convert to alpine

This commit is contained in:
David Personette 2017-10-20 13:43:12 -04:00
parent 645927cdcb
commit e6db04336b
5 changed files with 36 additions and 101 deletions

View File

@ -1,16 +1,18 @@
FROM debian:stretch FROM alpine
MAINTAINER David Personette <dperson@gmail.com> MAINTAINER David Personette <dperson@gmail.com>
# Install samba # Install samba
RUN export DEBIAN_FRONTEND='noninteractive' && \ RUN apk --no-cache add bash samba shadow && \
apt-get update -qq && \ adduser -D -G users -H -g 'Samba User' -h /tmp smbuser && \
apt-get install -qqy --no-install-recommends procps samba samba-vfs-modules\
$(apt-get -s dist-upgrade|awk '/^Inst.*ecurity/ {print $2}') &&\
useradd -c 'Samba User' -d /tmp -M -r smbuser && \
sed -i 's|^\( log file = \).*|\1/dev/stdout|' /etc/samba/smb.conf && \ sed -i 's|^\( log file = \).*|\1/dev/stdout|' /etc/samba/smb.conf && \
sed -i 's|^\( load printers = \).*|\1no|' /etc/samba/smb.conf && \
sed -i 's|^\( printcap name = \).*|\1/dev/null|' /etc/samba/smb.conf && \
sed -i 's|^;*\( printing = \).*|\1bsd|' /etc/samba/smb.conf && \
sed -i 's|^\( unix password sync = \).*|\1no|' /etc/samba/smb.conf && \ sed -i 's|^\( unix password sync = \).*|\1no|' /etc/samba/smb.conf && \
sed -i '/Share Definitions/,$d' /etc/samba/smb.conf && \ sed -i '/Share Definitions/,$d' /etc/samba/smb.conf && \
echo ' security = user' >>/etc/samba/smb.conf && \ echo ' pam password change = yes' >>/etc/samba/smb.conf && \
echo ' map to guest = bad user' >>/etc/samba/smb.conf && \
echo ' usershare allow guests = yes' >>/etc/samba/smb.conf && \
echo ' create mask = 0664' >>/etc/samba/smb.conf && \ echo ' create mask = 0664' >>/etc/samba/smb.conf && \
echo ' force create mode = 0664' >>/etc/samba/smb.conf && \ echo ' force create mode = 0664' >>/etc/samba/smb.conf && \
echo ' directory mask = 0775' >>/etc/samba/smb.conf && \ echo ' directory mask = 0775' >>/etc/samba/smb.conf && \
@ -29,12 +31,15 @@ RUN export DEBIAN_FRONTEND='noninteractive' && \
echo ' recycle:versions = yes' >>/etc/samba/smb.conf && \ echo ' recycle:versions = yes' >>/etc/samba/smb.conf && \
echo ' min protocol = SMB2' >>/etc/samba/smb.conf && \ echo ' min protocol = SMB2' >>/etc/samba/smb.conf && \
echo '' >>/etc/samba/smb.conf && \ echo '' >>/etc/samba/smb.conf && \
apt-get clean && \ rm -rf /tmp/*
rm -rf /var/lib/apt/lists/* /tmp/*
COPY samba.sh /usr/bin/ COPY samba.sh /usr/bin/
VOLUME ["/etc/samba"] HEALTHCHECK --interval=60s --timeout=15s \
CMD smbclient -L '\\localhost\' -U 'guest%' -m SMB3
EXPOSE 137/udp 138/udp 139 445 EXPOSE 137/udp 138/udp 139 445
VOLUME ["/etc/samba"]
ENTRYPOINT ["samba.sh"] ENTRYPOINT ["samba.sh"]

