hello world ! 🌸
This commit is contained in:
commit
cf578ed339
GPG Key ID:
924A5F6AF051E87C
23
Dockerfile
Normal file
23
Dockerfile
Normal file
@ -0,0 +1,23 @@
|
||||
FROM alpine:latest
|
||||
|
||||
WORKDIR /root
|
||||
RUN mkdir -p /run/openrc
|
||||
RUN touch /run/openrc/softlevel
|
||||
RUN apk add --no-cache --update openrc
|
||||
RUN apk add --no-cache --update --verbose bash krb5-server nfs-utils iproute2 krb5-server-openrc procps krb5 syslog-ng
|
||||
|
||||
RUN rc-update add syslog-ng boot
|
||||
RUN rc-update add krb5kdc default
|
||||
RUN rc-update add krb5kadmind default
|
||||
RUN rc-update add nfs default
|
||||
|
||||
COPY ./entrypoint.sh .
|
||||
COPY ./init.sh .
|
||||
RUN chmod +x ./entrypoint.sh && chmod +x ./init.sh
|
||||
|
||||
RUN ls
|
||||
|
||||
|
||||
|
||||
EXPOSE 2049 88 749 750 111
|
||||
CMD ["./init.sh"]
|
||||
88
entrypoint.sh
Normal file
88
entrypoint.sh
Normal file
@ -0,0 +1,88 @@
|
||||
#!/bin/bash
|
||||
set -xuo pipefail
|
||||
trap "stop; exit 0;" SIGTERM SIGINT
|
||||
|
||||
stop()
|
||||
{
|
||||
echo "signal caught, stopping the world..."
|
||||
exportfs -uav
|
||||
rc-service krb5kdc stop
|
||||
rc-service kadmin stop
|
||||
rc-service nfs stop
|
||||
echo "bye!"
|
||||
exit
|
||||
}
|
||||
|
||||
DEFAULT_PERMITTED="*"
|
||||
RW_MODE="rw"
|
||||
UID=${NFS_UID:-0}
|
||||
if [ -n "${SHARED_DIRECTORY}" ]; then
|
||||
echo "${SHARED_DIRECTORY} ${PERMITTED:-${DEFAULT_PERMITTED}}(${RW_MODE:-rw},root_squash,nohide,fsid=${UID},sync,no_subtree_check,insecure,root_squash,crossmnt,anonuid=${UID},anongid=${UID},sec=krb5p:krb5i:krb5)" \
|
||||
> /etc/exports
|
||||
chmod 777 "${SHARED_DIRECTORY}"
|
||||
fi
|
||||
|
||||
cat > /etc/krb5.conf << EOL
|
||||
[logging]
|
||||
default = FILE:/var/log/krb5libs.log:DEBUG
|
||||
kdc = FILE:/var/log/krb5kdc.log:DEBUG
|
||||
admin_server = FILE:/var/log/kadmind.log:DEBUG
|
||||
|
||||
[libdefaults]
|
||||
dns_lookup_realm = false
|
||||
ticket_lifetime = 24h
|
||||
renew_lifetime = 7d
|
||||
forwardable = true
|
||||
rdns = false
|
||||
default_realm = ${NFS_KRB_REALM}
|
||||
|
||||
[realms]
|
||||
${NFS_KRB_REALM} = {
|
||||
kdc = localhost
|
||||
admin_server = localhost
|
||||
}
|
||||
EOL
|
||||
cat > /etc/idmapd.conf << EOC
|
||||
[General]
|
||||
Domain = ${NFS_KRB_REALM}
|
||||
Verbosity = 5
|
||||
EOC
|
||||
|
||||
|
||||
touch /var/lib/krb5kdc/kadm5.acl
|
||||
|
||||
exportfs -rvaf
|
||||
|
||||
|
||||
kdb5_util -r "${NFS_KRB_REALM}" create -s << EOL
|
||||
${NFS_KRB_PWD}
|
||||
${NFS_KRB_PWD}
|
||||
|
||||
EOL
|
||||
|
||||
echo "${NFS_KRB_REALM}" > /etc/hostname
|
||||
|
||||
# setup logging
|
||||
|
||||
syslogd
|
||||
rpcdebug -m nfsd -s all
|
||||
rpcdebug -m nfs -s all
|
||||
rpcdebug -m rpc -s all
|
||||
|
||||
kadmin.local -q "addprinc -pw ${NFS_KRB_PWD} ${NFS_KRB_PRINC}@${NFS_KRB_REALM}"
|
||||
kadmin.local -q "ktadd ${NFS_KRB_PRINC}@${NFS_KRB_REALM}"
|
||||
kadmin.local -q "ktadd -k /etc/krb5.keytab ${NFS_KRB_PRINC}@${NFS_KRB_REALM}"
|
||||
kadmin.local -q "cpw -pw ${NFS_KRB_PWD} ${NFS_KRB_PRINC}"
|
||||
rc-service krb5kdc start
|
||||
rc-service krb5kadmind start
|
||||
rc-service nfs start
|
||||
export OPTS_RPC_MOUNTD='--debug all -t 8 -N 3'
|
||||
echo "OPTS_RPC_MOUNTD=\"${OPTS_RPC_MOUNTD}\"" >> /etc/conf.d/nfs
|
||||
rc-service nfs restart
|
||||
|
||||
|
||||
cat /etc/krb5.conf
|
||||
|
||||
while true; do
|
||||
sleep 360
|
||||
done
|
||||
Loading…
x
Reference in New Issue
Block a user