建立基礎的Dockerfile

FROM ubuntu:xenial
MAINTAINER kawsing <kawsing@gmail.com>
#有基本中文環境，ssh與tftp與rsyslog
RUN echo "deb http://tw.archive.ubuntu.com/ubuntu/ xenial main\n\
deb http://tw.archive.ubuntu.com/ubuntu/ xenial multiverse\n\
deb http://tw.archive.ubuntu.com/ubuntu/ xenial universe\n\
deb http://tw.archive.ubuntu.com/ubuntu/ xenial restricted\n\
"> /etc/apt/sources.list
RUN apt-get update && apt-get install -y ssh bash-completion \
 language-pack-zh-hant fonts-droid-fallback \
 net-tools openssl ssl-cert \
 tftp-hpa tftpd-hpa apache2 libapache2-mod-php \
 mysql-server php-mysql pwgen php-apcu php-mcrypt rsyslog \
 python-imaging python-pip python-setuptools \
 && apt-get autoclean \
 && apt-get autoremove \
 && rm -rf /var/lib/apt/lists/*
# Configure locales and timezone
RUN locale-gen en_US.UTF-8 en_GB.UTF-8 zh_TW.UTF-8
RUN cp /usr/share/zoneinfo/Asia/Taipei /etc/localtime
RUN echo "Asia/Taipei" > /etc/timezone

# Supervisor config
RUN mkdir /var/log/supervisor
RUN pip install supervisor
COPY supervisord.conf /etc/supervisord.conf

RUN make-ssl-cert generate-default-snakeoil --force-overwrite
RUN mkdir /var/run/sshd
RUN mkdir /opt/tftpdata
RUN echo "TFTP_USERNAME='tftp'\n\
TFTP_DIRECTORY='/opt/tftpdata'\n\
TFTP_ADDRESS='[::]:69'\n\
TFTP_OPTIONS='--secure -c -vvvv'\n\
">  /etc/default/tftpd-hpa
RUN chown -R tftp /opt/tftpdata
#建立密碼
RUN echo 'root:password' | chpasswd
RUN sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
# Startup script
COPY start.sh /opt/start.sh
RUN chmod 755 /opt/start.sh
COPY ./rsyslog.conf /etc/rsyslog.conf
NV NOTVISIBLE "in users profile"
RUN echo "export VISIBLE=now" >> /etc/profile

EXPOSE 22
EXPOSE 80
EXPOSE 443
EXPOSE 3306
ENTRYPOINT ["/opt/start.sh"]

supervisord.conf

[unix_http_server]
file=/var/run/supervisor.sock   ; (the path to the socket file)

[supervisord]
logfile=/var/log/supervisor/supervisord.log ; (main log file;default $CWD/supervisord.log)
logfile_maxbytes=50MB                       ; (max main logfile bytes b4 rotation;default 50MB)
logfile_backups=10                          ; (num of main logfile rotation backups;default 10)
loglevel=info                               ; (log level;default info; others: debug,warn,trace)
pidfile=/var/run/supervisord.pid            ; (supervisord pidfile;default supervisord.pid)
nodaemon=false                              ; (start in foreground if true;default false)
minfds=1024                                 ; (min. avail startup file descriptors;default 1024)
minprocs=200                                ; (min. avail process descriptors;default 200)
; the below section must remain in the config file for RPC
; (supervisorctl/web interface) to work, additional interfaces may be
; added by defining them in separate rpcinterface: sections
[rpcinterface:supervisor]
supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface

[supervisorctl]
serverurl=unix:///var/run/supervisor.sock ; use a unix:// URL  for a unix socket

[program:ssh]
command=service ssh start
stdout_events_enabled=true
stderr_events_enabled=true

[program:rsyslog]
command=service rsyslog start
stdout_events_enabled=true
stderr_events_enabled=true
[program:apache2]
command=service apache2 start
numprocs=1
autostart=true
autorestart=true

[program:mysqld]
command=service mysql start
numprocs=1
autostart=true
autorestart=true

rsyslog.conf

  /etc/rsyslog.conf    Configuration file for rsyslog.
#
#                       For more information see
#                       /usr/share/doc/rsyslog-doc/html/rsyslog_conf.html
#
#  Default logging rules can be found in /etc/rsyslog.d/50-default.conf


#################
#### MODULES ####
#################

$ModLoad imuxsock # provides support for local system logging
$ModLoad imklog   # provides kernel logging support
#$ModLoad immark  # provides --MARK-- message capability

# provides UDP syslog reception
#$ModLoad imudp
#$UDPServerRun 514

# provides TCP syslog reception
#$ModLoad imtcp
#$InputTCPServerRun 514
# Enable non-kernel facility klog messages
$KLogPermitNonKernelFacility on

###########################
#### GLOBAL DIRECTIVES ####
###########################

#
# Use traditional timestamp format.
# To enable high precision timestamps, comment out the following line.
#
$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat

# Filter duplicated messages
$RepeatedMsgReduction on
#
$FileOwner syslog
$FileGroup adm
$FileCreateMode 0640
$DirCreateMode 0755
$Umask 0022
$PrivDropToUser syslog
$PrivDropToGroup syslog

#
# Where to place spool and state files
#
$WorkDirectory /var/spool/rsyslog

#
# Include all config files in /etc/rsyslog.d/
#
$IncludeConfig /etc/rsyslog.d/*.conf
# TFTP Logfile
# template to log local in dynamic files
$template tftp,"/var/log/tftp/tftp-%$YEAR%-%$MONTH%-%$DAY%.log"
:programname, isequal, "in.tftpd"                           -?tftp;RSYSLOG_TraditionalFileFormat
& ~

start.sh

#!/bin/bash
function start {

    echo "Starting service"
    ulimit -n 30000
    exec /usr/local/bin/supervisord -c /etc/supervisord.conf -n
    exit 0
}

start

exit 0

Previous使用docker-compose整合MySQL Next使用Dockerfile建立用於xoops的images

Last updated 5 years ago

Was this helpful?