Snippets

Lineate LLC Debian: Docker images

You are viewing an old version of this snippet. View the current version.
Revised by Ovik Vardanyan cf0e2b9
docker/jenkins/debian7
Raw 
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
# Debian image to build DEB packages according Thumbtack policies

FROM debian:wheezy

MAINTAINER Thumbtack DevOps

RUN echo "deb http://http.debian.net/debian wheezy-backports main" >> /etc/apt/sources.list && \
    apt-get update && apt-get install -y build-essential devscripts debhelper \
    openssh-server \
    openssh-client \
    openssl \
    locales \
    rsyslog \
    openjdk-7-jre \
    git \
    gettext \
    sudo \
    tar \
    mc \
    nano

# Configure SSH server
RUN sed -ri 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config; \
    sed -i 's/#\?\s*PermitRootLogin.*/PermitRootLogin no/' /etc/ssh/sshd_config; \
    sed -i 's/#\?\s*PasswordAuthentication.*/PasswordAuthentication no/' /etc/ssh/sshd_config; \
    mkdir /var/run/sshd; \
    localedef -i en_US -f UTF-8 en_US.UTF-8

# Add an user with superuser permissions according thumbtack policy
RUN getent passwd kiparis >/dev/null || useradd -m -d /home/kiparis -s /bin/bash kiparis; \
    echo "kiparis:$(openssl rand -base64 24)" | chpasswd; \
    install -m 0700 -d /home/kiparis/.ssh; \
    echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCSMOKXm5vUEKpXVhDrTvkticQMjK2Enbhb/Rh8HnjQcsOzfG2CX23L3q/JTHyOcQi1rwheDUFak+9IvY6ZS+iT/qYQ6RP1HzdhQett/gfv0T/c4tPddqgqvjHMVAdtXVHlbjwXxK5ChDSZH3n8U3CJ5TGaP3J3WhDkSW2C8qP2QKZkPvdjh3DQWZ48rJp77lmmXlvO+bOkUv6tz6zi840lrCCJf8z0VYlYBnqxa3O0erT864JqWdP1PdTQvIu93ZJB0Rp3hbDEpLFtWP4g94H+q8vHu1nrIiERU6TWl26rCVNIDJK7JQNWBLaZAt0yNvxxFA1AQVmEUddgamNhAZgJ" > /home/kiparis/.ssh/authorized_keys; \ 
    chown -R kiparis:kiparis /home/kiparis/.ssh; \
    chmod 600 /home/kiparis/.ssh/*; \
    echo "kiparis ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/kiparis


# Add jenkins user to run slaves
RUN getent passwd jenkins >/dev/null || useradd -m -d /var/lib/jenkins -s /bin/bash jenkins; \
    echo "jenkins:$(openssl rand -base64 24)" | chpasswd; \
    install -m 0700 -d /var/lib/jenkins/.ssh; \
    echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVu+bAxOSKUBWBYCDrs/wmUh4uLc9eJjJ2YFb2HYQDmySITVIDqbx6HSA94/S7PvDuU5KI7yz+3FxYE1zTRmqMM1sVHIeH4WmDA41wd/t5jvg7WCkrmgkngHvi2Fil2OdgxHPK1rv8B+ybx1n9C5VZcZPGK5KOMotc9Q3PXdm29zmjSGyFN2fVjTdbQcWC509vtbjXTEejftgVXPk/6v1dGuTzpcpd1lafs6LikFxMGUAr+cOyPjcLEXPVFg14etp3sxB34QkuWLFef16/2ymKCz84i5FhSJsytVYZz2w1M2FsEz3s2TdXScBFqOd2KgPv1Kwmaz3JOckcXCKQZp0r devops-team@thumbtack.net" > /var/lib/jenkins/.ssh/authorized_keys; \
    chown -R jenkins:jenkins /var/lib/jenkins/.ssh; \
    chmod 600 /var/lib/jenkins/.ssh/*; \
    su jenkins -c 'git config --global user.name "Thumbtack Jenkins"'; \
    su jenkins -c 'git config --global user.email "jenkins@thumbtack.net"'

# NodeJS requirements
RUN apt-get -y install nodejs && \
    su - jenkins -c 'curl -sSL https://raw.githubusercontent.com/creationix/nvm/v0.25.3/install.sh | bash'

# Ruby requirements
RUN apt-get -y install ruby rubygems ruby-dev && \
    su - jenkins -c 'gpg --keyserver hkp://keys.gnupg.net --recv-keys 409B6B1796C275462A1703113804BB82D39DC0E3' && \
    su - jenkins -c 'curl -sSL https://get.rvm.io | bash -s stable'

# PHP requirements
RUN apt-get -y install php5-cli

# Install Ansible
RUN apt-get -y install ansible sshpass && \
    curl -s https://bootstrap.pypa.io/get-pip.py | python && \
    pip install virtualenv "jinja2>2.7"

CMD ["/usr/sbin/sshd", "-D"]
docker/jenkins/debian8
Raw 
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
# Debian image to build project packages according Thumbtack policies

FROM debian:jessie

MAINTAINER Thumbtack DevOps

RUN apt-get update && apt-get -y install \
    openssh-server \
    openssh-client \
    locales \
    rsyslog \
    sudo \
    git \
    mc \
    nano \
    gettext \
    openjdk-7-jre

RUN sed -ri 's/UsePAM yes/UsePAM no/g' /etc/ssh/sshd_config; \
    sed -i 's/PermitRootLogin without-password/PermitRootLogin yes/' /etc/ssh/sshd_config; \
    service ssh start; \
    mkdir /var/run/sshd; \
    localedef -i en_US -f UTF-8 en_US.UTF-8; \
    echo 'root:********************' | chpasswd

RUN getent passwd jenkins >/dev/null || useradd -m -d /var/lib/jenkins -s /bin/bash jenkins; \
    echo 'jenkins:********************' | chpasswd; \
    sudo -u jenkins git config --global user.name "Thumbtack Jenkins"; \
    sudo -u jenkins git config --global user.email "jenkins@thumbtack.net"

RUN install -m 0700 -d /var/lib/jenkins/.ssh; \
    echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDVu+bAxOSKUBWBYCDrs/wmUh4uLc9eJjJ2YFb2HYQDmySITVIDqbx6HSA94/S7PvDuU5KI7yz+3FxYE1zTRmqMM1sVHIeH4WmDA41wd/t5jvg7WCkrmgkngHvi2Fil2OdgxHPK1rv8B+ybx1n9C5VZcZPGK5KOMotc9Q3PXdm29zmjSGyFN2fVjTdbQcWC509vtbjXTEejftgVXPk/6v1dGuTzpcpd1lafs6LikFxMGUAr+cOyPjcLEXPVFg14etp3sxB34QkuWLFef16/2ymKCz84i5FhSJsytVYZz2w1M2FsEz3s2TdXScBFqOd2KgPv1Kwmaz3JOckcXCKQZp0r devops-team@thumbtack.net" > /var/lib/jenkins/.ssh/authorized_keys; \
    chown -R jenkins:jenkins /var/lib/jenkins/.ssh; \
    chmod 600 /var/lib/jenkins/.ssh/*

CMD ["/usr/sbin/sshd", "-D"]
HTTPS SSH

You can clone a snippet to your computer for local editing. Learn more.