-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
82 lines (63 loc) · 2.23 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
FROM golang:1.22-bullseye as permset
WORKDIR /src
RUN git clone https://github.com/jacobalberty/permset.git /src && \
mkdir -p /out && \
go build -ldflags "-X main.chownDir=/unifi" -o /out/permset
FROM ubuntu:22.04 AS base
# arm64-specific stage
FROM base AS build-arm64
COPY docker-build-arm64.sh /usr/local/bin/docker-build.sh
# amd64-specific stage
FROM base AS build-amd64
COPY docker-build-amd64.sh /usr/local/bin/docker-build.sh
FROM build-${TARGETARCH} AS build
ARG DEBIAN_FRONTEND=noninteractive
ARG PKGURL=https://dl.ui.com/unifi/9.0.108-u598f2io2a/unifi_sysvinit_all.deb
ENV BASEDIR=/usr/lib/unifi \
DATADIR=/unifi/data \
LOGDIR=/unifi/log \
CERTDIR=/unifi/cert \
RUNDIR=/unifi/run \
ORUNDIR=/var/run/unifi \
ODATADIR=/var/lib/unifi \
OLOGDIR=/var/log/unifi \
CERTNAME=cert.pem \
CERT_PRIVATE_NAME=privkey.pem \
CERT_IS_CHAIN=false \
GOSU_VERSION=1.10 \
BIND_PRIV=true \
RUNAS_UID0=true \
UNIFI_GID=999 \
UNIFI_UID=999
RUN set -eux; \
apt-get update; \
apt-get install -y gosu; \
rm -rf /var/lib/apt/lists/*
RUN mkdir -p /usr/unifi \
/usr/local/unifi/init.d \
/usr/unifi/init.d \
/usr/local/docker
COPY docker-entrypoint.sh /usr/local/bin/
COPY docker-healthcheck.sh /usr/local/bin/
COPY functions /usr/unifi/functions
COPY import_cert /usr/unifi/init.d/
RUN chmod +x /usr/local/bin/docker-entrypoint.sh \
&& chmod +x /usr/unifi/init.d/import_cert \
&& chmod +x /usr/local/bin/docker-healthcheck.sh \
&& chmod +x /usr/local/bin/docker-build.sh
RUN set -ex \
&& mkdir -p /usr/share/man/man1/ \
&& groupadd -r unifi -g $UNIFI_GID \
&& useradd --no-log-init -r -u $UNIFI_UID -g $UNIFI_GID unifi \
&& /usr/local/bin/docker-build.sh "${PKGURL}"
COPY --from=permset /out/permset /usr/local/bin/permset
RUN chown 0.0 /usr/local/bin/permset && \
chmod +s /usr/local/bin/permset
RUN mkdir -p /unifi && chown unifi:unifi -R /unifi
VOLUME ["/unifi", "${RUNDIR}"]
EXPOSE 6789/tcp 8080/tcp 8443/tcp 8880/tcp 8843/tcp 3478/udp 10001/udp
WORKDIR /unifi
HEALTHCHECK --start-period=5m CMD /usr/local/bin/docker-healthcheck.sh || exit 1
# execute controller using JSVC like original debian package does
ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
CMD ["unifi"]