202 lines
5.9 KiB
Docker
202 lines
5.9 KiB
Docker
#
|
|
# Licensed to the Apache Software Foundation (ASF) under one
|
|
# or more contributor license agreements. See the NOTICE file
|
|
# distributed with this work for additional information
|
|
# regarding copyright ownership. The ASF licenses this file
|
|
# to you under the Apache License, Version 2.0 (the
|
|
# "License"); you may not use this file except in compliance
|
|
# with the License. You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing,
|
|
# software distributed under the License is distributed on an
|
|
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
# KIND, either express or implied. See the License for the
|
|
# specific language governing permissions and limitations
|
|
# under the License.
|
|
#
|
|
|
|
#
|
|
# Dockerfile for guacamole-server
|
|
#
|
|
|
|
# The Alpine Linux image that should be used as the basis for the guacd image
|
|
ARG ALPINE_BASE_IMAGE=latest
|
|
FROM alpine:${ALPINE_BASE_IMAGE} AS builder
|
|
|
|
# Install build dependencies
|
|
RUN apk add --no-cache \
|
|
autoconf \
|
|
automake \
|
|
build-base \
|
|
cairo-dev \
|
|
cmake \
|
|
git \
|
|
grep \
|
|
libjpeg-turbo-dev \
|
|
libpng-dev \
|
|
libtool \
|
|
libwebp-dev \
|
|
make \
|
|
openssl-dev \
|
|
pango-dev \
|
|
pulseaudio-dev \
|
|
util-linux-dev
|
|
|
|
# Copy source to container for sake of build
|
|
ARG BUILD_DIR=/tmp/guacamole-server
|
|
COPY . ${BUILD_DIR}
|
|
|
|
#
|
|
# Base directory for installed build artifacts.
|
|
#
|
|
# NOTE: Due to limitations of the Docker image build process, this value is
|
|
# duplicated in an ARG in the second stage of the build.
|
|
#
|
|
ARG PREFIX_DIR=/opt/guacamole
|
|
|
|
#
|
|
# Automatically select the latest versions of each core protocol support
|
|
# library (these can be overridden at build time if a specific version is
|
|
# needed)
|
|
#
|
|
ARG WITH_FREERDP='2(\.\d+)+'
|
|
ARG WITH_LIBSSH2='libssh2-\d+(\.\d+)+'
|
|
ARG WITH_LIBTELNET='\d+(\.\d+)+'
|
|
ARG WITH_LIBVNCCLIENT='LibVNCServer-\d+(\.\d+)+'
|
|
ARG WITH_LIBWEBSOCKETS='v\d+(\.\d+)+'
|
|
|
|
#
|
|
# Default build options for each core protocol support library, as well as
|
|
# guacamole-server itself (these can be overridden at build time if different
|
|
# options are needed)
|
|
#
|
|
|
|
ARG FREERDP_OPTS="\
|
|
-DBUILTIN_CHANNELS=OFF \
|
|
-DCHANNEL_URBDRC=OFF \
|
|
-DWITH_ALSA=OFF \
|
|
-DWITH_CAIRO=ON \
|
|
-DWITH_CHANNELS=ON \
|
|
-DWITH_CLIENT=ON \
|
|
-DWITH_CUPS=OFF \
|
|
-DWITH_DIRECTFB=OFF \
|
|
-DWITH_FFMPEG=OFF \
|
|
-DWITH_GSM=OFF \
|
|
-DWITH_GSSAPI=OFF \
|
|
-DWITH_IPP=OFF \
|
|
-DWITH_JPEG=ON \
|
|
-DWITH_LIBSYSTEMD=OFF \
|
|
-DWITH_MANPAGES=OFF \
|
|
-DWITH_OPENH264=OFF \
|
|
-DWITH_OPENSSL=ON \
|
|
-DWITH_OSS=OFF \
|
|
-DWITH_PCSC=OFF \
|
|
-DWITH_PULSE=OFF \
|
|
-DWITH_SERVER=OFF \
|
|
-DWITH_SERVER_INTERFACE=OFF \
|
|
-DWITH_SHADOW_MAC=OFF \
|
|
-DWITH_SHADOW_X11=OFF \
