-
Notifications
You must be signed in to change notification settings - Fork 3
/
Dockerfile.rootfs-builder.in
77 lines (66 loc) · 2.29 KB
/
Dockerfile.rootfs-builder.in
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
# Pull latest Droidian base image for flavour %(tag)s
ARG ARCH=
FROM quay.io/droidian/base:%(tag)s-%(arch)s
# Copy relevant repositories and keyrings
# Note: .dummy files used to keep the directory hierarchy in git are
# copied too, see moby/moby#26332
COPY repositories/%(tag)s/all/* /etc/apt/sources.list.d/
COPY repositories/%(tag)s/%(arch)s/* /etc/apt/sources.list.d/
# Copy apt preferences
COPY preferences/%(tag)s/* /etc/apt/preferences.d/
COPY keyrings/all/* /etc/apt/droidian-gpg.d/
COPY keyrings/%(arch)s/* /etc/apt/droidian-gpg.d/
COPY common/apt.conf.d/* /etc/apt/apt.conf.d/
# Update and install
RUN \
apt-get update && \
apt-get install -y \
init \
systemd-sysv \
debos \
dpkg-dev \
parted \
dosfstools \
udev \
bmap-tools \
rsync \
zip \
lvm2 \
qemu-user-static \
binfmt-support \
android-sdk-libsparse-utils \
python3-yaml \
systemd-container
# Workaround binfmt bug on latest qemu
RUN \
for x in /usr/lib/binfmt.d/qemu-*; do \
/bin/bash -c "[[ ${x} == *.conf ]]" || mv ${x} ${x}.conf; \
done; \
update-binfmts --enable
# Systemd configuration:
# Credits to Alexander Haase <[email protected]>
#
# https://github.com/alehaa/docker-debian-systemd
# Configure systemd.
#
# For running systemd inside a Docker container, some additional tweaks are
# required. Some of them have already been applied above.
#
# The 'container' environment variable tells systemd that it's running inside a
# Docker container environment.
ENV container docker
# A different stop signal is required, so systemd will initiate a shutdown when
# running 'docker stop <container>'.
STOPSIGNAL SIGRTMIN+3
# The host's cgroup filesystem need's to be mounted (read-only) in the
# container. '/run', '/run/lock' and '/tmp' need to be tmpfs filesystems when
# running the container without 'CAP_SYS_ADMIN'.
#
# NOTE: For running Debian stretch, 'CAP_SYS_ADMIN' still needs to be added, as
# stretch's version of systemd is not recent enough. Buster will run just
# fine without 'CAP_SYS_ADMIN'.
VOLUME [ "/sys/fs/cgroup", "/run", "/run/lock", "/tmp" ]
# As this image should run systemd, the default command will be changed to start
# the init system. CMD will be preferred in favor of ENTRYPOINT, so one may
# override it when creating the container to e.g. to run a bash console instead.
CMD [ "/sbin/init" ]