From e6db04336bde974007f30441805b21f0aef8a4ca Mon Sep 17 00:00:00 2001 From: David Personette Date: Fri, 20 Oct 2017 13:43:12 -0400 Subject: [PATCH] convert to alpine --- Dockerfile | 25 +++++++++------ Dockerfile.armv7hf => Dockerfile.armhf | 25 +++++++++------ Dockerfile.rpi | 42 -------------------------- README.md | 14 +-------- samba.sh | 31 +++---------------- 5 files changed, 36 insertions(+), 101 deletions(-) rename Dockerfile.armv7hf => Dockerfile.armhf (69%) delete mode 100644 Dockerfile.rpi diff --git a/Dockerfile b/Dockerfile index 69435ee..f91ebff 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,16 +1,18 @@ -FROM debian:stretch +FROM alpine MAINTAINER David Personette # Install samba -RUN export DEBIAN_FRONTEND='noninteractive' && \ - apt-get update -qq && \ - apt-get install -qqy --no-install-recommends procps samba samba-vfs-modules\ - $(apt-get -s dist-upgrade|awk '/^Inst.*ecurity/ {print $2}') &&\ - useradd -c 'Samba User' -d /tmp -M -r smbuser && \ +RUN apk --no-cache add bash samba shadow && \ + adduser -D -G users -H -g 'Samba User' -h /tmp smbuser && \ sed -i 's|^\( log file = \).*|\1/dev/stdout|' /etc/samba/smb.conf && \ + sed -i 's|^\( load printers = \).*|\1no|' /etc/samba/smb.conf && \ + sed -i 's|^\( printcap name = \).*|\1/dev/null|' /etc/samba/smb.conf && \ + sed -i 's|^;*\( printing = \).*|\1bsd|' /etc/samba/smb.conf && \ sed -i 's|^\( unix password sync = \).*|\1no|' /etc/samba/smb.conf && \ sed -i '/Share Definitions/,$d' /etc/samba/smb.conf && \ - echo ' security = user' >>/etc/samba/smb.conf && \ + echo ' pam password change = yes' >>/etc/samba/smb.conf && \ + echo ' map to guest = bad user' >>/etc/samba/smb.conf && \ + echo ' usershare allow guests = yes' >>/etc/samba/smb.conf && \ echo ' create mask = 0664' >>/etc/samba/smb.conf && \ echo ' force create mode = 0664' >>/etc/samba/smb.conf && \ echo ' directory mask = 0775' >>/etc/samba/smb.conf && \ @@ -29,12 +31,15 @@ RUN export DEBIAN_FRONTEND='noninteractive' && \ echo ' recycle:versions = yes' >>/etc/samba/smb.conf && \ echo ' min protocol = SMB2' >>/etc/samba/smb.conf && \ echo '' >>/etc/samba/smb.conf && \ - apt-get clean && \ - rm -rf /var/lib/apt/lists/* /tmp/* + rm -rf /tmp/* + COPY samba.sh /usr/bin/ -VOLUME ["/etc/samba"] +HEALTHCHECK --interval=60s --timeout=15s \ + CMD smbclient -L '\\localhost\' -U 'guest%' -m SMB3 EXPOSE 137/udp 138/udp 139 445 +VOLUME ["/etc/samba"] + ENTRYPOINT ["samba.sh"] \ No newline at end of file diff --git a/Dockerfile.armv7hf b/Dockerfile.armhf similarity index 69% rename from Dockerfile.armv7hf rename to Dockerfile.armhf index 03cc38e..80bcbb7 100644 --- a/Dockerfile.armv7hf +++ b/Dockerfile.armhf @@ -1,17 +1,19 @@ -FROM resin/armv7hf-debian:stretch +FROM resin/armhf-alpine MAINTAINER David Personette # Install samba RUN ["cross-build-start"] -RUN export DEBIAN_FRONTEND='noninteractive' && \ - apt-get update -qq && \ - apt-get install -qqy --no-install-recommends procps samba samba-vfs-modules\ - $(apt-get -s dist-upgrade|awk '/^Inst.*ecurity/ {print $2}') &&\ - useradd -c 'Samba User' -d /tmp -M -r smbuser && \ +RUN apk --no-cache add bash samba shadow && \ + adduser -D -G users -H -g 'Samba User' -h /tmp smbuser && \ sed -i 's|^\( log file = \).*|\1/dev/stdout|' /etc/samba/smb.conf && \ + sed -i 's|^\( load printers = \).*|\1no|' /etc/samba/smb.conf && \ + sed -i 's|^\( printcap name = \).*|\1/dev/null|' /etc/samba/smb.conf && \ + sed -i 's|^;*\( printing = \).*|\1bsd|' /etc/samba/smb.conf && \ sed -i 's|^\( unix password sync = \).