docker-archlinux-tiny/Dockerfile at master · yantis/docker-archlinux-tiny · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
###########################################################
# Dockerfile for custom Arch Linux base to be as small as possible
#
# Currently 119 MB
############################################################

FROM dock0/arch
MAINTAINER Jonathan Yantis <yantis@yantis.net>

ENV TERM xterm
WORKDIR /tmp

RUN pacman -Syyu --noconfirm && \

    ## Configure pacman

    # Fix for failed: IPC connect call failed
    dirmngr </dev/null > /dev/null 2>&1 && \

    # Allow for colored output in pacman.conf
    sed -i "s/#Color/Color/" /etc/pacman.conf && \

    # Add hercula repo for vim-tiny
    # Removed this even though it is nice because it blocks dockerhub
    # http://repo.herecura.eu/herecura-stable/x86_64/
    # echo "[herecura-stable]" >> /etc/pacman.conf && \
    # echo "Server = http://repo.herecura.be/herecura-stable/\$arch" >> /etc/pacman.conf && \

    # Archlinux CN repo (has yaourt and sometimes other interesting tools)
    echo "[archlinuxcn]" >> /etc/pacman.conf && \
    echo "SigLevel = Optional TrustAll" >> /etc/pacman.conf && \
    echo "Server = http://repo.archlinuxcn.org/\$arch" >> /etc/pacman.conf && \

    # BlackArch
    echo "[blackarch]" >> /etc/pacman.conf && \
    echo "Server = http://mirror.clibre.uqam.ca/blackarch/\$repo/os/\$arch" >> /etc/pacman.conf && \
    pacman-key -r 4345771566D76038C7FEB43863EC0ADBEA87E4E3 && \
    pacman-key --lsign-key 4345771566D76038C7FEB43863EC0ADBEA87E4E3 && \
    pacman-key -r 7533BAFE69A25079 && \
    pacman-key --lsign-key 7533BAFE69A25079 && \

    # BBQLinux
    echo "[bbqlinux]" >> /etc/pacman.conf && \
    echo "Server = http://packages.bbqlinux.org/\$repo/os/\$arch" >> /etc/pacman.conf && \
    pacman-key -r 04C0A941 && \
    pacman-key --lsign-key 04C0A941 && \

    # Add multilib repo
    sed -i '/#\[multilib\]/,/#Include = \/etc\/pacman.d\/mirrorlist/ s/#//' /etc/pacman.conf && \
    sed -i '/#\[multilib\]/,/#Include = \/etc\/pacman.d\/mirrorlist/ s/#//' /etc/pacman.conf && \
    sed -i 's/#\[multilib\]/\[multilib\]/g' /etc/pacman.conf && \

    # Remove PGP Checks from dock0 amylum repo
    # https://github.com/amylum/repo
    sed -i 's/SigLevel = Required/SigLevel = Optional TrustAll/g' /etc/pacman.conf && \

    # Update and force a refresh of all package lists even if they appear up to date.
    pacman -Syyu --noconfirm && \

    # Install all the repo keyrings and mirrorlists
    pacman --noconfirm -S archlinuxcn-keyring blackarch-keyring bbqlinux-keyring && \

    # Install yaourt, package-query and cower for easy AUR usage.
    # TODO make sure package query still exists later after yaourt uninstall
    pacman -S --noconfirm yaourt package-query cower && \

    # TODO switch to rankmirrors since its built in for pacman.
    # Setup pacman to use the fastest mirrors.
    pacman -S reflector --noconfirm && \
    reflector --verbose -l 5 --protocol https --sort rate --save /etc/pacman.d/mirrorlist && \
    pacman -Rs reflector --noconfirm && \

    # Create new account that isn't root. user: docker password: docker
    useradd --create-home docker && \
    echo -e "docker\ndocker" | passwd docker && \

    # Allow passwordedless sudo for now but we will remove it later.
    pacman --noconfirm -S sudo  && \
    echo "docker ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers && \

