-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathDockerfile
131 lines (119 loc) · 4.38 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
FROM mhart/alpine-node:8
MAINTAINER miniers <[email protected]>
ENV SSMGR_TYPE client
ENV S6_OVERLAY_VERSION v1.21.7.0
ENV SS_VER 3.2.1
ENV SS_URL https://github.com/shadowsocks/shadowsocks-libev/archive/v$SS_VER.tar.gz
ENV SS_DIR shadowsocks-libev-$SS_VER
ENV REDIS_VERSION 5.0.3
ENV REDIS_DOWNLOAD_URL http://download.redis.io/releases/redis-5.0.3.tar.gz
ENV REDIS_DOWNLOAD_SHA e290b4ddf817b26254a74d5d564095b11f9cd20d8f165459efa53eb63cd93e02
RUN addgroup -S redis && adduser -S -G redis redis
RUN set -ex; \
\
apk add --no-cache --virtual .build-deps \
coreutils \
gcc \
jemalloc-dev \
linux-headers \
make \
musl-dev \
; \
\
wget -O redis.tar.gz "$REDIS_DOWNLOAD_URL"; \
echo "$REDIS_DOWNLOAD_SHA *redis.tar.gz" | sha256sum -c -; \
mkdir -p /usr/src/redis; \
tar -xzf redis.tar.gz -C /usr/src/redis --strip-components=1; \
rm redis.tar.gz; \
\
# disable Redis protected mode [1] as it is unnecessary in context of Docker
# (ports are not automatically exposed when running inside Docker, but rather explicitly by specifying -p / -P)
# [1]: https://github.com/antirez/redis/commit/edd4d555df57dc84265fdfb4ef59a4678832f6da
grep -q '^#define CONFIG_DEFAULT_PROTECTED_MODE 1$' /usr/src/redis/src/server.h; \
sed -ri 's!^(#define CONFIG_DEFAULT_PROTECTED_MODE) 1$!\1 0!' /usr/src/redis/src/server.h; \
grep -q '^#define CONFIG_DEFAULT_PROTECTED_MODE 0$' /usr/src/redis/src/server.h; \
# for future reference, we modify this directly in the source instead of just supplying a default configuration flag because apparently "if you specify any argument to redis-server, [it assumes] you are going to specify everything"
# see also https://github.com/docker-library/redis/issues/4#issuecomment-50780840
# (more exactly, this makes sure the default behavior of "save on SIGTERM" stays functional by default)
\
make -C /usr/src/redis -j "$(nproc)"; \
make -C /usr/src/redis install; \
\
rm -r /usr/src/redis; \
\
runDeps="$( \
scanelf --needed --nobanner --format '%n#p' --recursive /usr/local \
| tr ',' '\n' \
| sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
)"; \
apk add --virtual .redis-rundeps $runDeps; \
apk del .build-deps; \
\
redis-server --version
RUN mkdir /data && chown redis:redis /data
RUN apk add --update --no-cache curl tzdata && \
curl -sSL https://github.com/just-containers/s6-overlay/releases/download/${S6_OVERLAY_VERSION}/s6-overlay-amd64.tar.gz \
| tar xfz - -C / && \
cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \
echo "Asia/Shanghai" > /etc/timezone && \
apk del curl && \
rm -rf /var/cache/apk/*
RUN set -ex \
&& apk add --no-cache libcrypto1.0 \
libev \
libsodium \
mbedtls \
c-ares \
pcre \
&& apk add --no-cache --virtual .build-deps \
autoconf \
automake \
asciidoc \
xmlto \
gettext-dev \
build-base \
curl \
libev-dev \
unzip \
c-ares-dev \
libtool \
linux-headers \
openssl-dev \
libsodium-dev \
mbedtls-dev \
pcre-dev \
tar \
wget \
git \
&& curl -ksSL $SS_URL | tar xz \
&& cd $SS_DIR \
&& curl -ksSL https://github.com/shadowsocks/ipset/archive/shadowsocks.tar.gz | tar xz --strip 1 -C libipset \
&& curl -ksSL https://github.com/shadowsocks/libcork/archive/shadowsocks.tar.gz | tar xz --strip 1 -C libcork \
&& curl -ksSL https://github.com/shadowsocks/libbloom/archive/master.tar.gz | tar xz --strip 1 -C libbloom \
&& ./autogen.sh \
&& ./configure --disable-documentation \
&& make install \
&& cd .. \
&& git config --global http.sslVerify false \
&& git clone https://github.com/shadowsocks/simple-obfs \
&& cd simple-obfs \
&& git submodule update --init --recursive \
&& ./autogen.sh \
&& ./configure \
&& make \
&& make install \
&& cd .. \
&& rm -rf simple-obfs \
&& apk del .build-deps \
&& rm -rf client_linux_amd64 \
$SS_DIR \
simple-obfs-$SIMPLE_OBFS_VERSION \
/var/cache/apk/*
RUN apk add --no-cache git \
&& git clone https://github.com/shadowsocks/shadowsocks-manager.git /ssmgr \
&& cd /ssmgr \
&& yarn
ADD root /
EXPOSE 4001 80 6379 38000-38100
ENTRYPOINT ["/init"]