View File

@ -1,17 +1,19 @@
FROM resin/armv7hf-debian:stretch FROM resin/armhf-alpine
MAINTAINER David Personette <dperson@gmail.com> MAINTAINER David Personette <dperson@gmail.com>
# Install samba # Install samba
RUN ["cross-build-start"] RUN ["cross-build-start"]
RUN export DEBIAN_FRONTEND='noninteractive' && \ RUN apk --no-cache add bash samba shadow && \
apt-get update -qq && \ adduser -D -G users -H -g 'Samba User' -h /tmp smbuser && \
apt-get install -qqy --no-install-recommends procps samba samba-vfs-modules\
$(apt-get -s dist-upgrade|awk '/^Inst.*ecurity/ {print $2}') &&\
useradd -c 'Samba User' -d /tmp -M -r smbuser && \
sed -i 's|^\( log file = \).*|\1/dev/stdout|' /etc/samba/smb.conf && \ sed -i 's|^\( log file = \).*|\1/dev/stdout|' /etc/samba/smb.conf && \
sed -i 's|^\( load printers = \).*|\1no|' /etc/samba/smb.conf && \
sed -i 's|^\( printcap name = \).*|\1/dev/null|' /etc/samba/smb.conf && \
sed -i 's|^;*\( printing = \).*|\1bsd|' /etc/samba/smb.conf && \
sed -i 's|^\( unix password sync = \).*|\1no|' /etc/samba/smb.conf && \ sed -i 's|^\( unix password sync = \).*|\1no|' /etc/samba/smb.conf && \
sed -i '/Share Definitions/,$d' /etc/samba/smb.conf && \ sed -i '/Share Definitions/,$d' /etc/samba/smb.conf && \
echo ' security = user' >>/etc/samba/smb.conf && \ echo ' pam password change = yes' >>/etc/samba/smb.conf && \
echo ' map to guest = bad user' >>/etc/samba/smb.conf && \
echo ' usershare allow guests = yes' >>/etc/samba/smb.conf && \
echo ' create mask = 0664' >>/etc/samba/smb.conf && \ echo ' create mask = 0664' >>/etc/samba/smb.conf && \
echo ' force create mode = 0664' >>/etc/samba/smb.conf && \ echo ' force create mode = 0664' >>/etc/samba/smb.conf && \
echo ' directory mask = 0775' >>/etc/samba/smb.conf && \ echo ' directory mask = 0775' >>/etc/samba/smb.conf && \
@ -30,13 +32,16 @@ RUN export DEBIAN_FRONTEND='noninteractive' && \
echo ' recycle:versions = yes' >>/etc/samba/smb.conf && \ echo ' recycle:versions = yes' >>/etc/samba/smb.conf && \
echo ' min protocol = SMB2' >>/etc/samba/smb.conf && \ echo ' min protocol = SMB2' >>/etc/samba/smb.conf && \
echo '' >>/etc/samba/smb.conf && \ echo '' >>/etc/samba/smb.conf && \
apt-get clean && \ rm -rf /tmp/*
rm -rf /var/lib/apt/lists/* /tmp/*
RUN ["cross-build-end"] RUN ["cross-build-end"]
COPY samba.sh /usr/bin/ COPY samba.sh /usr/bin/
VOLUME ["/etc/samba"] HEALTHCHECK --interval=60s --timeout=15s \
CMD smbclient -L '\\localhost\' -U 'guest%' -m SMB3
EXPOSE 137/udp 138/udp 139 445 EXPOSE 137/udp 138/udp 139 445
VOLUME ["/etc/samba"]
ENTRYPOINT ["samba.sh"] ENTRYPOINT ["samba.sh"]

View File

@ -1,42 +0,0 @@
FROM resin/raspberry-pi-debian:stretch
MAINTAINER David Personette <dperson@gmail.com>
# Install samba
RUN ["cross-build-start"]
RUN export DEBIAN_FRONTEND='noninteractive' && \
apt-get update -qq && \
apt-get install -qqy --no-install-recommends procps samba samba-vfs-modules\
$(apt-get -s dist-upgrade|awk '/^Inst.*ecurity/ {print $2}') &&\
useradd -c 'Samba User' -d /tmp -M -r smbuser && \
sed -i 's|^\( log file = \).*|\1/dev/stdout|' /etc/samba/smb.conf && \
sed -i 's|^\( unix password sync = \).*|\1no|' /etc/samba/smb.conf && \
sed -i '/Share Definitions/,$d' /etc/samba/smb.conf && \
echo ' security = user' >>/etc/samba/smb.conf && \
echo ' create mask = 0664' >>/etc/samba/smb.conf && \
echo ' force create mode = 0664' >>/etc/samba/smb.conf && \
echo ' directory mask = 0775' >>/etc/samba/smb.conf && \
echo ' force directory mode = 0775' >>/etc/samba/smb.conf && \
echo ' force user = smbuser' >>/etc/samba/smb.conf && \
echo ' force group = users' >>/etc/samba/smb.conf && \
echo ' follow symlinks = yes' >>/etc/samba/smb.conf && \
echo ' load printers = no' >>/etc/samba/smb.conf && \
echo ' printing = bsd' >>/etc/samba/smb.conf && \
echo ' printcap name = /dev/null' >>/etc/samba/smb.conf && \
echo ' disable spoolss = yes' >>/etc/samba/smb.conf && \
echo ' socket options = TCP_NODELAY' >>/etc/samba/smb.conf && \
echo ' strict locking = no' >>/etc/samba/smb.conf && \
echo ' vfs objects = recycle' >>/etc/samba/smb.conf && \
echo ' recycle:keeptree = yes' >>/etc/samba/smb.conf && \
echo ' recycle:versions = yes' >>/etc/samba/smb.conf && \
echo ' min protocol = SMB2' >>/etc/samba/smb.conf && \
echo '' >>/etc/samba/smb.conf && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* /tmp/*
RUN ["cross-build-end"]
COPY samba.sh /usr/bin/
VOLUME ["/etc/samba"]
EXPOSE 137/udp 138/udp 139 445
ENTRYPOINT ["samba.sh"]

View File

@ -51,8 +51,6 @@ OR set local storage:
[users] allowed default:'all' or list of allowed users [users] allowed default:'all' or list of allowed users
[admins] allowed default:'none' or list of admin users [admins] allowed default:'none' or list of admin users
[writelist] list of users that can write to a RO share [writelist] list of users that can write to a RO share
-t "" Configure timezone
possible arg: "[timezone]" - zoneinfo timezone for container
-u "<username;password>[;ID;group]" Add a user -u "<username;password>[;ID;group]" Add a user
required arg: "<username>;<passwd>" required arg: "<username>;<passwd>"
<username> for user <username> for user
@ -71,7 +69,7 @@ ENVIRONMENT VARIABLES (only available with `docker run`)
* `CHARMAP` - As above, configure character mapping * `CHARMAP` - As above, configure character mapping
* `NMBD` - As above, enable nmbd * `NMBD` - As above, enable nmbd
* `SMB` - As above, disable SMB2 minimum version * `SMB` - As above, disable SMB2 minimum version
* `TZ` - As above, set a zoneinfo timezone, IE `EST5EDT` * `TZ` - Set a timezone, IE `EST5EDT`
* `WIDELINKS` - As above, allow access wide symbolic links * `WIDELINKS` - As above, allow access wide symbolic links
* `WORKGROUP` - As above, set workgroup * `WORKGROUP` - As above, set workgroup
* `USERID` - Set the UID for the samba server * `USERID` - Set the UID for the samba server
@ -87,18 +85,8 @@ Any of the commands can be run at creation with `docker run` or later with
### Setting the Timezone ### Setting the Timezone
sudo docker run -it -p 139:139 -p 445:445 -d dperson/samba -t EST5EDT
OR using `environment variables`
sudo docker run -it -e TZ=EST5EDT -p 139:139 -p 445:445 -d dperson/samba sudo docker run -it -e TZ=EST5EDT -p 139:139 -p 445:445 -d dperson/samba
Will get you the same settings as
sudo docker run -it --name samba -p 139:139 -p 445:445 -d dperson/samba
sudo docker exec -it samba samba.sh -t EST5EDT ls -AlF /etc/localtime
sudo docker restart samba
### Start an instance creating users and shares: ### Start an instance creating users and shares:
sudo docker run -it -p 139:139 -p 445:445 -d dperson/samba \ sudo docker run -it -p 139:139 -p 445:445 -d dperson/samba \

