BuildEnvironments/DIND/Dockerfile

78 lines
No EOL
3 KiB
Docker

FROM git.zontreck.com/packages/debian:build
ENV HOME /root
USER root
WORKDIR /
RUN apt-get update && apt-get upgrade -y
RUN apt-get install -y curl moreutils bash
SHELL ["/bin/bash", "-c"]
RUN apt-get install -y ca-certificates openssh-client git
RUN [ -e /etc/nsswitch.conf ] && grep '^hosts: files dns' /etc/nsswitch.conf
RUN set -eux addgroup -g 2375 -S docker
ENV DOCKER_VERSION 28.0.1
RUN set -eux ;\
wget -O docker.tgz https://download.docker.com/linux/static/stable/x86_64/docker-28.0.1.tgz; \
tar --extract --file docker.tgz --strip-components 1 --directory /usr/local/bin/ --no-same-owner 'docker/docker'; rm docker.tgz; \
docker --version
ENV DOCKER_BUILDX_VERSION 0.21.2
RUN set -eux; \
wget -O docker-buildx https://github.com/docker/buildx/releases/download/v0.21.2/buildx-v0.21.2.linux-amd64; \
mkdir -pv /usr/local/libexec/docker/cli-plugins/; \
mv -vT docker-buildx /usr/local/libexec/docker/cli-plugins/docker-buildx; \
chmod +x /usr/local/libexec/docker/cli-plugins/docker-buildx; \
ln -sv /usr/local/libexec/docker/cli-plugins/docker-buildx /usr/local/bin/docker-buildx; \
docker buildx version
ENV DOCKER_COMPOSE_VERSION 2.34.0
RUN set -eux; \
wget -O docker-compose https://github.com/docker/compose/releases/download/v2.34.0/docker-compose-linux-x86_64; \
mv -vT docker-compose /usr/local/libexec/docker/cli-plugins/docker-compose; \
chmod +x /usr/local/libexec/docker/cli-plugins/docker-compose; \
ln -sv /usr/local/libexec/docker/cli-plugins/docker-compose /usr/local/bin/docker-compose; \
docker compose version
COPY ./modprobe.sh /usr/local/bin/modprobe
COPY ./docker-entrypoint.sh /usr/local/bin/docker-entrypoint
ENV DOCKER_TLS_CERTDIR=/certs
RUN mkdir -pv /certs/client && chmod 1777 /certs /certs/client
ENTRYPOINT ["/usr/local/bin/docker-entrypoint"]
CMD ["bash"]
# Here's where we get into all the fun stuff. This is the main docker-in-docker portion of the image.
RUN apt-get install -y e2fsprogs e2fsprogs-extra build-essential openssl iptables ip6tables pigz shadow-uidmap xfsprogs xz zfs
RUN apt-get install -y iptables-legacy;\
mkdir -pv /usr/local/sbin/.iptables-legacy; \
for f in iptables iptables-save iptables-restore ip6tables ip6tables-save ip6tables-restore; \
do b="$(command -v "${f/tables/tables-legacy}")"; \
"$b" --version; \
ln -svT "$b" "/usr/local/sbin/.iptables-legacy/$f"; \
done; \
export PATH="/usr/local/sbin/.iptables-legacy:$PATH"; \
iptables --version | grep legacy
RUN set -eux;\
addgroup -S dockremap; \
adduser -S -G dockremap dockremap; \
echo "dockremap:165536:65536" >> /etc/subuid; \
echo "dockremap:165536:65536" >> /etc/subgid
RUN dockerd --version
RUN wget -O /usr/local/bin/dind https://raw.githubusercontent.com/moby/moby/refs/heads/master/hack/dind; \
chmod +x /usr/local/bin/dind
COPY ./dockerd-entrypoint.sh /usr/local/bin/dockerd-entrypoint
VOLUME [/var/lib/docker]
EXPOSE 2375/tcp 2376/tcp
ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint"]
CMD []