commit
e67811f988
5 changed files with 165 additions and 0 deletions
62
docker/Dockerfile
Normal file
62
docker/Dockerfile
Normal file
|
@ -0,0 +1,62 @@
|
||||||
|
FROM golang:alpine
|
||||||
|
|
||||||
|
# Set necessary environmet variables needed for our image
|
||||||
|
ENV GO111MODULE=on \
|
||||||
|
CGO_ENABLED=0 \
|
||||||
|
GOOS=linux \
|
||||||
|
GOARCH=amd64
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
ENV PATH /usr/lib/postgresql/$PG_MAJOR/bin:$PATH
|
||||||
|
ENV PGDATA /var/lib/postgresql/data
|
||||||
|
ENV POSTGRES_DB headscale
|
||||||
|
ENV POSTGRES_USER admin
|
||||||
|
|
||||||
|
ENV LANG en_US.utf8
|
||||||
|
|
||||||
|
RUN apk update && \
|
||||||
|
apk add git su-exec tzdata libpq postgresql-client postgresql postgresql-contrib gnupg supervisor inotify-tools wireguard-tools openssh && \
|
||||||
|
mkdir /docker-entrypoint-initdb.d && \
|
||||||
|
rm -rf /var/cache/apk/*
|
||||||
|
|
||||||
|
RUN gpg --keyserver ipv4.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4
|
||||||
|
RUN gpg --list-keys --fingerprint --with-colons | sed -E -n -e 's/^fpr:::::::::([0-9A-F]+):$/\1:6:/p' | gpg --import-ownertrust
|
||||||
|
RUN wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/1.7/gosu-amd64" && \
|
||||||
|
wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/1.7/gosu-amd64.asc" && \
|
||||||
|
gpg --verify /usr/local/bin/gosu.asc && \
|
||||||
|
rm /usr/local/bin/gosu.asc && \
|
||||||
|
chmod +x /usr/local/bin/gosu
|
||||||
|
RUN apk --purge del gnupg ca-certificates
|
||||||
|
|
||||||
|
VOLUME /var/lib/postgresql/data
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
RUN rm -rf /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_dsa_key
|
||||||
|
|
||||||
|
WORKDIR /build
|
||||||
|
|
||||||
|
RUN git clone https://github.com/juanfont/headscale.git
|
||||||
|
|
||||||
|
WORKDIR /build/headscale
|
||||||
|
|
||||||
|
RUN go build cmd/headscale/headscale.go
|
||||||
|
|
||||||
|
COPY headscale.sh /headscale.sh
|
||||||
|
COPY postgres.sh /postgres.sh
|
||||||
|
COPY supervisord.conf /etc/supervisord.conf
|
||||||
|
|
||||||
|
WORKDIR /
|
||||||
|
|
||||||
|
RUN mkdir -p /run/postgresql
|
||||||
|
RUN chown postgres:postgres /run/postgresql
|
||||||
|
|
||||||
|
RUN adduser -S headscale
|
||||||
|
|
||||||
|
#ENV GIN_MODE release
|
||||||
|
|
||||||
|
EXPOSE 8000
|
||||||
|
|
||||||
|
CMD ["supervisord","--nodaemon", "--configuration", "/etc/supervisord.conf"]
|
28
docker/headscale.sh
Executable file
28
docker/headscale.sh
Executable file
|
@ -0,0 +1,28 @@
|
||||||
|
#!/bin/bash
|
||||||
|
cd /build/headscale
|
||||||
|
echo 'Writing config...'
|
||||||
|
echo '''
|
||||||
|
{
|
||||||
|
"server_url": "$SERVER_URL",
|
||||||
|
"listen_addr": "0.0.0.0:8000",
|
||||||
|
"private_key_path": "private.key",
|
||||||
|
"public_key_path": "public.key",
|
||||||
|
"db_host": "localhost",
|
||||||
|
"db_port": 5432,
|
||||||
|
"db_name": "headscale",
|
||||||
|
"db_user": "admin",
|
||||||
|
"db_pass": "$POSTGRES_PASSWORD"
|
||||||
|
}
|
||||||
|
''' > config.json
|
||||||
|
|
||||||
|
# Wait until PostgreSQL started and listens on port 5432.
|
||||||
|
while [ -z "`netstat -tln | grep 5432`" ]; do
|
||||||
|
echo 'Waiting for PostgreSQL to start ...'
|
||||||
|
sleep 1
|
||||||
|
done
|
||||||
|
echo 'PostgreSQL started.'
|
||||||
|
|
||||||
|
# Start server.
|
||||||
|
echo 'Starting server...'
