diff --git a/containers/dohd/Dockerfile b/containers/dohd/Dockerfile new file mode 100644 index 0000000..bce1092 --- /dev/null +++ b/containers/dohd/Dockerfile @@ -0,0 +1,32 @@ +# docker build . -t dyne/dohd +# docker run -p 8053:8053 -it dyne/dohd +# --build-arg WOLFSSL_VER=5.7.0 +FROM wolfssl/wolfssl:alpine-lib as builder +ARG WOLFSSL_VER=5.7.0 + +RUN apk add --no-cache gcc musl-dev linux-headers make unzip wget ca-certificates \ + git autoconf automake libtool util-linux +# build wolfssl +RUN wget -q https://github.com/wolfSSL/wolfssl/archive/refs/tags/v$WOLFSSL_VER-stable.tar.gz \ + && tar xf v$WOLFSSL_VER-stable.tar.gz && rm -f v$WOLFSSL_VER-stable.tar.gz \ + && cd wolfssl-$WOLFSSL_VER-stable && autoreconf -i \ + && ./configure --enable-all && make && make install +# build dohd +RUN apk add --no-cache nghttp2-dev nghttp2-libs +RUN git clone https://github.com/dyne/dohd && make -C dohd/src \ + && cp dohd/src/dohd /usr/bin +# make snakeoil cert +RUN apk update && apk add openssl \ + && openssl req -nodes -newkey rsa:4096 -keyout /etc/test.key -out /etc/test.csr \ + -subj "/C=IT/ST=Rome/L=Rome/O=Local Host/OU=Testing Department/CN=example.com" \ + && openssl x509 -req -sha256 -days 365 \ + -in /etc/test.csr -signkey /etc/test.key -out /etc/test.crt +# make the final image +FROM wolfssl/wolfssl:alpine-lib +COPY --from=builder /usr/bin/dohd /usr/bin/dohd +COPY --from=builder /usr/local/lib/libwolfssl.so* /usr/lib/ +COPY --from=builder /usr/lib/libnghttp2.so* /usr/lib +COPY --from=builder /etc/test.* /etc/ +RUN adduser -D -H -s /bin/false dohd +RUN chown dohd:dohd /etc/test.* +CMD dohd -c /etc/test.crt -k /etc/test.key -p 8053 -u dohd -F diff --git a/containers/dohd/Makefile b/containers/dohd/Makefile new file mode 100644 index 0000000..a35a672 --- /dev/null +++ b/containers/dohd/Makefile @@ -0,0 +1,2 @@ +build: + docker build --build-arg WOLFSSL_VER=5.7.0 -t 'dyne/dowse:dohd' .