-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
102 lines (92 loc) · 3.97 KB
/
Dockerfile
File metadata and controls
102 lines (92 loc) · 3.97 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
FROM ubuntu:24.04
# Install core packages + dev essentials
RUN apt update && \
apt install -y \
openssh-server \
openssh-client \
sudo \
locales \
build-essential \
git \
curl \
wget \
rsync \
shellcheck \
nano \
vim \
htop \
iputils-ping \
net-tools \
ca-certificates \
bash-completion \
tmux \
gnupg && \
install -m 0755 -d /etc/apt/keyrings && \
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg && \
chmod a+r /etc/apt/keyrings/docker.gpg && \
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(. /etc/os-release && echo $VERSION_CODENAME) stable" > /etc/apt/sources.list.d/docker.list && \
apt update && \
apt install -y docker-ce-cli docker-compose-plugin && \
locale-gen C.UTF-8 && \
mkdir /var/run/sshd && \
apt clean
# Build-time configuration
ARG DEVBOX_USER=dev
ARG DEVBOX_PASS=changeme
ARG DEVBOX_UID=1000
ARG DEVBOX_GID=1000
ARG DOCKER_GID=1000
# Create non-root user with host-matching UID/GID.
# ubuntu:24.04 already has UID/GID 1000 ("ubuntu"), so reuse/rename when needed.
RUN set -eux; \
if ! getent group "${DEVBOX_GID}" >/dev/null 2>&1; then \
groupadd -g "${DEVBOX_GID}" "${DEVBOX_USER}"; \
fi; \
PRIMARY_GROUP="$(getent group "${DEVBOX_GID}" | cut -d: -f1)"; \
EXISTING_UID_USER="$(getent passwd "${DEVBOX_UID}" | cut -d: -f1 || true)"; \
if id -u "${DEVBOX_USER}" >/dev/null 2>&1; then \
if [ -n "${EXISTING_UID_USER}" ] && [ "${EXISTING_UID_USER}" != "${DEVBOX_USER}" ]; then \
echo "UID ${DEVBOX_UID} is already owned by ${EXISTING_UID_USER}; cannot remap existing ${DEVBOX_USER}" >&2; \
exit 1; \
fi; \
usermod -u "${DEVBOX_UID}" -g "${PRIMARY_GROUP}" "${DEVBOX_USER}"; \
else \
if [ -n "${EXISTING_UID_USER}" ]; then \
EXISTING_HOME="$(getent passwd "${EXISTING_UID_USER}" | cut -d: -f6)"; \
usermod -l "${DEVBOX_USER}" "${EXISTING_UID_USER}"; \
if [ "${EXISTING_HOME}" != "/home/${DEVBOX_USER}" ]; then \
usermod -d "/home/${DEVBOX_USER}" -m "${DEVBOX_USER}"; \
fi; \
usermod -g "${PRIMARY_GROUP}" "${DEVBOX_USER}"; \
else \
useradd -m -s /bin/bash -u "${DEVBOX_UID}" -g "${PRIMARY_GROUP}" "${DEVBOX_USER}"; \
fi; \
fi; \
echo "${DEVBOX_USER}:${DEVBOX_PASS}" | chpasswd; \
usermod -aG sudo "${DEVBOX_USER}"; \
if ! getent group "${DOCKER_GID}" >/dev/null 2>&1; then groupadd -g "${DOCKER_GID}" dockerhost; fi; \
DOCKER_GROUP="$(getent group "${DOCKER_GID}" | cut -d: -f1)"; \
usermod -aG "${DOCKER_GROUP}" "${DEVBOX_USER}"
# SSH configuration
RUN sed -i 's/#PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config && \
sed -i 's/#PermitRootLogin.*/PermitRootLogin no/' /etc/ssh/sshd_config
ENV LANG=C.UTF-8
# Playwright CDP tooling — only installed when PLAYWRIGHT_TOOLS=true (devbox-playwright profile)
ARG PLAYWRIGHT_TOOLS=false
COPY scripts/start-cdp.sh /usr/local/bin/start-cdp.sh
COPY scripts/playwright-mcp.sh /usr/local/bin/playwright-mcp.sh
RUN chmod +x /usr/local/bin/start-cdp.sh /usr/local/bin/playwright-mcp.sh && \
if [ "$PLAYWRIGHT_TOOLS" = "true" ]; then \
install -m 0755 -d /etc/apt/keyrings && \
curl -fsSL https://dl.google.com/linux/linux_signing_key.pub | gpg --dearmor -o /etc/apt/keyrings/google-chrome.gpg && \
echo "deb [arch=amd64 signed-by=/etc/apt/keyrings/google-chrome.gpg] http://dl.google.com/linux/chrome/deb/ stable main" \
> /etc/apt/sources.list.d/google-chrome.list && \
apt-get update && \
apt-get install -y google-chrome-stable && \
apt-get clean; \
fi
# Start in projects directory on login
RUN echo "cd /workspace" >> "/home/${DEVBOX_USER}/.bashrc"
WORKDIR /workspace
EXPOSE 22
CMD ["/usr/sbin/sshd", "-D"]