-
-
Notifications
You must be signed in to change notification settings - Fork 419
/
Dockerfile
81 lines (68 loc) · 1.76 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
FROM bitnami/minideb:bullseye as build
RUN install_packages \
curl \
ca-certificates \
git \
autoconf \
automake \
g++ \
protobuf-compiler \
zlib1g-dev \
libncurses5-dev \
libssl-dev \
pkg-config \
libprotobuf-dev \
make \
bzip2
# Helper scripts
WORKDIR /build
ADD .git .git
ADD .github .github
ADD scripts scripts
ADD ctl.sh .
# Install Golang and Browsh
ENV GOROOT=/go
ENV GOPATH=/go-home
ENV PATH=$GOROOT/bin:$GOPATH/bin:$PATH
ENV BASE=$GOPATH/src/browsh/interfacer
ADD interfacer $BASE
WORKDIR $BASE
RUN /build/ctl.sh install_golang $BASE
RUN /build/ctl.sh build_browsh_binary $BASE
###########################
# Actual final Docker image
###########################
FROM bitnami/minideb:bullseye
ENV HOME=/app
WORKDIR $HOME
COPY --from=build /go-home/src/browsh/interfacer/browsh /app/bin/browsh
RUN install_packages \
xvfb \
libgtk-3-0 \
curl \
ca-certificates \
libdbus-glib-1-2 \
procps \
libasound2 \
libxtst6 \
firefox-esr
# Block ads, etc. This includes porn just because this image is also used on the
# public SSH demo: `ssh brow.sh`.
RUN curl \
-o /etc/hosts \
https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling-porn-social/hosts
# Don't use root
RUN useradd -m user --home /app
RUN chown user:user /app
USER user
ENV PATH="${HOME}/bin:${HOME}/bin/firefox:${PATH}"
# Firefox behaves quite differently to normal on its first run, so by getting
# that over and done with here when there's no user to be dissapointed means
# that all future runs will be consistent.
RUN TERM=xterm script \
--return \
-c "/app/bin/browsh" \
/dev/null \
>/dev/null & \
sleep 10
ENTRYPOINT ["/app/bin/browsh"]