feat: devcontainer compose

Author: Xenion1987

.devcontainer/Dockerfiles/Dockerfile-Alma-8

@@ -1,4 +1,5 @@
 FROM almalinux:8
+ARG TZ
 RUN dnf update -y && \
     dnf install -y \
     dnf-utils \
@@ -10,6 +11,10 @@ RUN dnf update -y && \
     openssh-clients \
     openssh-server \
     && dnf clean all
-ENV TZ='Europe/Berlin'
-RUN mkdir -p /run/sshd && ssh-keygen -A
+ENV TZ=${TZ:-Europe/Berlin}
+RUN mkdir -p /run/sshd && ssh-keygen -A \
+    && install --directory --mode=0700 /root/.ssh \
+    && echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
+COPY ./ssh-keys/clients/authorized_keys /root/.ssh/authorized_keys
+RUN chown $(id -u):$(id -g) /root/.ssh/authorized_keys && chmod 644 /root/.ssh/authorized_keys
 CMD ["/usr/sbin/sshd", "-D"]

.devcontainer/Dockerfiles/Dockerfile-Debian-12

@@ -0,0 +1,20 @@
+FROM python:slim-bookworm
+ARG TZ
+RUN apt update && \
+    export DEBIAN_FRONTEND=noninteractive && \
+    apt install -y --no-install-recommends \
+    dialog \
+    apt-utils \
+    sudo \
+    curl \
+    tzdata \
+    iproute2 \
+    python3 \
+    openssh-server \
+    && rm -rf /var/lib/apt/lists/*
+ENV TZ=${TZ:-Europe/Berlin}
+RUN mkdir -p /run/sshd && ssh-keygen -A \
+    && install --directory --mode=0700 /root/.ssh \
+    && echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
+COPY ./ssh-keys/clients/authorized_keys /root/.ssh/authorized_keys
+RUN chown $(id -u):$(id -g) /root/.ssh/authorized_keys && chmod 644 /root/.ssh/authorized_keys

.devcontainer/Dockerfiles/Dockerfile-Debian-12-base

@@ -0,0 +1,2 @@
+FROM local/debian-12-base
+CMD ["/usr/sbin/sshd", "-D"]

.devcontainer/Dockerfiles/Dockerfile-Debian-12-client

@@ -0,0 +1,11 @@
+FROM local/debian-12-base
+
+ARG ANSIBLE_VERSION
+ARG ANSIBLE_LINT_VERSION
+
+COPY ./scripts/setup-docker-container.sh /tmp
+
+RUN chmod +x /tmp/setup-docker-container.sh && \
+    /tmp/setup-docker-container.sh install all ansible ${ANSIBLE_VERSION} ${ANSIBLE_LINT_VERSION}
+
+# CMD ["/usr/sbin/sshd", "-D"]

.devcontainer/Dockerfiles/Dockerfile-Debian-12-control

@@ -1,4 +1,5 @@
 FROM opensuse/leap:15
+ARG TZ
 RUN zypper update -y && \
     zypper install -y \
     sudo \
@@ -8,6 +9,10 @@ RUN zypper update -y && \
     openssh-clients \
     openssh-server \
     && zypper clean -a
-ENV TZ='Europe/Berlin'
-RUN mkdir -p /run/sshd && ssh-keygen -A
+ENV TZ=${TZ:-Europe/Berlin}
+RUN mkdir -p /run/sshd && ssh-keygen -A \
+    && install --directory --mode=0700 /root/.ssh \
+    && echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
+COPY ./ssh-keys/clients/authorized_keys /root/.ssh/authorized_keys
+RUN chown $(id -u):$(id -g) /root/.ssh/authorized_keys && chmod 644 /root/.ssh/authorized_keys
 CMD ["/usr/sbin/sshd", "-D"]

.devcontainer/Dockerfiles/Dockerfile-OpenSUSE-Leap-15

@@ -1,4 +1,5 @@
 FROM ubuntu:22.04
+ARG TZ
 RUN sed -i 's,http://archive,http://de.archive,' /etc/apt/sources.list
 RUN apt update && \
     export DEBIAN_FRONTEND=noninteractive && \
@@ -12,6 +13,10 @@ RUN apt update && \
     python3 \
     openssh-server \
     && rm -rf /var/lib/apt/lists/*
-ENV TZ='Europe/Berlin'
-RUN mkdir -p /run/sshd && ssh-keygen -A
+ENV TZ=${TZ:-Europe/Berlin}
+RUN mkdir -p /run/sshd && ssh-keygen -A \
+    && install --directory --mode=0700 /root/.ssh \
+    && echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
+COPY ./ssh-keys/clients/authorized_keys /root/.ssh/authorized_keys
+RUN chown $(id -u):$(id -g) /root/.ssh/authorized_keys && chmod 644 /root/.ssh/authorized_keys
 CMD ["/usr/sbin/sshd", "-D"]

