From 772f3fff616044a32621dc5aedf5219c89c27d71 Mon Sep 17 00:00:00 2001 From: William Petit Date: Wed, 13 Mar 2024 10:42:53 +0100 Subject: [PATCH] feat: openwrt docker recipe --- Makefile | 2 ++ .../99-emissary-common-uci-custom.sh | 7 +++++++ misc/docker/Dockerfile | 21 +++++++++++++++++++ targets/docker.mk | 21 +++++++++++++++++++ 4 files changed, 51 insertions(+) create mode 100644 misc/docker/Dockerfile create mode 100644 targets/docker.mk diff --git a/Makefile b/Makefile index 4d84de0..c80bd45 100644 --- a/Makefile +++ b/Makefile @@ -87,6 +87,8 @@ $(IMAGEBUILDER_CUSTOM_FILES_DIR_PATH): cp -rf files/* $(IMAGEBUILDER_CUSTOM_FILES_DIR_PATH)/ +custom-files: $(IMAGEBUILDER_CUSTOM_FILES_DIR_PATH) + flash: OPENWRT_DEVICE=$(OPENWRT_DEVICE) OPENWRT_PROFILE=$(OPENWRT_PROFILE) OPENWRT_VERSION=$(OPENWRT_VERSION) misc/script/flash.sh diff --git a/misc/common/uci-defaults/99-emissary-common-uci-custom.sh b/misc/common/uci-defaults/99-emissary-common-uci-custom.sh index ab96e76..10307de 100644 --- a/misc/common/uci-defaults/99-emissary-common-uci-custom.sh +++ b/misc/common/uci-defaults/99-emissary-common-uci-custom.sh @@ -25,6 +25,13 @@ main() { uci set firewall.@rule[-1].dest_port='443' uci set firewall.@rule[-1].target='ACCEPT' + uci add firewall rule + uci set firewall.@rule[-1].name='Allow 42521 on WAN' + uci set firewall.@rule[-1].src='wan' + uci set firewall.@rule[-1].proto='tcp' + uci set firewall.@rule[-1].dest_port='42521' + uci set firewall.@rule[-1].target='ACCEPT' + uci commit firewall # Disable DNS-rebind protection diff --git a/misc/docker/Dockerfile b/misc/docker/Dockerfile new file mode 100644 index 0000000..e2de680 --- /dev/null +++ b/misc/docker/Dockerfile @@ -0,0 +1,21 @@ +ARG OPENWRT_VERSION= +ARG CUSTOM_FILES= +ARG ADDITIONAL_OPENWRT_PACKAGES= + +FROM reg.cadoles.com/proxy_cache/openwrt/rootfs:x86-64-${OPENWRT_VERSION} + +COPY files/ / +COPY misc/x86/uci/ /etc/config/ +COPY misc/x86/uci-defaults/ /etc/uci-defaults/ + +RUN mkdir -p /var/lock \ + && mkdir -p /var/run \ + && opkg update \ + && opkg install dmidecode ${ADDITIONAL_OPENWRT_PACKAGES} \ + && rm /var/opkg-lists/* \ + && /etc/init.d/emissary-agent enable + +STOPSIGNAL SIGKILL + +CMD ["/sbin/init"] + diff --git a/targets/docker.mk b/targets/docker.mk new file mode 100644 index 0000000..1d7a3e3 --- /dev/null +++ b/targets/docker.mk @@ -0,0 +1,21 @@ +DOCKER_REPOSITORY ?= reg.cadoles.com/cadoles +DOCKER_CMD ?= + +all: docker + +docker: + $(MAKE) OPENWRT_TARGET="docker" EMISSARY_ARCH="amd64" custom-files + docker build \ + --build-arg OPENWRT_VERSION=$(OPENWRT_VERSION) \ + --build-arg ADDITIONAL_OPENWRT_PACKAGES=$(ADDITIONAL_OPENWRT_PACKAGES) \ + -t $(DOCKER_REPOSITORY)/emissary-agent:latest \ + -f misc/docker/Dockerfile \ + . + +run-docker: + docker run \ + -it --rm \ + --name emissary-agent \ + -p 42521:42521 \ + $(DOCKER_REPOSITORY)/emissary-agent:latest \ + $(DOCKER_CMD) \ No newline at end of file