Switch to Ubuntu base image and construct our own minimal Phusion sty…

…le image (#21) * phusion/baseimage was last updated in September 2022 so it's missing a lot of security patches. Switch to the Ubuntu base image that's maintained by Canonical instead. * Use ADD to download Phusion build scripts, and download them at a specific commit. Also disable extra Phusion services that aren't needed (cron, SSH server, and syslog-ng)
koreader · Dec 6, 2024 · c418a25 · c418a25
1 parent 5b578fb
commit c418a25
Showing 1 changed file with 27 additions and 1 deletion.
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,30 @@
-FROM phusion/baseimage:jammy-1.0.1
+FROM ubuntu:jammy
+
+RUN mkdir -p /bd_build/bin/
+
+ADD https://raw.githubusercontent.com/phusion/baseimage-docker/cc3f8f6fc8847a101efaf9008a892124b4ba14dc/image/buildconfig /bd_build/
+ADD --chmod=755 https://raw.githubusercontent.com/phusion/baseimage-docker/cc3f8f6fc8847a101efaf9008a892124b4ba14dc/image/cleanup.sh /bd_build/
+ADD --chmod=755 https://raw.githubusercontent.com/phusion/baseimage-docker/cc3f8f6fc8847a101efaf9008a892124b4ba14dc/image/prepare.sh /bd_build/
+ADD --chmod=755 https://raw.githubusercontent.com/phusion/baseimage-docker/cc3f8f6fc8847a101efaf9008a892124b4ba14dc/image/system_services.sh /bd_build/
+ADD --chmod=755 https://raw.githubusercontent.com/phusion/baseimage-docker/cc3f8f6fc8847a101efaf9008a892124b4ba14dc/image/utilities.sh /bd_build/
+
+ADD --chmod=755 https://raw.githubusercontent.com/phusion/baseimage-docker/cc3f8f6fc8847a101efaf9008a892124b4ba14dc/image/bin/install_clean /bd_build/bin/
+ADD --chmod=755 https://raw.githubusercontent.com/phusion/baseimage-docker/cc3f8f6fc8847a101efaf9008a892124b4ba14dc/image/bin/my_init /bd_build/bin/
+ADD --chmod=755 https://raw.githubusercontent.com/phusion/baseimage-docker/cc3f8f6fc8847a101efaf9008a892124b4ba14dc/image/bin/setuser /bd_build/bin/
+
+ENV DISABLE_CRON=1
+ENV DISABLE_SSH=1
+ENV DISABLE_SYSLOG=1
+
+RUN /bd_build/prepare.sh && \
+    /bd_build/system_services.sh && \
+    /bd_build/utilities.sh && \
+    /bd_build/cleanup.sh
+
+ENV DEBIAN_FRONTEND="teletype" \
+    LANG="en_US.UTF-8" \
+    LANGUAGE="en_US:en" \
+    LC_ALL="en_US.UTF-8"
 
 # install openresty
 RUN apt-get update \