-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathDockerfile
66 lines (46 loc) · 2.18 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
FROM alpine:3.15 as downloader
ARG rport_version=0.9.0
ARG frontend_build=0.9.0-build-1128
#ARG rportplus=0.1.0
ARG NOVNC_VERSION=1.3.0
RUN apk add unzip
WORKDIR /app/
RUN wget -q https://github.com/cloudradar-monitoring/rport/releases/download/${rport_version}/rportd_${rport_version}_Linux_x86_64.tar.gz -O rportd.tar.gz \
&& tar xzf rportd.tar.gz rportd
RUN wget -q https://downloads.rport.io/frontend/stable/rport-frontend-${frontend_build}.zip -O frontend.zip \
&& unzip frontend.zip -d ./frontend
RUN mkdir /rportplus && wget -q https://github.com/cloudradar-monitoring/rport/releases/download/0.9.0/[email protected]_Linux_x86_64.tar.gz -O rportplus.tar.gz \
&& tar -xzf rportplus.tar.gz -C /rportplus
RUN wget https://github.com/novnc/noVNC/archive/refs/tags/v${NOVNC_VERSION}.zip -O novnc.zip \
&& unzip novnc.zip && mv noVNC-${NOVNC_VERSION} ./novnc
FROM guacamole/guacd:latest
USER root
ARG TZ="UTC"
RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \
echo $TZ > /etc/timezone
RUN export DEBIAN_FRONTEND=noninteractive \
&& apt update \
&& apt upgrade -y \
&& apt install -y --no-install-recommends wget fail2ban iptables supervisor \
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
COPY --from=downloader /app/rportd /usr/local/bin/rportd
COPY --from=downloader /app/frontend/ /var/www/html/
COPY --from=downloader /app/novnc/ /var/lib/rport-novnc
COPY supervisord.conf /etc/supervisor/supervisord.conf
RUN useradd -d /var/lib/rport -m -U -r -s /bin/false rport
RUN touch /var/lib/rport/rport.log && chown rport /var/lib/rport/rport.log
COPY jail.conf /etc/fail2ban/
COPY defaults-debian.conf /etc/fail2ban/jail.d
COPY rportd-client-connect.conf /etc/fail2ban/filter.d/
RUN service fail2ban restart
RUN touch /var/lib/rport/client-auth.json && chown rport /var/lib/rport/client-auth.json
RUN touch /var/lib/rport/api-auth.json && chown rport /var/lib/rport/api-auth.json
RUN touch /var/lib/rport/privkey.pem && chown rport /var/lib/rport/privkey.pem
RUN touch /var/lib/rport/fullchain.pem && chown rport /var/lib/rport/fullchain.pem
USER rport
VOLUME [ "/var/lib/rport/" ]
EXPOSE 8080
EXPOSE 3000
EXPOSE 20000-30000
EXPOSE 4822
CMD ["/usr/bin/supervisord"]