diff options
author | Maxim Kuvyrkov <maxim.kuvyrkov@r1-a7.aus-colo> | 2017-02-10 02:26:24 -0600 |
---|---|---|
committer | Maxim Kuvyrkov <maxim.kuvyrkov@r1-a7.aus-colo> | 2017-02-10 02:26:24 -0600 |
commit | 41db5a54c04457e27789853dceccf94ef57a6ede (patch) | |
tree | 5e4d2f2c936a0a179489d72a4f54e8298c963c45 | |
parent | 6b6c64e6c053b33555805682aaf297efa35546ee (diff) |
xenial-arm64-tcwg-dev: New image
-rw-r--r-- | xenial-arm64-tcwg-dev/Dockerfile | 117 | ||||
-rwxr-xr-x | xenial-arm64-tcwg-dev/build.sh | 14 | ||||
-rwxr-xr-x | xenial-arm64-tcwg-dev/run.sh | 35 | ||||
-rwxr-xr-x | xenial-arm64-tcwg-dev/start.sh | 29 |
4 files changed, 195 insertions, 0 deletions
diff --git a/xenial-arm64-tcwg-dev/Dockerfile b/xenial-arm64-tcwg-dev/Dockerfile new file mode 100644 index 0000000..c050086 --- /dev/null +++ b/xenial-arm64-tcwg-dev/Dockerfile @@ -0,0 +1,117 @@ +FROM linaro/base-arm64-ubuntu:xenial + +RUN echo 'deb http://ports.ubuntu.com/ubuntu-ports xenial main universe' > /etc/apt/sources.list \ + && apt-get update \ + && DEBIAN_FRONTEND=noninteractive apt-get dist-upgrade -y \ + && DEBIAN_FRONTEND=noninteractive apt-get install -y devscripts \ + && DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ + alien \ + autoconf \ + autogen \ + automake \ + bc \ + bison \ + build-essential \ + ccache \ + ccrypt \ + byacc \ + debhelper \ + dejagnu \ + dh-autoreconf \ + dh-translations \ + distro-info-data \ + docker.io \ + emacs \ + fakeroot \ + flex \ + gawk \ + gdb \ + gdbserver \ + git \ + libexpat1-dev \ + liblzma-dev \ + libncurses5-dev \ + libpython2.7-dev \ + libreadline-dev \ + libssl-dev \ + libtcnative-1 \ + libtool \ + lzop \ + make \ + net-tools \ + netcat \ + openjdk-8-jdk \ + openssh-server \ + python-dev \ + pxz \ + qemu-user \ + rsync \ + sudo \ + texinfo \ + texlive-fonts-recommended \ + texlive-latex-recommended \ + time \ + vim \ + wget \ + xz-utils \ + zip \ + zlib1g-dev \ + && apt-get clean \ + && rm -rf \ + /var/lib/apt/lists/* \ + /tmp/* \ + /var/tmp/* + +RUN apt-get update \ + && DEBIAN_FRONTEND=noninteractive apt-get install -y \ + software-properties-common \ + && apt-get clean \ + && rm -rf \ + /var/lib/apt/lists/* \ + /tmp/* \ + /var/tmp/* + +RUN apt-get update \ + && DEBIAN_FRONTEND=noninteractive apt-get install -y \ + apt-file \ + git-gui \ + git-review \ + git-svn \ + gnat-5 \ + less \ + libgmp-dev \ + libmpc-dev \ + libmpfr-dev \ + mc \ + screen \ + stgit \ + tmux \ + && apt-get clean \ + && rm -rf \ + /var/lib/apt/lists/* \ + /tmp/* \ + /var/tmp/* + +RUN mkdir -p /var/run/sshd \ + && sed -i -e '/.*AuthorizedKeysFile/ d' /etc/ssh/sshd_config \ + && echo "AuthorizedKeysFile %h/.ssh/authorized_keys.dev" >> /etc/ssh/sshd_config \ + && locale-gen en_US.UTF-8 && update-locale LANG=en_US.UTF-8 \ + && apt-file update + +# Create directories required for X11. +RUN mkdir -p /tmp/.X11-unix /tmp/.ICE-unix \ + && chmod 1777 /tmp/.X11-unix /tmp/.ICE-unix + +# We use ssh multiplexing, which creates sockets in /tmp. Overlayfs, +# which docker is using, can't host sockets, so we use a scratch mount +# for /tmp. This requires that we add --rm option to "docker run" +# invocations (e.g., mark "Remove volumes" checkbox in docker plugin) to +# cleanup host directories used for the scratch mounts. +VOLUME /tmp + +EXPOSE 22 + +COPY run.sh /run.sh +ENTRYPOINT ["/run.sh"] + +COPY start.sh /start.sh diff --git a/xenial-arm64-tcwg-dev/build.sh b/xenial-arm64-tcwg-dev/build.sh new file mode 100755 index 0000000..68f06d9 --- /dev/null +++ b/xenial-arm64-tcwg-dev/build.sh @@ -0,0 +1,14 @@ +#!