alpine is fixed !!!! 🎉

2025-10-29 14:59:04 -04:00 · 2025-10-29 14:59:04 -04:00 · 666aee5fa4
commit 666aee5fa4
parent 93b13af8ab
2 changed files with 185 additions and 0 deletions
--- a/27
+++ b/27
@ -0,0 +1,27 @@
+FROM alpine:latest
+
+VOLUME /exports
+WORKDIR /root
+RUN mkdir -p /run/openrc
+RUN touch /run/openrc/softlevel
+RUN apk add --no-cache --update openrc 
+RUN apk add --no-cache --update --verbose alpine-conf tzdata bash krb5-server nfs-utils iproute2 krb5-server-openrc procps krb5 syslog-ng chrony
+
+
+
+
+RUN rc-update add syslog-ng boot
+RUN rc-update add krb5kdc default
+RUN rc-update add krb5kadmind default
+RUN rc-update add nfs default
+
+COPY ./entrypoint.sh .
+COPY ./init.sh .
+RUN chmod +x ./entrypoint.sh && chmod +x ./init.sh 
+
+RUN ls
+
+
+
+EXPOSE 2049 88 749 750 111
+CMD ["./init.sh"]
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -0,0 +1,158 @@
+#!/bin/bash
+set -xuo pipefail
+trap "stop; exit 0;" SIGTERM SIGINT
+
+stop()
+{
+	echo "signal caught, stopping the world..."
+	exportfs -uav
+	rc-service krb5kdc stop
+	rc-service kadmin stop
+	rc-service nfs stop
+	echo "bye!"
+	exit
+}
+
+DEFALUT_TIMEZONE="America/New York"
+DEFAULT_PERMITTED="*"
+RW_MODE="rw"
+UID=${NFS_UID:-0}
+
+setup-timezone -z "${SRV_TZ:-${DEFALUT_TIMEZONE}}"
+apk del alpine-conf
+cat > /etc/chrony/chrony.conf << 'EOF'
+	pool 0.pool.ntp.org iburst
+	pool 1.pool.ntp.org iburst
+EOF
+
+rc-service chronyd start && rc-update add chronyd default
+
+if [ -n "${SHARED_DIRECTORY}" ]; then
+	mkdir -p /exports"${SHARED_DIRECTORY}"
+	options="(${RW_MODE:-rw},no_root_squash,sync,no_subtree_check,insecure,sec=krb5p:krb5i:krb5)"
+	mount --bind "${SHARED_DIRECTORY}" /exports"${SHARED_DIRECTORY}"
+	cat > /etc/exports <<- EOE
+/exports ${PERMITTED:-${DEFAULT_PERMITTED}}(${RW_MODE:-rw},no_root_squash,insecure,no_subtree_check,hide,fsid=0,sync,sec=krb5p:krb5i:krb5)
+/exports${SHARED_DIRECTORY} ${PERMITTED:-${DEFAULT_PERMITTED}}${options%?},fsid=1)
+EOE
+
+	chmod 777 "${SHARED_DIRECTORY}"
+fi
+
+cat > /etc/krb5.conf << EOL
+[logging]
+    default = FILE:/var/log/krb5libs.log:DEBUG
+    kdc = FILE:/var/log/krb5kdc.log:DEBUG
+    admin_server = FILE:/var/log/kadmind.log:DEBUG
+
+[libdefaults]
+    dns_lookup_realm = false
+    ticket_lifetime = 24h
+    renew_lifetime = 7d
+    forwardable = true
+    rdns = false
+    default_realm = ${NFS_KRB_REALM}
+
+[realms]
+    ${NFS_KRB_REALM} = {
+        kdc = localhost 
+        admin_server = localhost
+    }
+EOL
+
+cat > /etc/idmapd.conf << EOC
+[General]
+Domain = ${NFS_KRB_REALM}
+Verbosity = 5
+EOC
+
+cat > /etc/nfs.conf << EOC
+[general]
+pipefs-directory=/run/rpc_pipefs
+
+[exports]
+
+[exportfs]
+debug=1
+
+[gssd]
+verbosity=5
+rpc-verbosity=5
+keytab-file=/etc/krb5.keytab
+
+[exportd]
+debug="all"
+
+[mountd]
+debug="all"
+manage-gids=y
+port=892
+
+[nfsdcld]
+debug=1
+
+[nfsdcltrack]
+debug=1
+
+[nfsd]
+debug=1
+# threads=8
+# host=
+# grace-time=90
+# lease-time=90
+udp=y
+tcp=y
+vers3=y
+vers4=y
+vers4.0=y
+vers4.1=y
+vers4.2=y
+EOC
+
+touch /var/lib/krb5kdc/kadm5.acl
+
+exportfs -rvaf
+
+
+kdb5_util -r "${NFS_KRB_REALM}" create -s << EOL
+${NFS_KRB_PWD}
+${NFS_KRB_PWD}
+
+EOL
+
+echo "${NFS_KRB_REALM}" > /etc/hostname
+
+# setup logging
+
+syslogd 
+rpcdebug -m nfsd -s all
+rpcdebug -m nfs -s all
+rpcdebug -m rpc -s all
+kadmin.local << EOS
+addprinc ${NFS_KRB_PRINC}@${NFS_KRB_REALM}
+${NFS_KRB_PWD}
+${NFS_KRB_PWD}
+ktadd -norandkey ${NFS_KRB_PRINC}@${NFS_KRB_REALM}
+EOS
+
+export OPTS_RPC_MOUNTD='--debug all -t 8 -N 3'
+cat >> /etc/conf.d/nfs <<EOC
+OPTS_RPC_MOUNTD="${OPTS_RPC_MOUNTD}"
+OPTS_RPC_NFSD="--debug --syslog"
+EXPORTFS_TIMEOUT=30
+EOC
+
+
+rc-service krb5kdc start
+rc-service krb5kadmind start
+rc-service nfs start
+kill -9 `pidof rpc.svcgssd`
+rpc.gssd -vf &> /var/log/rpc-gssd.log &
+rpc.svcgssd -vf &> /var/log/gssd.log &
+
+
+cat /etc/krb5.conf
+
+while true; do
+	sleep 360
+done