.devcontainer/Dockerfiles/Dockerfile-Ubuntu-22.04 renamed to .devcontainer/Dockerfiles/Dockerfile-Ubuntu-2204

@@ -1,20 +1,29 @@
 // For format details, see https://aka.ms/devcontainer.json. For config options, see the
 // README at: https://github.com/devcontainers/templates/tree/main/src/python
 {
-	"name": "Ansible-Debian-12",
-	"initializeCommand": "bash ./.devcontainer/scripts/initialize-command.sh",
-	"image": "mcr.microsoft.com/devcontainers/python:3-bookworm",
-	"runArgs": [
-		"--name=ansible-playground-control",
-		"--hostname=ansible-control",
-		"--network=ansible-playground"
+	"name": "Ansible-Playground",
+	"dockerComposeFile": [
+		"docker-compose.yml",
+		"docker-compose.dev.yml"
 	],
-	"containerEnv": {
-		"TZ": "Europe/Berlin"
-	},
+	"service": "ansible-control",
+	"workspaceFolder": "/workspace/ansible-playground",
+	"initializeCommand": "bash ./.devcontainer/scripts/initialize-command.sh",
+	"onCreateCommand": "bash ./.devcontainer/scripts/on-create-command.sh",
+	"postCreateCommand": "bash ./.devcontainer/scripts/post-create-command.sh",
+	"remoteUser": "vscode",
 	// Features to add to the dev container. More info: https://containers.dev/features.
 	"features": {
-		"ghcr.io/devcontainers/features/sshd:1": {}
+		"ghcr.io/devcontainers/features/sshd:1": {},
+		"ghcr.io/devcontainers/features/common-utils": {
+			"username": "vscode",
+			"userUid": 1000,
+			"userGid": 1000,
+			"installZsh": false,
+			"installOhMyZsh": false,
+			"configureZshAsDefaultShell": false,
+			"installOhMyZshConfig": false
+		}
 	},
 	// Configure tool-specific properties.
 	"customizations": {
@@ -36,7 +45,7 @@
 				"python.terminal.activateEnvironment": true,
 				"ansible.validation.lint.path": "ansible-lint",
 				"ansible.ansible.path": "ansible",
-				"ansible.python.interpreterPath": ".devcontainer/.venv-ansible/bin/python",
+				"ansible.python.interpreterPath": "python",
 				"files.associations": {
 					"*.j2": "ansible-jinja",
 					"**/defaults/**/*.y*ml": "ansible",
@@ -66,7 +75,6 @@
 			]
 		}
 	},
-	"onCreateCommand": "bash ./.devcontainer/scripts/on-create-command.sh",
 	"mounts": [
 		{
 			"source": "${localWorkspaceFolder}/.devcontainer/ssh-keys/server",
@@ -78,6 +86,5 @@
 			"target": "/home/vscode/.history_export",
 			"type": "volume"
 		}
-	],
-	"postCreateCommand": "bash ./.devcontainer/scripts/post-create-command.sh"
+	]
 }

.devcontainer/devcontainer.json

@@ -0,0 +1,11 @@
+---
+services:
+  ansible-debian-base:
+    build:
+      context: .
+      dockerfile: ./Dockerfiles/Dockerfile-Debian-12-base
+      args:
+        TZ: Europe/Berlin
+    image: local/debian-12-base
+    deploy:
+      replicas: 0

.devcontainer/docker-compose.base.yml

@@ -0,0 +1,20 @@
+---
+services:
+  ansible-control:
+    build:
+      context: .
+      dockerfile: ./Dockerfiles/Dockerfile-Debian-12-control
+      args:
+        TZ: Europe/Berlin
+        ANSIBLE_VERSION: ${ANSIBLE_VERSION:-<10.0.0}
+        ANSIBLE_LINT_VERSION: ${ANSIBLE_LINT_VERSION:->=24.0.0}
+    image: ansible-control
+    # container_name: ansible-control
+    hostname: control.ansible
+    environment:
+      - 'TZ=Europe/Berlin'
+    volumes:
+      - ..:/workspace/ansible-playground:cached
+    networks:
+      - ansible-playground
+    command: /bin/sh -c "while sleep 1; do :; done"