/bin/sh + +set -e + +trap cleanup_exit INT TERM EXIT + +cleanup_exit() +{ + : +} + +export LANG=C + +docker build --pull --tag=maximkuvyrkov/$(basename ${PWD}) . diff --git a/xenial-arm64-tcwg-dev/run.sh b/xenial-arm64-tcwg-dev/run.sh new file mode 100755 index 0000000..d2cbc0b --- /dev/null +++ b/xenial-arm64-tcwg-dev/run.sh @@ -0,0 +1,35 @@ +#!/bin/bash + +set -e + +if [ x"$@" = x"start.sh" ]; then + cat /start.sh + exit 0 +fi + +if ! [ -f /etc/sudoers.d/user ]; then + passwd_ent="$1" + groupname="$2" + pubkey="$3" + + username="$(echo $passwd_ent | cut -d: -f 1)" + uid="$(echo $passwd_ent | cut -d: -f 3)" + gid="$(echo $passwd_ent | cut -d: -f 4)" + comment="$(echo $passwd_ent | cut -d: -f 5)" + home="$(echo $passwd_ent | cut -d: -f 6)" + shell="$(echo $passwd_ent | cut -d: -f 7)" + + groupadd -g "$gid" "$groupname" + useradd -m -u "$uid" -g "$groupname" -c "$comment" -s "$shell" "$username" + + if ! [ -f /home/$username/.ssh/authorized_keys.x2go ] \ + && [ x"$pubkey" != x"" ]; then + sudo -u $username mkdir -p /home/$username/.ssh/ + echo "$pubkey" | sudo -u $username tee /home/$username/.ssh/authorized_keys.dev > /dev/null + fi + + echo "$username ALL = NOPASSWD: ALL" > /etc/sudoers.d/user + chmod 440 /etc/sudoers.d/user +fi + +exec /usr/sbin/sshd -D diff --git a/xenial-arm64-tcwg-dev/start.sh b/xenial-arm64-tcwg-dev/start.sh new file mode 100755 index 0000000..70ebbaa --- /dev/null +++ b/xenial-arm64-tcwg-dev/start.sh @@ -0,0 +1,29 @@ +#!/bin/bash + +set -e +set -x + +if groups tcwg-buildslave 2>/dev/null | grep -q docker; then + # If tcwg-buildslave user is present, use it to start the container + # to have [sudo] log record of container startups. + DOCKER="sudo -u tcwg-buildslave docker" +elif groups 2>/dev/null | grep -q docker; then + # Run docker straight up if $USER is in "docker" group. + DOCKER="docker" +else + # Fallback to sudo otherwise. + DOCKER="sudo docker" +fi + +$DOCKER pull maximkuvyrkov/xenial-arm64-tcwg-dev +$DOCKER run --name=$USER-xenial -dt -p 22 -v $HOME:$HOME -v /home/tcwg-buildslave:/home/tcwg-buildslave:ro --memory=$(($(free -g | awk '/^Mem/ { print $2 }') / 2))G --pids-limit=5000 --cap-add=IPC_LOCK maximkuvyrkov/xenial-arm64-tcwg-dev "$(getent passwd $USER)" "$(id -gn)" "$(/etc/ssh/ssh_keys.py $USER 2>/dev/null || sss_ssh_authorizedkeys $USER 2>/dev/null)" + +port=$($DOCKER port $USER-xenial 22 | cut -d: -f 2) + +set +x +echo "NOTE: the warning about kernel not supporting swap memory limit is expected" +echo "To connect to container run \"ssh -p $port localhost\"" +echo "To stop container run \"docker stop $USER-xenial\"" +echo "To restart container run \"docker start $USER-xenial\"" +echo "To remove container run \"docker rm -fv $USER-xenial\"" +echo "See https://collaborate.linaro.org/display/TCWG/How+to+setup+personal+dev+environment+using+docker for additional info" |