-
Notifications
You must be signed in to change notification settings - Fork 3
/
Dockerfile
175 lines (156 loc) · 5.06 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
FROM alpine:3.17.1 as builder
ENV POWERDNS_VER=4.7.3
RUN set -eux; \
apk add --no-cache \
build-base \
\
boost-dev curl curl-dev geoip-dev krb5-dev openssl-dev \
libsodium-dev lua-dev mariadb-connector-c-dev \
protobuf-dev yaml-cpp-dev zeromq-dev mariadb-dev luajit-dev \
libmaxminddb-dev
RUN set -eux; \
mkdir -p build; \
cd build; \
wget "https://downloads.powerdns.com/releases/pdns-${POWERDNS_VER}.tar.bz2"; \
tar -jxf "pdns-${POWERDNS_VER}.tar.bz2"
RUN set -eux; \
cd build; \
cd "pdns-${POWERDNS_VER}"; \
export CFLAGS="-march=x86-64 -mtune=generic -Os -pipe -fno-plt -fexceptions -Wp,-D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -fstack-clash-protection -fcf-protection -flto=auto"; \
export CXXFLAGS="-Wp,-D_GLIBCXX_ASSERTIONS"; \
export LDFLAGS="-Wl,-Os,--sort-common,--as-needed,-z,relro,-z,now -flto=auto"; \
\
./configure \
--prefix=/usr \
--sysconfdir="/etc/powerdns" \
--sbindir=/usr/sbin \
--mandir=/usr/share/man \
--infodir=/usr/share/info \
--localstatedir=/var \
--libdir="/usr/lib/powerdns" \
--disable-static \
--with-modules="" \
--with-dynmodules="bind geoip gmysql lua2 pipe remote" \
--with-libsodium \
--enable-tools \
--enable-ixfrdist \
--enable-dns-over-tls \
--disable-dependency-tracking \
--disable-silent-rules \
--enable-reproducible \
--enable-unit-tests \
--with-service-user=powerdns \
--with-service-group=powerdns \
--enable-remotebackend-zeromq; \
make V=1 -j$(nproc) -l8 CFLAGS="$CFLAGS" CXXFLAGS="$CXXFLAGS" LDFLAGS="$LDFLAGS"; \
\
pkgdir=/build/powerdns-root; \
make DESTDIR="$pkgdir" install; \
\
mv "$pkgdir"/etc/powerdns/pdns.conf-dist "$pkgdir"/etc/powerdns/pdns.conf; \
mv "$pkgdir"/etc/powerdns/ixfrdist.example.yml "$pkgdir"/usr/share/doc/pdns/; \
find "$pkgdir" -type f -name "*.a" -o -name "*.la" | xargs rm -fv; \
rm -rfv \
"$pkgdir"/usr/include \
"$pkgdir"/usr/share/man
RUN set -eux; \
cd build/powerdns-root; \
scanelf --recursive --nobanner --osabi --etype "ET_DYN,ET_EXEC" . | awk '{print $3}' | xargs \
strip \
--remove-section=.comment \
--remove-section=.note \
-R .gnu.lto_* -R .gnu.debuglto_* \
-N __gnu_lto_slim -N __gnu_lto_v1 \
--strip-unneeded
FROM alpine:3.17.1
ENV POWERADMIN_VER=3.4.2
ENV TZ=Europe/Moscow
ENV LANG ru_RU.UTF-8
ENV LANGUAGE ru_RU.UTF-8
ENV LC_ALL ru_RU.UTF-8
ENV MUSL_LOCPATH /usr/share/i18n/locales/musl
RUN set -eux; \
apk add --no-cache \
boost-libs \
geoip \
libcurl \
libmaxminddb-libs \
luajit \
mariadb-client \
mariadb-connector-c \
yaml-cpp \
zeromq \
openssl \
\
pwgen \
supervisor \
nginx \
php81 \
php81-fpm \
php81-intl \
php81-iconv \
php81-mysqlnd \
php81-pdo \
php81-pdo_mysql \
php81-gettext \
php81-openssl \
php81-session \
php81-tokenizer \
php81-mbstring \
php81-xml \
\
composer musl musl-utils musl-locales tzdata patch bind-tools; \
rm -f /var/cache/apk/*
RUN set -eux; \
mkdir -p /var/www/html; \
cd /var/www/html; \
wget https://github.com/poweradmin/poweradmin/archive/refs/tags/v${POWERADMIN_VER}.tar.gz; \
tar -xf v${POWERADMIN_VER}.tar.gz && rm -f v${POWERADMIN_VER}.tar.gz; \
mv poweradmin-${POWERADMIN_VER} poweradmin; \
rm -rf /var/www/html/poweradmin/install/
COPY --from=builder /build/powerdns-root /
COPY supervisor /etc/supervisor
COPY powerdns /etc/powerdns
COPY entrypoint /usr/bin
COPY nginx /etc/nginx
COPY php81 /etc/php81
COPY poweradmin /var/www/html/poweradmin/inc
COPY sql /sql
RUN set -eux; \
addgroup -S powerdns 2>/dev/null; \
adduser -S -D -h /var/lib/powerdns -s /sbin/nologin -G powerdns -g powerdns powerdns 2>/dev/null; \
cp /usr/share/zoneinfo/${TZ} /etc/localtime; \
chmod +x /usr/bin/entrypoint; \
mkdir -p /run/powerdns; \
chmod 0750 /etc/powerdns; \
chmod 0640 /etc/powerdns/pdns.conf; \
chmod 0755 /run/powerdns; \
chown -R root:powerdns /etc/powerdns; \
chown -R nginx:nginx /var/www/html; \
chown -R powerdns:powerdns /run/powerdns
#bug source correction
RUN set -eux; \
sed -i "s!latin1!utf8mb4!g" /sql/pdns_schema.sql; \
sed -i "s!latin1!utf8mb4!g" /sql/poweradmin.sql; \
# ERROR 1074 (42000) Column length too big (max = 21844); use BLOB or TEXT instead
sed -i "s!VARCHAR(64000) DEFAULT NULL!TEXT(64000) DEFAULT NULL!g" /sql/pdns_schema.sql; \
# BUGs Undefined constant id,error
patch /var/www/html/poweradmin/dnssec_add_key.php /var/www/html/poweradmin/inc/dnssec_add_key.diff; \
patch /var/www/html/poweradmin/dnssec_edit_key.php /var/www/html/poweradmin/inc/dnssec_edit_key.diff; \
rm -r /var/www/html/poweradmin/inc/dnssec_add_key.diff /var/www/html/poweradmin/inc/dnssec_edit_key.diff
#clear source
RUN set -eux; \
rm -rf /var/www/html/poweradmin/.git; \
rm -rf /var/www/html/poweradmin/migrations; \
rm -rf /var/www/html/poweradmin/sql; \
rm -rf /var/www/html/poweradmin/tests; \
rm -rf /var/www/html/poweradmin/vagrant; \
rm -r /var/www/html/poweradmin/.gitignore; \
rm -r /var/www/html/poweradmin/README.md; \
rm -r /var/www/html/poweradmin/VAGRANT.md; \
rm -r /var/www/html/poweradmin/Vagrantfile; \
rm -r /var/www/html/poweradmin/Dockerfile
EXPOSE 53
EXPOSE 53/UDP
ENTRYPOINT [ "entrypoint" ]
CMD ["/usr/bin/supervisord", "-n", "-c", "/etc/supervisor/supervisord.conf"]