-
Notifications
You must be signed in to change notification settings - Fork 24
/
Copy pathDockerfile
63 lines (53 loc) · 1.68 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
ARG BASE_IMAGE=ubuntu:22.04
FROM $BASE_IMAGE
LABEL maintainer="InseeFrLab <[email protected]>"
# System-wide configuration
SHELL ["/bin/bash", "-c"]
ENV SHELL="/bin/bash"
ENV DEBIAN_FRONTEND="noninteractive"
# Setup user & workspace
ENV USERNAME="onyxia"
ENV UID="1000"
ENV GROUPNAME="users"
ENV GID="100"
ENV HOME="/home/${USERNAME}"
ENV WORKSPACE_DIR="${HOME}/work"
RUN groupmod -g ${GID} ${GROUPNAME} && \
# Setup custom user with sudo rights
useradd ${USERNAME} --uid=${UID} -g ${GROUPNAME} --groups sudo -r --no-log-init --create-home && \
# Create workspace
mkdir ${WORKSPACE_DIR} && \
# Disable default sudo message when opening shell
touch ${HOME}/.sudo_as_admin_successful
WORKDIR ${WORKSPACE_DIR}
USER root
COPY scripts/ /opt/
RUN chmod -R +x /opt/ && \
# Install essential system libraries
/opt/install-system-libs.sh && \
apt-get upgrade -y && \
# Make sudo passwordless
echo 'onyxia ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers && \
# Generate locales
locale-gen en_US.UTF-8 && \
# Install common clients useful for Onyxia
/opt/install-kubectl.sh && \
/opt/install-kubectl-krew.sh && \
/opt/install-helm.sh && \
/opt/install-mc.sh && \
/opt/install-vault-cli.sh && \
/opt/install-argo-workflows-cli.sh && \
/opt/install-duckdb-cli.sh && \
/opt/install-duckdb-extensions.sh && \
/opt/install-quarto.sh && \
# Fix permissions
chown -R ${USERNAME}:${GROUPNAME} ${HOME} && \
chmod +x /opt/onyxia-init.sh && \
# Clean
rm -rf /var/lib/apt/lists/*
ENV PATH="${PATH}:${HOME}/.local/bin:${HOME}/.krew/bin"
# Set locales
ENV LC_ALL="en_US.UTF-8"
ENV LANG="en_US.UTF-8"
USER 1000
CMD ["/bin/bash"]