-
Notifications
You must be signed in to change notification settings - Fork 4
/
Copy pathDockerfile
85 lines (74 loc) · 3.51 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
FROM alpine
ARG webmin_version=1.890
RUN apk update && \
apk add --no-cache ca-certificates openssl perl perl-net-ssleay expect && \
mkdir /opt && \
cd /opt && \
wget -q -O - "https://prdownloads.sourceforge.net/webadmin/webmin-$webmin_version.tar.gz" | tar xz && \
ln -sf /opt/webmin-$webmin_version /opt/webmin && \
# Install samba
apk --no-cache --no-progress upgrade && \
apk --no-cache --no-progress add bash samba shadow tini && \
adduser -D -G users -H -S -g 'Samba User' -h /tmp smbuser && \
file="/etc/samba/smb.conf" && \
sed -i 's|^;* *\(log file = \).*| \1/dev/stdout|' $file && \
sed -i 's|^;* *\(load printers = \).*| \1no|' $file && \
sed -i 's|^;* *\(printcap name = \).*| \1/dev/null|' $file && \
sed -i 's|^;* *\(printing = \).*| \1bsd|' $file && \
sed -i 's|^;* *\(unix password sync = \).*| \1no|' $file && \
sed -i 's|^;* *\(preserve case = \).*| \1yes|' $file && \
sed -i 's|^;* *\(short preserve case = \).*| \1yes|' $file && \
sed -i 's|^;* *\(default case = \).*| \1lower|' $file && \
sed -i '/Share Definitions/,$d' $file && \
echo ' pam password change = yes' >>$file && \
echo ' map to guest = bad user' >>$file && \
echo ' usershare allow guests = yes' >>$file && \
echo ' create mask = 0664' >>$file && \
echo ' force create mode = 0664' >>$file && \
echo ' directory mask = 0775' >>$file && \
echo ' force directory mode = 0775' >>$file && \
echo ' force user = smbuser' >>$file && \
echo ' force group = users' >>$file && \
echo ' follow symlinks = yes' >>$file && \
echo ' load printers = no' >>$file && \
echo ' printing = bsd' >>$file && \
echo ' printcap name = /dev/null' >>$file && \
echo ' disable spoolss = yes' >>$file && \
echo ' socket options = TCP_NODELAY' >>$file && \
echo ' strict locking = no' >>$file && \
echo ' vfs objects = acl_xattr catia fruit recycle streams_xattr' \
>>$file && \
echo ' recycle:keeptree = yes' >>$file && \
echo ' recycle:versions = yes' >>$file && \
echo '' >>$file && \
echo ' # Security' >>$file && \
echo ' client ipc max protocol = default' >>$file && \
echo ' client max protocol = default' >>$file && \
echo ' server max protocol = SMB3' >>$file && \
echo ' client ipc min protocol = default' >>$file && \
echo ' client min protocol = CORE' >>$file && \
echo ' server min protocol = SMB2' >>$file && \
echo '' >>$file && \
echo ' # Time Machine' >>$file && \
echo ' durable handles = yes' >>$file && \
echo ' kernel oplocks = no' >>$file && \
echo ' kernel share modes = no' >>$file && \
echo ' posix locking = no' >>$file && \
echo ' fruit:aapl = yes' >>$file && \
echo ' fruit:advertise_fullsync = true' >>$file && \
echo ' fruit:time machine = yes' >>$file && \
echo ' smb2 leases = yes' >>$file && \
echo '' >>$file && \
rm -rf /tmp/*
WORKDIR /opt/webmin
COPY conf/setup.exp samba.sh /usr/bin/
EXPOSE 137/udp 138/udp 139 445 10000
HEALTHCHECK --interval=60s --timeout=15s \
CMD smbclient -L '\\localhost' -U '%' -m SMB3
RUN /usr/bin/expect /usr/bin/setup.exp && \
rm /usr/bin/setup.exp && \
chmod 665 /usr/bin/samba.sh && \
apk del expect
VOLUME ["/etc/webmin" , "/var/webmin" , "/etc/samba"]
CMD ["/etc/webmin/start", "--nofork"]
ENTRYPOINT ["/sbin/tini", "--", "/usr/bin/samba.sh"]