From aa2bd6f274bad5daf85cd61592d9a8c5fa717c94 Mon Sep 17 00:00:00 2001 From: Giacomo Sanchietti Date: Thu, 7 Mar 2024 14:40:22 +0100 Subject: [PATCH] build: add webssh container --- build-images.sh | 10 ++++++-- webssh/build-images.sh | 53 ++++++++++++++++++++++++++++++++++++++++++ webssh/entrypoint.sh | 3 +++ 3 files changed, 64 insertions(+), 2 deletions(-) create mode 100755 webssh/build-images.sh create mode 100755 webssh/entrypoint.sh diff --git a/build-images.sh b/build-images.sh index 6b614e7..a221e00 100755 --- a/build-images.sh +++ b/build-images.sh @@ -14,6 +14,12 @@ promtail_version=2.7.1 loki_version=2.9.4 prometheus_version=2.50.1 grafana_version=10.3.3 +webssh_version=1.6.2 + +echo "Build webssh container" # from https://github.com/huashengdun/webssh +pushd webssh +./build-images.sh "${webssh_version}" +popd # Create a new empty container image container=$(buildah from scratch) @@ -37,8 +43,8 @@ buildah add "${container}" ui/dist /ui # Setup the entrypoint, ask to reserve one TCP port with the label and set a rootless container buildah config --entrypoint=/ \ --label="org.nethserver.authorizations=traefik@any:routeadm node:tunadm" \ - --label="org.nethserver.tcp-ports-demand=9" \ - --label="org.nethserver.images=ghcr.io/nethserver/nethsecurity-vpn:$tag ghcr.io/nethserver/nethsecurity-api:$tag ghcr.io/nethserver/nethsecurity-ui:$tag ghcr.io/nethserver/nethsecurity-proxy:$tag docker.io/grafana/promtail:$promtail_version docker.io/grafana/loki:$loki_version docker.io/prom/prometheus:v$prometheus_version docker.io/grafana/grafana:$grafana_version" \ + --label="org.nethserver.tcp-ports-demand=10" \ + --label="org.nethserver.images=ghcr.io/nethserver/nethsecurity-vpn:$tag ghcr.io/nethserver/nethsecurity-api:$tag ghcr.io/nethserver/nethsecurity-ui:$tag ghcr.io/nethserver/nethsecurity-proxy:$tag docker.io/grafana/promtail:$promtail_version docker.io/grafana/loki:$loki_version docker.io/prom/prometheus:v$prometheus_version docker.io/grafana/grafana:$grafana_version ghcr.io/nethserver/webssh:$webssh_version" \ "${container}" # Commit the image buildah commit "${container}" "${repobase}/${reponame}" diff --git a/webssh/build-images.sh b/webssh/build-images.sh new file mode 100755 index 0000000..98d389c --- /dev/null +++ b/webssh/build-images.sh @@ -0,0 +1,53 @@ +#!/bin/bash + +# Terminate on error +set -e + +# Prepare variables for later use +images=() +# The image will be pushed to GitHub container registry +repobase="${REPOBASE:-ghcr.io/nethserver}" +webssh_version=$1 + +# Create a new empty container for webssh +echo "Build webssh container" # from https://github.com/huashengdun/webssh +mkdir -p webssh_tmp/build +pushd webssh_tmp +wget https://github.com/huashengdun/webssh/archive/refs/tags/v${webssh_version}.tar.gz -O webssh.tar.gz +tar xvzf webssh.tar.gz -C build --strip-components=1 +pushd build +webssh=$(buildah from docker.io/python:3-alpine) +buildah add "${webssh}" . /code +buildah run \ + --workingdir '/code' \ + ${webssh} \ + sh -c "apk add --no-cache libc-dev libffi-dev gcc && \ + pip install -r requirements.txt --no-cache-dir && \ + apk del gcc libc-dev libffi-dev && \ + addgroup webssh && \ + adduser -Ss /bin/false -g webssh webssh && \ + chown -R webssh:webssh /code + " +popd +popd +rm -rf webssh_tmp +# Commit the image +buildah add "${webssh}" entrypoint.sh /entrypoint.sh +buildah config --workingdir '/code' --entrypoint='["/entrypoint.sh"]' --cmd='["python", "run.py"]' "${webssh}" +buildah commit "${webssh}" "${repobase}/webssh" + +# Append the image URL to the images array +images+=("${repobase}/webssh") + +# +# Setup CI when pushing to Github. +# Warning! docker::// protocol expects lowercase letters (,,) +if [[ -n "${CI}" ]]; then + # Set output value for Github Actions + printf "::set-output name=images::%s\n" "${images[*],,}" +else + # Just print info for manual push + printf "Publish the images with:\n\n" + for image in "${images[@],,}"; do printf " buildah push %s docker://%s:%s\n" "${image}" "${image}" "${IMAGETAG:-latest}" ; done + printf "\n" +fi diff --git a/webssh/entrypoint.sh b/webssh/entrypoint.sh new file mode 100755 index 0000000..214eb4c --- /dev/null +++ b/webssh/entrypoint.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +exec "$@"