.devcontainer/docker-compose.dev.yml

@@ -1,62 +1,72 @@
-version: '3'
-
+---
 services:
   ansible-client-debian:
     build:
-      context: ./Dockerfiles
-      dockerfile: Dockerfile-Debian-12
+      context: .
+      dockerfile: ./Dockerfiles/Dockerfile-Debian-12-client
+      args:
+        TZ: Europe/Berlin
     image: ansible-client-debian
-    container_name: ansible-client-debian
+    # container_name: ansible-client-debian
     hostname: debian.client.ansible
     environment:
-      - 'TZ=Europe/Berlin'
-    volumes:
-      - ./ssh-keys/clients/authorized_keys:/root/authorized_keys:ro
+      - "TZ=Europe/Berlin"
+    # volumes:
+    #   - ./ssh-keys/clients/authorized_keys:/root/.ssh/authorized_keys:ro
+    #   - ./ssh-keys/clients/PermitRootLogin.conf:/etc/ssh/sshd_config.d/PermitRootLogin.conf
     networks:
       - ansible-playground
 
   ansible-client-ubuntu:
     build:
-      context: ./Dockerfiles
-      dockerfile: Dockerfile-Ubuntu-22.04
+      context: .
+      dockerfile: ./Dockerfiles/Dockerfile-Ubuntu-2204
+      args:
+        TZ: Europe/Berlin
     image: ansible-client-ubuntu
-    container_name: ansible-client-ubuntu
+    # container_name: ansible-client-ubuntu
     hostname: ubuntu.client.ansible
     environment:
-      - 'TZ=Europe/Berlin'
-    volumes:
-      - ./ssh-keys/clients/authorized_keys:/root/authorized_keys:ro
+      - "TZ=Europe/Berlin"
+    # volumes:
+    #   - ./ssh-keys/clients/authorized_keys:/root/.ssh/authorized_keys:ro
+    #   - ./ssh-keys/clients/PermitRootLogin.conf:/etc/ssh/sshd_config.d/PermitRootLogin.conf
     networks:
       - ansible-playground
 
   ansible-client-alma:
     build:
-      context: ./Dockerfiles
-      dockerfile: Dockerfile-Alma-8
+      context: .
+      dockerfile: ./Dockerfiles/Dockerfile-Alma-8
+      args:
+        TZ: Europe/Berlin
     image: ansible-client-alma
-    container_name: ansible-client-alma
+    # container_name: ansible-client-alma
     hostname: alma.client.ansible
     environment:
-      - 'TZ=Europe/Berlin'
-    volumes:
-      - ./ssh-keys/clients/authorized_keys:/root/authorized_keys:ro
+      - "TZ=Europe/Berlin"
+    # volumes:
+    #   - ./ssh-keys/clients/authorized_keys:/root/.ssh/authorized_keys:ro
+    #   - ./ssh-keys/clients/PermitRootLogin.conf:/etc/ssh/sshd_config.d/PermitRootLogin.conf
     networks:
       - ansible-playground
 
   ansible-client-suse:
     build:
-      context: ./Dockerfiles
-      dockerfile: Dockerfile-OpenSUSE-Leap-15
+      context: .
+      dockerfile: ./Dockerfiles/Dockerfile-OpenSUSE-Leap-15
+      args:
+        TZ: Europe/Berlin
     image: ansible-client-suse
-    container_name: ansible-client-suse
+    # container_name: ansible-client-suse
     hostname: suse.client.ansible
     environment:
-      - 'TZ=Europe/Berlin'
-    volumes:
-      - ./ssh-keys/clients/authorized_keys:/root/authorized_keys:ro
+      - "TZ=Europe/Berlin"
+    # volumes:
+    #   - ./ssh-keys/clients/authorized_keys:/root/.ssh/authorized_keys:ro
+    #   - ./ssh-keys/clients/PermitRootLogin.conf:/etc/ssh/sshd_config.d/PermitRootLogin.conf
     networks:
       - ansible-playground
 
 networks:
   ansible-playground:
-    external: true

.devcontainer/docker-compose.yml

@@ -2,32 +2,39 @@
 
 DOCKER_VOLUME_NAME="devcontainer-history"
 
