diff --git a/docker/Dockerfile b/docker/Dockerfile new file mode 100644 index 0000000..1744cad --- /dev/null +++ b/docker/Dockerfile @@ -0,0 +1,62 @@ +FROM golang:alpine + +# Set necessary environmet variables needed for our image +ENV GO111MODULE=on \ + CGO_ENABLED=0 \ + GOOS=linux \ + GOARCH=amd64 + + + +ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH +ENV PGDATA /var/lib/postgresql/data +ENV POSTGRES_DB headscale +ENV POSTGRES_USER admin + +ENV LANG en_US.utf8 + +RUN apk update && \ + apk add git su-exec tzdata libpq postgresql-client postgresql postgresql-contrib gnupg supervisor inotify-tools wireguard-tools openssh && \ + mkdir /docker-entrypoint-initdb.d && \ + rm -rf /var/cache/apk/* + +RUN gpg --keyserver ipv4.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 +RUN gpg --list-keys --fingerprint --with-colons | sed -E -n -e 's/^fpr:::::::::([0-9A-F]+):$/\1:6:/p' | gpg --import-ownertrust +RUN wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/1.7/gosu-amd64" && \ + wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/1.7/gosu-amd64.asc" && \ + gpg --verify /usr/local/bin/gosu.asc && \ + rm /usr/local/bin/gosu.asc && \ + chmod +x /usr/local/bin/gosu +RUN apk --purge del gnupg ca-certificates + +VOLUME /var/lib/postgresql/data + + + + +RUN rm -rf /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_dsa_key + +WORKDIR /build + +RUN git clone https://github.com/juanfont/headscale.git + +WORKDIR /build/headscale + +RUN go build cmd/headscale/headscale.go + +COPY headscale.sh /headscale.sh +COPY postgres.sh /postgres.sh +COPY supervisord.conf /etc/supervisord.conf + +WORKDIR / + +RUN mkdir -p /run/postgresql +RUN chown postgres:postgres /run/postgresql + +RUN adduser -S headscale + +#ENV GIN_MODE release + +EXPOSE 8000 + +CMD ["supervisord","--nodaemon", "--configuration", "/etc/supervisord.conf"] diff --git a/docker/headscale.sh b/docker/headscale.sh new file mode 100755 index 0000000..465c5af --- /dev/null +++ b/docker/headscale.sh @@ -0,0 +1,28 @@ +#!/bin/bash +cd /build/headscale +echo 'Writing config...' +echo ''' +{ + "server_url": "$SERVER_URL", + "listen_addr": "0.0.0.0:8000", + "private_key_path": "private.key", + "public_key_path": "public.key", + "db_host": "localhost", + "db_port": 5432, + "db_name": "headscale", + "db_user": "admin", + "db_pass": "$POSTGRES_PASSWORD" +} +''' > config.json + +# Wait until PostgreSQL started and listens on port 5432. +while [ -z "`netstat -tln | grep 5432`" ]; do + echo 'Waiting for PostgreSQL to start ...' + sleep 1 +done +echo 'PostgreSQL started.' + +# Start server. +echo 'Starting server...' + +./headscale \ No newline at end of file diff --git a/docker/postgres.sh b/docker/postgres.sh new file mode 100755 index 0000000..3eb2b34 --- /dev/null +++ b/docker/postgres.sh @@ -0,0 +1,58 @@ +#!/bin/sh +chown -R postgres "$PGDATA" +if [ -z "$(ls -A "$PGDATA")" ]; then + gosu postgres initdb + sed -ri "s/^#(listen_addresses\s*=\s*)\S+/\1'*'/" "$PGDATA"/postgresql.conf + + : ${POSTGRES_USER:="postgres"} + : ${POSTGRES_DB:=$POSTGRES_USER} + + if [ "$POSTGRES_PASSWORD" ]; then + pass="PASSWORD '$POSTGRES_PASSWORD'" + authMethod=md5 + else + echo "===============================" + echo "!!! NO PASSWORD SET !!! (Use \$POSTGRES_PASSWORD env var)" + echo "===============================" + pass= + authMethod=trust + fi + echo + + + if [ "$POSTGRES_DB" != 'postgres' ]; then + createSql="CREATE DATABASE $POSTGRES_DB;" + echo $createSql | gosu postgres postgres --single -jE + echo + fi + + if [ "$POSTGRES_USER" != 'postgres' ]; then + op=CREATE + else + op=ALTER + fi + + userSql="$op USER $POSTGRES_USER WITH SUPERUSER $pass;" + echo $userSql | gosu postgres postgres --single -jE + echo + + gosu postgres pg_ctl -D "$PGDATA" \ + -o "-c listen_addresses=''" \ + -w start + + echo + for f in /docker-entrypoint-initdb.d/*; do + case "$f" in + *.sh) echo "$0: running $f"; . "$f" ;; + *.sql) echo "$0: running $f"; psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" < "$f" && echo ;; + *) echo "$0: ignoring $f" ;; + esac + echo + done + + gosu postgres pg_ctl -D "$PGDATA" -m fast -w stop + + { echo; echo "host all all 0.0.0.0/0 $authMethod"; } >> "$PGDATA"/pg_hba.conf +fi + +exec gosu postgres postgres \ No newline at end of file diff --git a/docker/run.sh b/docker/run.sh new file mode 100755 index 0000000..7ad4777 --- /dev/null +++ b/docker/run.sh @@ -0,0 +1,4 @@ +# Example of how to user the docker image +POSTGRES_PASSWORD= +docker build . -t headscale-docker +docker run -p 8000:8000 -v $(pwd)/pgdata:/var/lib/postgresql/data -v "$(pwd)/private.key:/build/headscale/private.key" -v "$(pwd)/public.key:/build/headscale/public.key" -e SERVER_URL=127.0.0.1:8000 -e POSTGRES_PASSWORD=$POSTGRES_PASSWORD -ti headscale-docker diff --git a/docker/supervisord.conf b/docker/supervisord.conf new file mode 100644 index 0000000..dffac17 --- /dev/null +++ b/docker/supervisord.conf @@ -0,0 +1,13 @@ +[supervisord] +nodaemon=true +user = root + +[program:headscale] +command=/bin/bash -c "/headscale.sh" +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 + +[program:postgres] +command=/bin/bash -c "/postgres.sh" +stdout_logfile=/dev/stdout +stdout_logfile_maxbytes=0 \ No newline at end of file