diff --git a/.hadolint.yaml b/.hadolint.yaml index 610e431..4442bd4 100644 --- a/.hadolint.yaml +++ b/.hadolint.yaml @@ -1,3 +1,4 @@ ignored: - DL3006 -- DL3018 +- DL3008 +- DL3003 diff --git a/Dockerfile b/Dockerfile index 51cd359..7584512 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,45 +1,27 @@ ARG FROM FROM ${FROM} as builder -RUN apk add --no-cache \ - bash \ - build-base \ - cargo \ +RUN export DEBIAN_FRONTEND=noninteractive \ + && apt-get update -qq \ + && apt-get upgrade \ + --yes -qq --no-install-recommends \ + && apt-get install \ + --yes -qq --no-install-recommends \ + build-essential \ ca-certificates \ - cmake \ - cyrus-sasl-dev \ - git \ - graphviz \ - jpeg-dev \ - libevent-dev \ - libffi-dev \ - libxslt-dev \ - make \ - musl-dev \ - openldap-dev \ - postgresql-dev \ - py3-pip \ + libldap-dev \ + libpq-dev \ + libsasl2-dev \ + libssl-dev \ python3-dev \ - && python3 -m venv /opt/netbox/venv \ - && /opt/netbox/venv/bin/python3 -m pip install --upgrade \ + python3-pip \ + python3-venv \ + && python3 -m venv /opt/netbox/venv \ + && /opt/netbox/venv/bin/python3 -m pip install --upgrade \ pip \ setuptools \ wheel -# Build libcrc32c for google-crc32c python module -RUN git clone https://github.com/google/crc32c \ - && cd crc32c \ - && git submodule update --init --recursive \ - && mkdir build \ - && cd build \ - && cmake \ - -DCMAKE_BUILD_TYPE=Release \ - -DCRC32C_BUILD_TESTS=no \ - -DCRC32C_BUILD_BENCHMARKS=no \ - -DBUILD_SHARED_LIBS=yes \ - .. \ - && make all install - ARG NETBOX_PATH COPY ${NETBOX_PATH}/requirements.txt requirements-container.txt / RUN /opt/netbox/venv/bin/pip install \ @@ -53,35 +35,37 @@ RUN /opt/netbox/venv/bin/pip install \ ARG FROM FROM ${FROM} as main -RUN apk add --no-cache \ - bash \ +RUN export DEBIAN_FRONTEND=noninteractive \ + && apt-get update -qq \ + && apt-get upgrade \ + --yes -qq --no-install-recommends \ + && apt-get install \ + --yes -qq --no-install-recommends \ ca-certificates \ curl \ - graphviz \ - libevent \ - libffi \ - libjpeg-turbo \ - libxslt \ + libpq5 \ openssl \ - postgresql-client \ - postgresql-libs \ - py3-pip \ python3 \ + python3-distutils \ tini \ - unit \ - unit-python3 + && curl -sL https://nginx.org/keys/nginx_signing.key \ + > /etc/apt/trusted.gpg.d/nginx.asc && \ + echo "deb https://packages.nginx.org/unit/debian/ bullseye unit" \ + > /etc/apt/sources.list.d/unit.list \ + && apt-get update -qq \ + && apt-get install \ + --yes -qq --no-install-recommends \ + unit=1.27.0-1~bullseye \ + unit-python3.9=1.27.0-1~bullseye \ + && rm -rf /var/lib/apt/lists/* -WORKDIR /opt - -COPY --from=builder /usr/local/lib/libcrc32c.* /usr/local/lib/ -COPY --from=builder /usr/local/include/crc32c /usr/local/include -COPY --from=builder /usr/local/lib/cmake/Crc32c /usr/local/lib/cmake/ COPY --from=builder /opt/netbox/venv /opt/netbox/venv ARG NETBOX_PATH COPY ${NETBOX_PATH} /opt/netbox COPY docker/configuration.docker.py /opt/netbox/netbox/netbox/configuration.py +COPY docker/ldap_config.docker.py /opt/netbox/netbox/netbox/ldap_config.py COPY docker/docker-entrypoint.sh /opt/netbox/docker-entrypoint.sh COPY docker/housekeeping.sh /opt/netbox/housekeeping.sh COPY docker/launch-netbox.sh /opt/netbox/launch-netbox.sh @@ -101,14 +85,15 @@ RUN mkdir -p static /opt/unit/state/ /opt/unit/tmp/ \ --config-file /opt/netbox/mkdocs.yml --site-dir /opt/netbox/netbox/project-static/docs/ \ && SECRET_KEY="dummy" /opt/netbox/venv/bin/python /opt/netbox/netbox/manage.py collectstatic --no-input -ENTRYPOINT [ "/sbin/tini", "--" ] +ENV LANG=C.UTF-8 +ENTRYPOINT [ "/usr/bin/tini", "--" ] CMD [ "/opt/netbox/docker-entrypoint.sh", "/opt/netbox/launch-netbox.sh" ] -LABEL ORIGINAL_TAG="" \ - NETBOX_GIT_BRANCH="" \ - NETBOX_GIT_REF="" \ - NETBOX_GIT_URL="" \ +LABEL netbox.original-tag="" \ + netbox.git-branch="" \ + netbox.git-ref="" \ + netbox.git-url="" \ # See http://label-schema.org/rc1/#build-time-labels # Also https://microbadger.com/labels org.label-schema.schema-version="1.0" \ @@ -133,16 +118,3 @@ LABEL ORIGINAL_TAG="" \ org.opencontainers.image.source="https://github.com/netbox-community/netbox-docker.git" \ org.opencontainers.image.revision="" \ org.opencontainers.image.version="snapshot" - -##### -## LDAP specific configuration -##### - -FROM main as ldap - -RUN apk add --no-cache \ - libsasl \ - libldap \ - util-linux - -COPY docker/ldap_config.docker.py /opt/netbox/netbox/netbox/ldap_config.py diff --git a/build.sh b/build.sh index ffee555..0b6ccf2 100755 --- a/build.sh +++ b/build.sh @@ -49,10 +49,10 @@ if [ "${1}x" == "x" ] || [ "${1}" == "--help" ] || [ "${1}" == "-h" ]; then echo " DOCKERFILE The name of Dockerfile to use." echo " Default: Dockerfile" echo " DOCKER_FROM The base image to use." - echo " Default: 'alpine:3.14'" + echo " Default: 'debian:11-slim'" echo " DOCKER_TARGET A specific target to build." echo " It's currently not possible to pass multiple targets." - echo " Default: main ldap" + echo " Default: main" echo " HTTP_PROXY The proxy to use for http requests." echo " Example: http://proxy.domain.tld:3128" echo " Default: undefined" @@ -170,7 +170,7 @@ fi # Determining the value for DOCKER_FROM ### if [ -z "$DOCKER_FROM" ]; then - DOCKER_FROM="alpine:3.14" + DOCKER_FROM="debian:11-slim" fi ### @@ -222,7 +222,7 @@ esac ### # Determine targets to build ### -DEFAULT_DOCKER_TARGETS=("main" "ldap") +DEFAULT_DOCKER_TARGETS=("main") DOCKER_TARGETS=("${DOCKER_TARGET:-"${DEFAULT_DOCKER_TARGETS[@]}"}") echo "🏭 Building the following targets:" "${DOCKER_TARGETS[@]}" @@ -302,7 +302,7 @@ for DOCKER_TARGET in "${DOCKER_TARGETS[@]}"; do if ! printf '%s\n' "${IMAGES_LAYERS_OLD[@]}" | grep -q -P "^${PYTHON_LAST_LAYER}\$"; then SHOULD_BUILD="true" - BUILD_REASON="${BUILD_REASON} alpine" + BUILD_REASON="${BUILD_REASON} debian" fi if [ "${NETBOX_GIT_REF}" != "${NETBOX_GIT_REF_OLD}" ]; then SHOULD_BUILD="true" @@ -335,7 +335,7 @@ for DOCKER_TARGET in "${DOCKER_TARGETS[@]}"; do # --label DOCKER_BUILD_ARGS+=( - --label "ORIGINAL_TAG=${TARGET_DOCKER_TAG_PROJECT}" + --label "netbox.original-tag=${TARGET_DOCKER_TAG_PROJECT}" --label "org.label-schema.build-date=${BUILD_DATE}" --label "org.opencontainers.image.created=${BUILD_DATE}" @@ -351,14 +351,14 @@ for DOCKER_TARGET in "${DOCKER_TARGETS[@]}"; do fi if [ -d "${NETBOX_PATH}/.git" ]; then DOCKER_BUILD_ARGS+=( - --label "NETBOX_GIT_BRANCH=${NETBOX_GIT_BRANCH}" - --label "NETBOX_GIT_REF=${NETBOX_GIT_REF}" - --label "NETBOX_GIT_URL=${NETBOX_GIT_URL}" + --label "netbox.git-branch=${NETBOX_GIT_BRANCH}" + --label "netbox.git-ref=${NETBOX_GIT_REF}" + --label "netbox.git-url=${NETBOX_GIT_URL}" ) fi if [ -n "${BUILD_REASON}" ]; then BUILD_REASON=$(sed -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//' <<<"$BUILD_REASON") - DOCKER_BUILD_ARGS+=(--label "BUILD_REASON=${BUILD_REASON}") + DOCKER_BUILD_ARGS+=(--label "netbox.build-reason=${BUILD_REASON}") fi # --build-arg diff --git a/docker/nginx-unit.json b/docker/nginx-unit.json index fbe8c2b..87a186b 100644 --- a/docker/nginx-unit.json +++ b/docker/nginx-unit.json @@ -11,7 +11,7 @@ "uri": "/static/*" }, "action": { - "share": "/opt/netbox/netbox" + "share": "/opt/netbox/netbox${uri}" } }, diff --git a/requirements-container.txt b/requirements-container.txt index 1ca5ca8..c10f918 100644 --- a/requirements-container.txt +++ b/requirements-container.txt @@ -1,5 +1,5 @@ django-auth-ldap==4.1.0 django-storages[azure,boto3,dropbox,google,libcloud,sftp]==1.12.3 -google-crc32c==1.3.0 napalm==3.4.1 +psycopg2==2.9.3 ruamel.yaml==0.17.21