-if ! docker volume inspect "${DOCKER_VOLUME_NAME}" >/dev/null 2>&1; then
-  docker volume create "${DOCKER_VOLUME_NAME}"
+if ! docker volume inspect "${DOCKER_VOLUME_NAME}" &>/dev/null 2>&1; then
+  echo -n "INITIALIZE COMMAND :: Creating Docker volume '${DOCKER_VOLUME_NAME}'... "
+  if docker volume create "${DOCKER_VOLUME_NAME}" &>/dev/null; then
+    echo "done"
+  fi
 else
   echo "INITIALIZE COMMAND :: Docker volume '${DOCKER_VOLUME_NAME}' already exists - no need to create."
 fi
 
-if [[ ! $(docker network ls -qf name=ansible-playground) =~ [0-9a-z]{12} ]]; then
-  docker network create ansible-playground
-fi
-build_images=()
-while read -r image; do
-  if ! docker image ls "${image}" | grep -q "${image}"; then
-    build_images+=("${image}")
-  fi
-done < <(awk '/image:/ {print $NF}' .devcontainer/docker-compose.yml)
-if [[ ${#build_images[@]} -gt 0 ]]; then
-  echo "-------------- BUILDING DOCKER IMAGES --------------"
-  docker compose -f .devcontainer/docker-compose.yml build "${build_images[@]}"
-fi
-echo "---------------- DOCKER IMAGES BUILT ---------------"
+### Build debian base image
+echo "INITIALIZE COMMAND :: Building Debian 12 base image..."
+docker compose -f .devcontainer/docker-compose.base.yml build
 
-if [[ ! -f "${PWD}/ssh-keys/clients/authorized_keys" ]]; then
-  touch "${PWD}/.devcontainer/ssh-keys/clients/authorized_keys"
-fi
+# if [[ ! $(docker network ls -qf name=ansible-playground) =~ [0-9a-z]{12} ]]; then
+#   docker network create ansible-playground
+# fi
+# build_images=()
+# while read -r image; do
+#   if ! docker image ls "${image}" | grep -q "${image}"; then
+#     build_images+=("${image}")
+#   fi
+# done < <(awk '/image:/ {print $NF}' .devcontainer/docker-compose.yml)
+# if [[ ${#build_images[@]} -gt 0 ]]; then
+#   echo "-------------- BUILDING DOCKER IMAGES --------------"
+#   docker compose -f .devcontainer/docker-compose.yml build "${build_images[@]}"
+# fi
+# echo "---------------- DOCKER IMAGES BUILT ---------------"
+
+# if [[ ! -f "${PWD}/ssh-keys/clients/authorized_keys" ]]; then
+#   touch "${PWD}/.devcontainer/ssh-keys/clients/authorized_keys"
+# fi
 
-docker compose -f .devcontainer/docker-compose.yml up -d
+# docker compose -f .devcontainer/docker-compose.yml up -d
 
 if ! find .devcontainer/ssh-keys -type f -name id_rsa | grep -q .; then
   echo "---------------- DEPLOY SSH KEYFILES ---------------"
@@ -53,11 +60,10 @@ if ! find .devcontainer/ssh-keys -type f -name id_rsa | grep -q .; then
     bash -c 'chown -R 1000:1000 /root/.ssh/'
 fi
 
-echo "Copy 'authorized_keys' into client's root ssh dir"
-for s in $(docker compose -f .devcontainer/docker-compose.yml ps --services --status running); do
-  echo "${s}"
-  docker compose -f .devcontainer/docker-compose.yml exec "${s}" mkdir -p /root/.ssh
-  docker compose -f .devcontainer/docker-compose.yml exec "${s}" chmod 700 /root/.ssh
-  docker compose -f .devcontainer/docker-compose.yml exec "${s}" cp -v /root/authorized_keys /root/.ssh/authorized_keys
-done
-echo "--------------- SSH KEYFILES DEPLOYED --------------"
+# echo "Copy 'authorized_keys' into client's root ssh dir"
+# for s in $(docker compose -f .devcontainer/docker-compose.yml ps --services --status running); do
+#   echo "${s}"
+#   docker compose -f .devcontainer/docker-compose.yml exec "${s}" install --directory --mode=0700 --owner=1000 --group=1000 /root/.ssh
+#   docker compose -f .devcontainer/docker-compose.yml exec "${s}" cp -v /root/authorized_keys /root/.ssh/authorized_keys
+# done
+# echo "--------------- SSH KEYFILES DEPLOYED --------------"