Skip to content
Snippets Groups Projects
Unverified Commit eb010629 authored by micah's avatar micah :speech_balloon:
Browse files

Update Buster requirements. 

iproute2 needs to be explicitly installed, the iptables alternative needs to
iptables-legacy.
parent a22263d6
No related branches found
No related tags found
No related merge requests found
Pipeline #61360 passed
Stage: build
Stage: release
Show whitespace changes
Inline Side-by-side
Showing
with 5 additions and 6 deletions
Dockerfile
+ 5
6
View file @ eb010629
...@@ -15,9 +15,6 @@ RUN strip $GOPATH/bin/openvpn_exporter ...@@ -15,9 +15,6 @@ RUN strip $GOPATH/bin/openvpn_exporter
FROM registry.git.autistici.org/ai3/docker/chaperone-base:buster FROM registry.git.autistici.org/ai3/docker/chaperone-base:buster
# needed for buster, but chaperone-base image is still stretch
#RUN update-alternatives --set iptables /usr/sbin/iptables-legacy
COPY --from=build /shapeshifter-dispatcher/shapeshifter-dispatcher /usr/local/bin/shapeshifter-dispatcher COPY --from=build /shapeshifter-dispatcher/shapeshifter-dispatcher /usr/local/bin/shapeshifter-dispatcher
COPY --from=build /usr/sbin/openvpn /usr/sbin/openvpn COPY --from=build /usr/sbin/openvpn /usr/sbin/openvpn
COPY --from=build /go/bin/openvpn_exporter /usr/local/bin/openvpn_exporter COPY --from=build /go/bin/openvpn_exporter /usr/local/bin/openvpn_exporter
...@@ -25,8 +22,10 @@ COPY chaperone.d/ /etc/chaperone.d ...@@ -25,8 +22,10 @@ COPY chaperone.d/ /etc/chaperone.d
RUN echo "deb http://download.opensuse.org/repositories/home:/CZ-NIC:/knot-resolver-latest/Debian_9.0/ /" > /etc/apt/sources.list.d/knot.list RUN echo "deb http://download.opensuse.org/repositories/home:/CZ-NIC:/knot-resolver-latest/Debian_9.0/ /" > /etc/apt/sources.list.d/knot.list
COPY cznic-obs.gpg /etc/apt/trusted.gpg.d COPY cznic-obs.gpg /etc/apt/trusted.gpg.d
RUN apt-get -q update && env DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \ RUN apt-get -q update && env DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
openvpn libcap2-bin netcat-openbsd iptables knot-resolver knot-resolver-module-http \ libcap2-bin netcat-openbsd iptables iproute2 knot-resolver \
knot-resolver-module-http \
&& rm -rf /var/lib/apt/lists/* && rm -rf /var/lib/apt/lists/*
RUN setcap cap_net_admin,cap_net_bind_service+ep /usr/sbin/openvpn RUN setcap cap_net_admin,cap_net_bind_service+ep /usr/sbin/openvpn
RUN setcap cap_net_admin+ep /bin/ip RUN setcap cap_net_admin+ep /bin/ip
RUN setcap cap_net_bind_service+ep /usr/sbin/kresd RUN setcap cap_net_bind_service+ep /usr/sbin/kresd
RUN update-alternatives --set iptables /usr/sbin/iptables-legacy
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment