61 lines
1.7 KiB
Docker
61 lines
1.7 KiB
Docker
FROM python:3.13.1-bookworm
|
|
|
|
# lese secrets von pipeline ein
|
|
RUN --mount=type=secret,id=GITUSERPW \
|
|
--mount=type=secret,id=GITUSER \
|
|
export GITUSERPW=$(cat /run/secrets/GITUSERPW) && \
|
|
export GITUSER=$(cat /run/secrets/GITUSER)
|
|
|
|
ENV DEBIAN_FRONTEND=noninteractive
|
|
# nötig damit die ansible-tools gefunden werden
|
|
ENV PATH="$PATH:/home/ansible-dev/.local/bin"
|
|
|
|
# hadolint ignore=DL3008
|
|
RUN apt-get update \
|
|
&& apt-get -y --no-install-recommends install \
|
|
vim \
|
|
keychain \
|
|
tmux \
|
|
htop \
|
|
git \
|
|
dnsutils \
|
|
mc \
|
|
ca-certificates \
|
|
tree \
|
|
wget \
|
|
curl \
|
|
whois \
|
|
net-tools \
|
|
apt-transport-https \
|
|
moreutils \
|
|
acl \
|
|
ripgrep \
|
|
pwgen \
|
|
bc \
|
|
jq \
|
|
sudo \
|
|
sshpass \
|
|
shellcheck \
|
|
&& rm -rf /var/lib/apt/lists/* /var/tmp/* /tmp/* requirements.txt requirements.yaml \
|
|
&& apt-get clean
|
|
|
|
# Update the package list, install sudo, create a non-root user, and grant password-less sudo permissions
|
|
# https://dev.to/izackv/running-a-docker-container-with-a-custom-non-root-user-syncing-host-and-container-permissions-26mb
|
|
# hadolint ignore=DL3008
|
|
RUN addgroup --gid 1000 ansible-dev && \
|
|
adduser --uid 1000 --gid 1000 --disabled-password --gecos "" ansible-dev && \
|
|
echo 'ansible-dev ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers
|
|
|
|
# Set the non-root user as the default user
|
|
USER ansible-dev
|
|
|
|
WORKDIR /home/ansible-dev/
|
|
|
|
RUN echo https://$GITUSER:$GITUSERPW@git.mgrote.net/mg/dotfiles ~/dotfiles
|
|
|
|
# dotfiles, see: https://git.mgrote.net/mg/dotfiles/raw/branch/master/scripts/setup_minimal.sh
|
|
# hadolint ignore=DL3001,SC1083
|
|
RUN git clone https://$GITUSER:$GITUSERPW@git.mgrote.net/mg/dotfiles ~/dotfiles
|
|
|
|
COPY --chown=ansible-dev:ansible-dev start_tmux.sh .
|
|
ENTRYPOINT []
|