|
|
-DWITH_SSE2=ON \
|
|
-DWITH_WAYLAND=OFF \
|
|
-DWITH_X11=OFF \
|
|
-DWITH_X264=OFF \
|
|
-DWITH_XCURSOR=ON \
|
|
-DWITH_XEXT=ON \
|
|
-DWITH_XI=OFF \
|
|
-DWITH_XINERAMA=OFF \
|
|
-DWITH_XKBFILE=ON \
|
|
-DWITH_XRENDER=OFF \
|
|
-DWITH_XTEST=OFF \
|
|
-DWITH_XV=OFF \
|
|
-DWITH_ZLIB=ON"
|
|
|
|
ARG GUACAMOLE_SERVER_OPTS="\
|
|
--disable-guaclog"
|
|
|
|
ARG LIBSSH2_OPTS="\
|
|
-DBUILD_EXAMPLES=OFF \
|
|
-DBUILD_SHARED_LIBS=ON"
|
|
|
|
ARG LIBTELNET_OPTS="\
|
|
--disable-static \
|
|
--disable-util"
|
|
|
|
ARG LIBVNCCLIENT_OPTS=""
|
|
|
|
ARG LIBWEBSOCKETS_OPTS="\
|
|
-DDISABLE_WERROR=ON \
|
|
-DLWS_WITHOUT_SERVER=ON \
|
|
-DLWS_WITHOUT_TESTAPPS=ON \
|
|
-DLWS_WITHOUT_TEST_CLIENT=ON \
|
|
-DLWS_WITHOUT_TEST_PING=ON \
|
|
-DLWS_WITHOUT_TEST_SERVER=ON \
|
|
-DLWS_WITHOUT_TEST_SERVER_EXTPOLL=ON \
|
|
-DLWS_WITH_STATIC=OFF"
|
|
|
|
# Build guacamole-server and its core protocol library dependencies
|
|
RUN ${BUILD_DIR}/src/guacd-docker/bin/build-all.sh
|
|
|
|
# Record the packages of all runtime library dependencies
|
|
RUN ${BUILD_DIR}/src/guacd-docker/bin/list-dependencies.sh \
|
|
${PREFIX_DIR}/sbin/guacd \
|
|
${PREFIX_DIR}/lib/libguac-client-*.so \
|
|
${PREFIX_DIR}/lib/freerdp2/*guac*.so \
|
|
> ${PREFIX_DIR}/DEPENDENCIES
|
|
|
|
# Use same Alpine version as the base for the runtime image
|
|
FROM alpine:${ALPINE_BASE_IMAGE}
|
|
|
|
#
|
|
# Base directory for installed build artifacts. See also the
|
|
# CMD directive at the end of this build stage.
|
|
#
|
|
# NOTE: Due to limitations of the Docker image build process, this value is
|
|
# duplicated in an ARG in the first stage of the build.
|
|
#
|
|
ARG PREFIX_DIR=/opt/guacamole
|
|
|
|
# Runtime environment
|
|
ENV LC_ALL=C.UTF-8
|
|
ENV LD_LIBRARY_PATH=${PREFIX_DIR}/lib
|
|
ENV GUACD_LOG_LEVEL=info
|
|
|
|
# Copy build artifacts into this stage
|
|
COPY --from=builder ${PREFIX_DIR} ${PREFIX_DIR}
|
|
|
|
# Bring runtime environment up to date and install runtime dependencies
|
|
RUN apk add --no-cache \
|
|
ca-certificates \
|
|
ghostscript \
|
|
netcat-openbsd \
|
|
shadow \
|
|
terminus-font \
|
|
ttf-dejavu \
|
|
ttf-liberation \
|
|
util-linux-login && \
|
|
xargs apk add --no-cache < ${PREFIX_DIR}/DEPENDENCIES
|
|
|
|
# Checks the operating status every 5 minutes with a timeout of 5 seconds
|
|
HEALTHCHECK --interval=5m --timeout=5s CMD nc -z 127.0.0.1 4822 || exit 1
|
|
|
|
# Create a new user guacd
|
|
ARG UID=1000
|
|
ARG GID=1000
|
|
RUN groupadd --gid $GID guacd
|
|
RUN useradd --system --create-home --shell /sbin/nologin --uid $UID --gid $GID guacd
|
|
|
|
# Run with user guacd
|
|
USER guacd
|
|
|
|
# Expose the default listener port
|
|
EXPOSE 4822
|
|
|
|
# Start guacd, listening on port 0.0.0.0:4822
|
|
#
|
|
# Note the path here MUST correspond to the value specified in the
|
|
# PREFIX_DIR build argument.
|
|
#
|
|
CMD /opt/guacamole/sbin/guacd -b 0.0.0.0 -L $GUACD_LOG_LEVEL -f
|
|
|