxy:$tag docker.io/grafana/promtail:$promtail_version docker.io/grafana/loki:$loki_version docker.io/prom/prometheus:v$prometheus_version docker.io/grafana/grafana:$grafana_version ghcr.io/nethserver/webssh:$webssh_version" \
     "${container}"
 # Commit the image
 buildah commit "${container}" "${repobase}/${reponame}"

diff --git a/webssh/build-images.sh b/webssh/build-images.sh
@@ -0,0 +1,53 @@
+#!/bin/bash
+
+# Terminate on error
+set -e
+
+# Prepare variables for later use
+images=()
+# The image will be pushed to GitHub container registry
+repobase="${REPOBASE:-ghcr.io/nethserver}"
+webssh_version=$1
+
+# Create a new empty container for webssh
+echo "Build webssh container" # from https://github.com/huashengdun/webssh
+mkdir -p webssh_tmp/build
+pushd webssh_tmp
+wget https://github.com/huashengdun/webssh/archive/refs/tags/v${webssh_version}.tar.gz -O webssh.tar.gz
+tar xvzf webssh.tar.gz -C build --strip-components=1
+pushd build
+webssh=$(buildah from docker.io/python:3-alpine)
+buildah add "${webssh}" . /code
+buildah run \
+    --workingdir '/code' \
+    ${webssh} \
+    sh -c "apk add --no-cache libc-dev libffi-dev gcc && \
+    pip install -r requirements.txt --no-cache-dir && \
+    apk del gcc libc-dev libffi-dev && \
+    addgroup webssh && \
+    adduser -Ss /bin/false -g webssh webssh && \
+    chown -R webssh:webssh /code
+    "
+popd
+popd
+rm -rf webssh_tmp
+# Commit the image
+buildah add "${webssh}" entrypoint.sh /entrypoint.sh
+buildah config --workingdir '/code' --entrypoint='["/entrypoint.sh"]' --cmd='["python", "run.py"]' "${webssh}"
+buildah commit "${webssh}" "${repobase}/webssh"
+
+# Append the image URL to the images array
+images+=("${repobase}/webssh")
+
+#
+# Setup CI when pushing to Github.
+# Warning! docker::// protocol expects lowercase letters (,,)
+if [[ -n "${CI}" ]]; then
+    # Set output value for Github Actions
+    printf "::set-output name=images::%s\n" "${images[*],,}"
+else
+    # Just print info for manual push
+    printf "Publish the images with:\n\n"
+    for image in "${images[@],,}"; do printf "  buildah push %s docker://%s:%s\n" "${image}" "${image}" "${IMAGETAG:-latest}" ; done
+    printf "\n"
+fi
diff --git a/webssh/entrypoint.sh b/webssh/entrypoint.sh
@@ -0,0 +1,3 @@
+#!/bin/sh
+
+exec "$@"