-
Notifications
You must be signed in to change notification settings - Fork 2
/
Dockerfile
131 lines (126 loc) · 3.56 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
# gokaygurcan/dockerfile-ubuntu
FROM ubuntu:noble
LABEL maintainer "Gökay Gürcan <docker@gokaygurcan.com>"
# set up environment variables
ENV DEBIAN_FRONTEND="noninteractive" \
LANGUAGE="en_US.UTF-8" \
LANG="en_US.UTF-8" \
LC_ALL="en_US.UTF-8" \
TZ="Europe/Amsterdam" \
USER="ubuntu"
# install packages
RUN set -ex && \
# enable retry logic for apt up to 5 times
echo "APT::Acquire::Retries \"5\";" > /etc/apt/apt.conf.d/80-retries && \
# configure apt to always assume Y
echo "APT::Get::Assume-Yes \"true\";" > /etc/apt/apt.conf.d/90assumeyes && \
# update timezone
ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \
echo $TZ > /etc/timezone && \
# update package sources
apt-get update -qq && \
# upgrade packages
apt-get upgrade -yqq && \
apt-get dist-upgrade -yqq && \
# install packages
apt-get install -yqq --no-install-recommends --no-install-suggests \
adduser \
apt \
apt-utils \
apt-transport-https \
aptitude \
atop \
aria2 \
autoconf \
autotools-dev \
bash-completion \
bash \
binutils \
bison \
brotli \
build-essential \
bzip2 \
coreutils \
ca-certificates \
curl \
dbus \
dialog \
dnsutils \
dpkg \
dpkg-dev \
fdisk \
file \
findutils \
gcc \
git \
git-extras \
gnupg \
gnupg2 \
grep \
gzip \
hostname \
htop \
iproute2 \
iptables \
iputils-ping \
jq \
language-pack-en \
libc++abi-dev libc++-dev libcurl4 \
locales \
make \
nano \
nmap \
net-tools \
openssh-client \
openssh-server \
passwd \
p7zip-rar \
pkg-config \
python3 \
python3-dev \
python3-pip \
python3-venv \
rsync \
software-properties-common \
sqlite3 \
sudo \
tar \
tcpdump \
telnet \
time \
tree \
tzdata \
unzip zip \
vim \
wget \
whois \
zip && \
# install GitHub CLI
curl -fsSL https://cli.github.com/packages/githubcli-archive-keyring.gpg | sudo dd of=/usr/share/keyrings/githubcli-archive-keyring.gpg && \
sudo chmod go+r /usr/share/keyrings/githubcli-archive-keyring.gpg && \
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/githubcli-archive-keyring.gpg] https://cli.github.com/packages stable main" | sudo tee /etc/apt/sources.list.d/github-cli.list > /dev/null && \
apt-get update -qq && \
apt-get install -yqq --no-install-recommends --no-install-suggests gh && \
# setup locale
locale-gen en_US.UTF-8 && \
# create new user, if doesn't exist
id -u ubuntu >/dev/null 2>&1 || useradd --create-home --shell /bin/bash $USER && \
# grant root privileges
echo "$USER ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/$USER && \
# clean up
apt-get autoclean -yqq && \
apt-get autoremove -yqq && \
rm -rf /var/lib/{apt,dpkg,cache,log}/ && \
rm -rf /tmp/* && \
rm -rf /var/tmp/* && \
# limits
echo '* soft nofile 65536' >> /etc/security/limits.conf && \
echo 'root soft nofile 65536' >> /etc/security/limits.conf && \
echo '* hard nofile 65536' >> /etc/security/limits.conf && \
echo 'root hard nofile 65536' >> /etc/security/limits.conf && \
echo 'session required pam_limits.so' >> /etc/pam.d/common-session && \
echo 'session required pam_limits.so' >> /etc/pam.d/common-session-noninteractive && \
echo 'DefaultLimitNOFILE=65536' >> /etc/systemd/system.conf && \
echo 'DefaultLimitSTACK=16M:infinity' >> /etc/systemd/system.conf
USER $USER
WORKDIR /home/$USER