    # Replace texinfo with a fake textinfo so we can remove Perl

    pacman --noconfirm -S wget file patch binutils gcc autoconf make fakeroot && \
    # runuser -l docker -c "yaourt --noconfirm -Rdd texinfo" && \
    # runuser -l docker -c "yaourt --noconfirm -S texinfo-fake" && \

    # Install localepurge
    runuser -l docker -c "yaourt --noconfirm -S localepurge" && \

    # Configure localepurge
    sed -i "s/NEEDSCONFIGFIRST/#NEEDSCONFIGFIRST/" /etc/locale.nopurge && \
    sed -i "s/#DONTBOTHERNEWLOCALE/DONTBOTHERNEWLOCALE/" /etc/locale.nopurge && \

    # Reinstall openssl without a Perl dependency (This really isn't needed. Seriously)
    # Patch makepkg so we can run as it as root.
    # sed -i 's/EUID == 0/EUID == -1/' /usr/bin/makepkg && \
    #     wget --content-disposition "https://git.archlinux.org/svntogit/packages.git/plain/trunk/ssl3-test-failure.patch?h=packages/openssl" && \
    #     wget --content-disposition "https://git.archlinux.org/svntogit/packages.git/plain/trunk/ca-dir.patch?h=packages/openssl" && \
    #     wget --content-disposition "https://git.archlinux.org/svntogit/packages.git/plain/trunk/no-rpath.patch?h=packages/openssl" && \
    #     wget --content-disposition "https://git.archlinux.org/svntogit/packages.git/plain/trunk/PKGBUILD?h=packages/openssl" && \
    #     sed -i "s/depends=('perl')/depends=('pacman')/" PKGBUILD && \
    #     sed -i "s/make test//" PKGBUILD && \
    #     makepkg --noconfirm -si --skippgpcheck && \

    # Unpatch makepkg
    # sed -i 's/EUID == -1/EUID == 0/' /usr/bin/makepkg && \

    # Remove stuff we used for compliling packages since huge (219 mB)
    pacman --noconfirm -Runs  \
    binutils  \
    gcc \
    make \
    autoconf \
    # perl \
    yaourt \
    diffutils \

    # Remove other stuff
    gzip \
    # wget \
    # file \
    # patch \
    sudo \
    gettext \
    less \
    sysfsutils \
    which \
    git \

    # (7.1MB) Iproute2 and iptables
    iproute2 \

    # (1.76MB) Utilities for monitoring your system and its processes
    procps-ng \

    # .73 MB
    iputils && \

    # Remove stuff that still needs subitems
    pacman --noconfirm -R \
    util-linux \
    fakeroot \
    shadow && \


    # Remove ducktape & shim & leftover mirrorstatus.
     # rm -r /.ducktape /.shim && \
     rm /tmp/.root.mirrorstatus.json && \

##########################################################################
# CLEAN UP SECTION - THIS GOES AT THE END                                #
##########################################################################
    localepurge && \

    # Remove info, man and docs
    rm -r /usr/share/info/* && \
    rm -r /usr/share/man/* && \
    rm -r /usr/share/doc/* && \

    # was a bit worried about these at first but I haven't seen an issue yet on them.
    rm -r /usr/share/zoneinfo/* && \
    rm -r /usr/share/i18n/* && \

    # Delete any backup files like /etc/pacman.d/gnupg/pubring.gpg~
    find /. -name "*~" -type f -delete && \

    # Keep only xterm related profiles in terminfo.
    find /usr/share/terminfo/. ! -name "*xterm*" ! -name "*screen*" ! -name "*screen*" -type f -delete && \

    # Remove anything left in temp.
    rm -r /tmp/* && \

    pacman -S --noconfirm awk && \
    bash -c "echo 'y' | pacman -Scc >/dev/null 2>&1" && \
    paccache -rk0 >/dev/null 2>&1 &&  \
    pacman-optimize && \
    pacman -Runs --noconfirm gawk tar && \
    rm -r /var/lib/pacman/sync/*

#########################################################################

WORKDIR /
CMD /usr/bin/bash