View File

@ -51,7 +51,7 @@ global() { local key="${1%%=*}" value="${1#*=}" file=/etc/samba/smb.conf
# Return: user(s) added to container # Return: user(s) added to container
import() { local name id file="$1" import() { local name id file="$1"
while read name id; do while read name id; do
useradd "$name" -M -u "$id" adduser -D -H -u "$id" "$name"
done < <(cut -d: -f1,2 --output-delimiter=' ' $file) done < <(cut -d: -f1,2 --output-delimiter=' ' $file)
pdbedit -i smbpasswd:$file pdbedit -i smbpasswd:$file
} }
@ -117,23 +117,6 @@ smb() { local file=/etc/samba/smb.conf
sed -i '/min protocol/d' $file sed -i '/min protocol/d' $file
} }
### timezone: Set the timezone for the container
# Arguments:
# timezone) for example EST5EDT
# Return: the correct zoneinfo file will be symlinked into place
timezone() { local timezone="${1:-EST5EDT}"
[[ -e /usr/share/zoneinfo/$timezone ]] || {
echo "ERROR: invalid timezone specified: $timezone" >&2
return
}
if [[ -w /etc/timezone && $(cat /etc/timezone) != $timezone ]]; then
echo "$timezone" >/etc/timezone
ln -sf /usr/share/zoneinfo/$timezone /etc/localtime
dpkg-reconfigure -f noninteractive tzdata >/dev/null 2>&1
fi
}
### user: add a user ### user: add a user
# Arguments: # Arguments:
# name) for user # name) for user
@ -142,8 +125,8 @@ timezone() { local timezone="${1:-EST5EDT}"
# group) for user # group) for user
# Return: user added to container # Return: user added to container
user() { local name="${1}" passwd="${2}" id="${3:-""}" group="${4:-""}" user() { local name="${1}" passwd="${2}" id="${3:-""}" group="${4:-""}"
[[ "$group" ]] && { grep -q "^$group:" /etc/group || groupadd "$group"; } [[ "$group" ]] && { grep -q "^$group:" /etc/group || addgroup "$group"; }
useradd "$name" -M ${id:+-u $id} ${group:+-g $group} adduser -D -H ${group:+-G $group} ${id:+-u $id} "$name"
echo -e "$passwd\n$passwd" | smbpasswd -s -a "$name" echo -e "$passwd\n$passwd" | smbpasswd -s -a "$name"
} }
@ -193,8 +176,6 @@ Options (fields in '[]' are optional, '<>' are required):
[users] allowed default:'all' or list of allowed users [users] allowed default:'all' or list of allowed users
[admins] allowed default:'none' or list of admin users [admins] allowed default:'none' or list of admin users
[writelist] list of users that can write to a RO share [writelist] list of users that can write to a RO share
-t \"\" Configure timezone
possible arg: \"[timezone]\" - zoneinfo timezone for container
-u \"<username;password>[;ID;group]\" Add a user -u \"<username;password>[;ID;group]\" Add a user
required arg: \"<username>;<passwd>\" required arg: \"<username>;<passwd>\"
<username> for user <username> for user
@ -214,7 +195,7 @@ The 'command' (if provided and valid) will be run instead of samba
[[ "${USERID:-""}" =~ ^[0-9]+$ ]] && usermod -u $USERID -o smbuser [[ "${USERID:-""}" =~ ^[0-9]+$ ]] && usermod -u $USERID -o smbuser
[[ "${GROUPID:-""}" =~ ^[0-9]+$ ]] && groupmod -g $GROUPID -o smbuser [[ "${GROUPID:-""}" =~ ^[0-9]+$ ]] && groupmod -g $GROUPID -o smbuser
while getopts ":hc:g:i:nprs:St:u:Ww:" opt; do while getopts ":hc:g:i:nprs:Su:Ww:" opt; do
case "$opt" in case "$opt" in
h) usage ;; h) usage ;;
c) charmap "$OPTARG" ;; c) charmap "$OPTARG" ;;
@ -223,9 +204,8 @@ while getopts ":hc:g:i:nprs:St:u:Ww:" opt; do
n) NMBD="true" ;; n) NMBD="true" ;;
p) PERMISSIONS="true" ;; p) PERMISSIONS="true" ;;
r) recycle ;; r) recycle ;;
s) eval share $(sed 's/^\|$/"/g; s/;/" "/g' <<< $OPTARG) ;; s) eval share $(sed 's/^/"/; s/$/"/; s/;/" "/g' <<< $OPTARG) ;;
S) smb ;; S) smb ;;
t) timezone "$OPTARG" ;;
u) eval user $(sed 's|;| |g' <<< $OPTARG) ;; u) eval user $(sed 's|;| |g' <<< $OPTARG) ;;
w) workgroup "$OPTARG" ;; w) workgroup "$OPTARG" ;;
W) widelinks ;; W) widelinks ;;
@ -238,7 +218,6 @@ shift $(( OPTIND - 1 ))
[[ "${CHARMAP:-""}" ]] && charmap "$CHARMAP" [[ "${CHARMAP:-""}" ]] && charmap "$CHARMAP"
[[ "${PERMISSIONS:-""}" ]] && perms [[ "${PERMISSIONS:-""}" ]] && perms
[[ "${RECYCLE:-""}" ]] && recycle [[ "${RECYCLE:-""}" ]] && recycle
[[ "${TZ:-""}" ]] && timezone "$TZ"
[[ "${SMB:-""}" ]] && smb [[ "${SMB:-""}" ]] && smb
[[ "${WORKGROUP:-""}" ]] && workgroup "$WORKGROUP" [[ "${WORKGROUP:-""}" ]] && workgroup "$WORKGROUP"
[[ "${WIDELINKS:-""}" ]] && widelinks [[ "${WIDELINKS:-""}" ]] && widelinks