|
||||||
|
|
||||||
|
./headscale
|
58
docker/postgres.sh
Executable file
58
docker/postgres.sh
Executable file
|
@ -0,0 +1,58 @@
|
||||||
|
#!/bin/sh
|
||||||
|
chown -R postgres "$PGDATA"
|
||||||
|
if [ -z "$(ls -A "$PGDATA")" ]; then
|
||||||
|
gosu postgres initdb
|
||||||
|
sed -ri "s/^#(listen_addresses\s*=\s*)\S+/\1'*'/" "$PGDATA"/postgresql.conf
|
||||||
|
|
||||||
|
: ${POSTGRES_USER:="postgres"}
|
||||||
|
: ${POSTGRES_DB:=$POSTGRES_USER}
|
||||||
|
|
||||||
|
if [ "$POSTGRES_PASSWORD" ]; then
|
||||||
|
pass="PASSWORD '$POSTGRES_PASSWORD'"
|
||||||
|
authMethod=md5
|
||||||
|
else
|
||||||
|
echo "==============================="
|
||||||
|
echo "!!! NO PASSWORD SET !!! (Use \$POSTGRES_PASSWORD env var)"
|
||||||
|
echo "==============================="
|
||||||
|
pass=
|
||||||
|
authMethod=trust
|
||||||
|
fi
|
||||||
|
echo
|
||||||
|
|
||||||
|
|
||||||
|
if [ "$POSTGRES_DB" != 'postgres' ]; then
|
||||||
|
createSql="CREATE DATABASE $POSTGRES_DB;"
|
||||||
|
echo $createSql | gosu postgres postgres --single -jE
|
||||||
|
echo
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$POSTGRES_USER" != 'postgres' ]; then
|
||||||
|
op=CREATE
|
||||||
|
else
|
||||||
|
op=ALTER
|
||||||
|
fi
|
||||||
|
|
||||||
|
userSql="$op USER $POSTGRES_USER WITH SUPERUSER $pass;"
|
||||||
|
echo $userSql | gosu postgres postgres --single -jE
|
||||||
|
echo
|
||||||
|
|
||||||
|
gosu postgres pg_ctl -D "$PGDATA" \
|
||||||
|
-o "-c listen_addresses=''" \
|
||||||
|
-w start
|
||||||
|
|
||||||
|
echo
|
||||||
|
for f in /docker-entrypoint-initdb.d/*; do
|
||||||
|
case "$f" in
|
||||||
|
*.sh) echo "$0: running $f"; . "$f" ;;
|
||||||
|
*.sql) echo "$0: running $f"; psql --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" < "$f" && echo ;;
|
||||||
|
*) echo "$0: ignoring $f" ;;
|
||||||
|
esac
|
||||||
|
echo
|
||||||
|
done
|
||||||
|
|
||||||
|
gosu postgres pg_ctl -D "$PGDATA" -m fast -w stop
|
||||||
|
|
||||||
|
{ echo; echo "host all all 0.0.0.0/0 $authMethod"; } >> "$PGDATA"/pg_hba.conf
|
||||||
|
fi
|
||||||
|
|
||||||
|
exec gosu postgres postgres
|
4
docker/run.sh
Executable file
4
docker/run.sh
Executable file
|
@ -0,0 +1,4 @@
|
||||||
|
# Example of how to user the docker image
|
||||||
|
POSTGRES_PASSWORD=
|
||||||
|
docker build . -t headscale-docker
|
||||||
|
docker run -p 8000:8000 -v $(pwd)/pgdata:/var/lib/postgresql/data -v "$(pwd)/private.key:/build/headscale/private.key" -v "$(pwd)/public.key:/build/headscale/public.key" -e SERVER_URL=127.0.0.1:8000 -e POSTGRES_PASSWORD=$POSTGRES_PASSWORD -ti headscale-docker
|
13
docker/supervisord.conf
Normal file
13
docker/supervisord.conf
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
[supervisord]
|
||||||
|
nodaemon=true
|
||||||
|
user = root
|
||||||
|
|
||||||
|
[program:headscale]
|
||||||
|
command=/bin/bash -c "/headscale.sh"
|
||||||
|
stdout_logfile=/dev/stdout
|
||||||
|
stdout_logfile_maxbytes=0
|
||||||
|
|
||||||
|
[program:postgres]
|
||||||
|
command=/bin/bash -c "/postgres.sh"
|
||||||
|
stdout_logfile=/dev/stdout
|
||||||
|
stdout_logfile_maxbytes=0
|
Loading…
Reference in a new issue