*|\1no|' /etc/samba/smb.conf && \ sed -i '/Share Definitions/,$d' /etc/samba/smb.conf && \ - echo ' security = user' >>/etc/samba/smb.conf && \ + echo ' pam password change = yes' >>/etc/samba/smb.conf && \ + echo ' map to guest = bad user' >>/etc/samba/smb.conf && \ + echo ' usershare allow guests = yes' >>/etc/samba/smb.conf && \ echo ' create mask = 0664' >>/etc/samba/smb.conf && \ echo ' force create mode = 0664' >>/etc/samba/smb.conf && \ echo ' directory mask = 0775' >>/etc/samba/smb.conf && \ @@ -30,13 +32,16 @@ RUN export DEBIAN_FRONTEND='noninteractive' && \ echo ' recycle:versions = yes' >>/etc/samba/smb.conf && \ echo ' min protocol = SMB2' >>/etc/samba/smb.conf && \ echo '' >>/etc/samba/smb.conf && \ - apt-get clean && \ - rm -rf /var/lib/apt/lists/* /tmp/* + rm -rf /tmp/* RUN ["cross-build-end"] + COPY samba.sh /usr/bin/ -VOLUME ["/etc/samba"] +HEALTHCHECK --interval=60s --timeout=15s \ + CMD smbclient -L '\\localhost\' -U 'guest%' -m SMB3 EXPOSE 137/udp 138/udp 139 445 +VOLUME ["/etc/samba"] + ENTRYPOINT ["samba.sh"] \ No newline at end of file diff --git a/Dockerfile.rpi b/Dockerfile.rpi deleted file mode 100644 index c268ec0..0000000 --- a/Dockerfile.rpi +++ /dev/null @@ -1,42 +0,0 @@ -FROM resin/raspberry-pi-debian:stretch -MAINTAINER David Personette - -# Install samba -RUN ["cross-build-start"] -RUN export DEBIAN_FRONTEND='noninteractive' && \ - apt-get update -qq && \ - apt-get install -qqy --no-install-recommends procps samba samba-vfs-modules\ - $(apt-get -s dist-upgrade|awk '/^Inst.*ecurity/ {print $2}') &&\ - useradd -c 'Samba User' -d /tmp -M -r smbuser && \ - sed -i 's|^\( log file = \).*|\1/dev/stdout|' /etc/samba/smb.conf && \ - sed -i 's|^\( unix password sync = \).*|\1no|' /etc/samba/smb.conf && \ - sed -i '/Share Definitions/,$d' /etc/samba/smb.conf && \ - echo ' security = user' >>/etc/samba/smb.conf && \ - echo ' create mask = 0664' >>/etc/samba/smb.conf && \ - echo ' force create mode = 0664' >>/etc/samba/smb.conf && \ - echo ' directory mask = 0775' >>/etc/samba/smb.conf && \ - echo ' force directory mode = 0775' >>/etc/samba/smb.conf && \ - echo ' force user = smbuser' >>/etc/samba/smb.conf && \ - echo ' force group = users' >>/etc/samba/smb.conf && \ - echo ' follow symlinks = yes' >>/etc/samba/smb.conf && \ - echo ' load printers = no' >>/etc/samba/smb.conf && \ - echo ' printing = bsd' >>/etc/samba/smb.conf && \ - echo ' printcap name = /dev/null' >>/etc/samba/smb.conf && \ - echo ' disable spoolss = yes' >>/etc/samba/smb.conf && \ - echo ' socket options = TCP_NODELAY' >>/etc/samba/smb.conf && \ - echo ' strict locking = no' >>/etc/samba/smb.conf && \ - echo ' vfs objects = recycle' >>/etc/samba/smb.conf && \ - echo ' recycle:keeptree = yes' >>/etc/samba/smb.conf && \ - echo ' recycle:versions = yes' >>/etc/samba/smb.conf && \ - echo ' min protocol = SMB2' >>/etc/samba/smb.conf && \ - echo '' >>/etc/samba/smb.conf && \ - apt-get clean && \ - rm -rf /var/lib/apt/lists/* /tmp/* -RUN ["cross-build-end"] -COPY samba.sh /usr/bin/ - -VOLUME ["/etc/samba"] - -EXPOSE 137/udp 138/udp 139 445 - -ENTRYPOINT ["samba.sh"] \ No newline at end of file diff --git a/README.md b/README.md index 4eb0f58..c137a81 100644 --- a/README.md +++ b/README.md @@ -51,8 +51,6 @@ OR set local storage: [users] allowed default:'all' or list of allowed users [admins] allowed default:'none' or list of admin users [writelist] list of users that can write to a RO share - -t "" Configure timezone - possible arg: "[timezone]" - zoneinfo timezone for container -u "[;ID;group]" Add a user required arg: ";" for user @@ -71,7 +69,7 @@ ENVIRONMENT VARIABLES (only available with `docker run`) * `CHARMAP` - As above, configure character mapping * `NMBD` - As above, enable nmbd * `SMB` - As above, disable SMB2 minimum version - * `TZ` - As above, set a zoneinfo timezone, IE `EST5EDT` + * `TZ` - Set a timezone, IE `EST5EDT` * `WIDELINKS` - As above, allow access wide symbolic links * `WORKGROUP` - As above, set workgroup * `USERID` - Set the UID for the samba server @@ -87,18 +85,8 @@ Any of the commands can be run at creation with `docker run` or later with ### Setting the Timezone - sudo docker run -it -p 139:139 -p 445:445 -d dperson/samba -t EST5EDT - -OR using `environment variables` - sudo docker run -it -e TZ=EST5EDT -p 139:139 -p 445:445 -d dperson/samba -Will get you the same settings as - - sudo docker run -it --name samba -p 139:139 -p 445:445 -d dperson/samba - sudo docker exec -it samba samba.sh -t EST5EDT ls -AlF /etc/localtime - sudo docker restart samba - ### Start an instance creating users and shares: sudo docker run -it -p 139:139 -p 445:445 -d dperson/samba \ diff --git a/samba.sh b/samba.sh index 3b89d55..f8cdd90 100755 --- a/samba.sh +++ b/samba.sh @@ -51,7 +51,7 @@ global() { local key="${1%%=*}" value="${1#*=}" file=/etc/samba/smb.conf # Return: user(s) added to container import() { local name id file="$1" while read name id; do - useradd "$name" -M -u "$id" + adduser -D -H -u "$id" "$name" done < <(cut -d: -f1,2 --output-delimiter=' ' $file) pdbedit -i smbpasswd:$file } @@ -117,23 +117,6 @@ smb() { local file=/etc/samba/smb.conf sed -i '/min protocol/d' $file } -### timezone: Set the timezone for the container -# Arguments: -# timezone) for example EST5EDT -# Return: the correct zoneinfo file will be symlinked into place -timezone() { local timezone="${1:-EST5EDT}" - [[ -e /usr/share/zoneinfo/$timezone ]] || { - echo "ERROR: invalid timezone specified: $timezone" >&2 - return - } - - if [[ -w /etc/timezone && $(cat /etc/timezone) != $timezone ]]; then - echo "$timezone" >/etc/timezone - ln -sf /usr/share/zoneinfo/$timezone /etc/localtime - dpkg-reconfigure -f noninteractive tzdata >/dev/null 2>&1 - fi -} - ### user: add a user # Arguments: # name) for user @@ -142,8 +125,8 @@ timezone() { local timezone="${1:-EST5EDT}" # group) for user # Return: user added to container user() { local name="${1}" passwd="${2}" id="${3:-""}" group="${4:-""}" - [[ "$group" ]] && { grep -q "^$group:" /etc/group || groupadd "$group"; } - useradd "$name" -M ${id:+-u $id} ${group:+-g $group} + [[ "$group" ]] && { grep -q "^$group:" /etc/group || addgroup "$group"; } + adduser -D -H ${group:+-G $group} ${id:+-u $id} "$name" echo -e "$passwd\n$passwd" | smbpasswd -s -a "$name" } @@ -193,8 +176,6 @@ Options (fields in '[]' are optional, '<>' are required): [users] allowed default:'all' or list of allowed users [admins] allowed default:'none' or list of admin users [writelist] list of users that can write to a RO share - -t \"\" Configure timezone - possible arg: \"[timezone]\" - zoneinfo timezone for container -u \"[;ID;group]\" Add a user required arg: \";\" for user @@ -214,7 +195,7 @@ The 'command' (if provided and valid) will be run instead of samba [[ "${USERID:-""}" =~ ^[0-9]+$ ]] && usermod -u $USERID -o smbuser [[ "${GROUPID:-""}" =~ ^[0-9]+$ ]] && groupmod -g $GROUPID -o smbuser -while getopts ":hc:g:i:nprs:St:u:Ww:" opt; do +while getopts ":hc:g:i:nprs:Su:Ww:" opt; do case "$opt" in h) usage ;; c) charmap "$OPTARG" ;; @@ -223,9 +204,8 @@ while getopts ":hc:g:i:nprs:St:u:Ww:" opt; do n) NMBD="true" ;; p) PERMISSIONS="true" ;; r) recycle ;; - s) eval share $(sed 's/^\|$/"/g; s/;/" "/g' <<< $OPTARG) ;; + s) eval share $(sed 's/^/"/; s/$/"/; s/;/" "/g' <<< $OPTARG) ;; S) smb ;; - t) timezone "$OPTARG" ;; u) eval user $(sed 's|;| |g' <<< $OPTARG) ;; w) workgroup "$OPTARG" ;; W) widelinks ;; @@ -238,7 +218,6 @@ shift $(( OPTIND - 1 )) [[ "${CHARMAP:-""}" ]] && charmap "$CHARMAP" [[ "${PERMISSIONS:-""}" ]] && perms [[ "${RECYCLE:-""}" ]] && recycle -[[ "${TZ:-""}" ]] && timezone "$TZ" [[ "${SMB:-""}" ]] && smb [[ "${WORKGROUP:-""}" ]] && workgroup "$WORKGROUP" [[ "${WIDELINKS:-""}" ]] && widelinks