-
-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathDockerfile.cli
More file actions
154 lines (127 loc) · 5.14 KB
/
Dockerfile.cli
File metadata and controls
154 lines (127 loc) · 5.14 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
# Use Ubuntu 22.04 LTS as the base image
FROM ubuntu:22.04
# Set Arguments
ARG CLIENT_VERSION=10781.19.0.1214
ARG ZIP_FILE_REL_PATH=bin/univpn-linux-64-${CLIENT_VERSION}.zip
ARG INSTALLER_SOURCE_DIR=/home/UniVPN
ARG ACTUAL_INSTALL_DIR=/usr/local/UniVPN
ARG INSTALL_LOG_DIR=${ACTUAL_INSTALL_DIR}/log
ARG INSTALL_LOG_FILE=${INSTALL_LOG_DIR}/install.log
ARG USERNAME=vpnuser
ARG USER_UID=1000
ARG USER_GID=1000
# Set environment variables
ENV DEBIAN_FRONTEND=noninteractive
ENV LANG=C.UTF-8
ENV LC_ALL=C.UTF-8
ENV USER=${USERNAME}
ENV HOME=/home/${USERNAME}
ENV TZ=Asia/Shanghai
# --- Auto Reconnect Configuration ---
ENV AUTO_RECONNECT=false
ENV RECONNECT_PING_TARGET=8.8.8.8
ENV RECONNECT_GRACE_PERIOD=60
# Install dependencies
RUN apt-get update && \
apt-get install -y --no-install-recommends \
unzip \
locales \
ca-certificates \
sudo \
expect \
procps \
net-tools \
iproute2 \
iputils-ping \
dante-server \
tinyproxy \
dbus \
tzdata \
supervisor \
&& \
locale-gen C.UTF-8 && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
# Configure timezone and fix dbus directory permissions
RUN ln -fs /usr/share/zoneinfo/$TZ /etc/localtime && \
dpkg-reconfigure -f noninteractive tzdata && \
mkdir -p /var/run/dbus && \
chown messagebus:messagebus /var/run/dbus
# --- Create a Helper Reconnect Command ---
RUN echo '#!/bin/bash' > /usr/local/bin/reconnect && \
echo 'echo "Killing UniVPN process to trigger restart..."' >> /usr/local/bin/reconnect && \
echo 'pkill -f "/usr/local/UniVPN/UniVPN"' >> /usr/local/bin/reconnect && \
chmod +x /usr/local/bin/reconnect
# Create the non-root user and group, add to sudoers
RUN groupadd --gid ${USER_GID} ${USERNAME} && \
useradd --uid ${USER_UID} --gid ${USER_GID} --shell /bin/bash --create-home ${USERNAME} && \
adduser ${USERNAME} sudo && \
echo '%sudo ALL=(ALL) NOPASSWD:ALL' >> /etc/sudoers
# Verify home directory ownership and permissions
RUN echo "Verifying ${USERNAME} home directory..." && \
ls -ld /home/${USERNAME} && \
chown ${USERNAME}:${USERNAME} /home/${USERNAME} && \
chmod 750 /home/${USERNAME} && \
echo "Ownership/permissions verified for /home/${USERNAME}"
# Create installer source directory owned by user
RUN mkdir -p ${INSTALLER_SOURCE_DIR} && \
chown ${USERNAME}:${USERNAME} ${INSTALLER_SOURCE_DIR}
# Copy the installer zip file into that directory
COPY ${ZIP_FILE_REL_PATH} ${INSTALLER_SOURCE_DIR}/installer.zip
# Set the working directory TO the installer source directory
WORKDIR ${INSTALLER_SOURCE_DIR}
# Unzip the installer within this directory and remove the zip file
RUN unzip installer.zip && \
rm installer.zip && \
echo "Listing extracted files in ${INSTALLER_SOURCE_DIR}:" && \
ls -l
# Find and verify the installer file (supports both univpn-linux-64 and univpn-linux-amd64 patterns)
RUN INSTALLER_RUN_FILE=$(ls univpn-linux-*-*.run 2>/dev/null | head -1) && \
if [ -z "$INSTALLER_RUN_FILE" ]; then \
echo "Error: No installer file matching pattern 'univpn-linux-*-*.run' found in ${INSTALLER_SOURCE_DIR}."; \
exit 1; \
fi && \
chmod +x "$INSTALLER_RUN_FILE" && \
echo "Found and made executable: $INSTALLER_RUN_FILE" && \
echo "INSTALLER_RUN_FILE=$INSTALLER_RUN_FILE" > /tmp/installer_env.sh
# Ensure the target log directory exists BEFORE running the installer
RUN mkdir -p ${INSTALL_LOG_DIR}
# Run the installer FROM the current directory, redirecting output to the log file
RUN . /tmp/installer_env.sh && \
echo "Running installer as root from $(pwd)... Output logged to ${INSTALL_LOG_FILE}" && \
./$INSTALLER_RUN_FILE > ${INSTALL_LOG_FILE} 2>&1 \
&& \
echo "Installation finished. Check ${INSTALL_LOG_FILE} for details."
# Clean up the installer file after successful execution
RUN . /tmp/installer_env.sh && \
rm $INSTALLER_RUN_FILE && \
rm /tmp/installer_env.sh && \
echo "Removed installer file and environment script."
# --- Supervisor Setup ---
# Create supervisor log directory
RUN mkdir -p /var/log/supervisor
# Copy supervisor configuration
COPY supervisord.conf.cli /etc/supervisor/supervisord.conf
# Copy Dante configuration
COPY danted.conf /etc/danted.conf
RUN chown ${USERNAME}:${USERNAME} /etc/danted.conf
# Copy Tinyproxy configuration
COPY tinyproxy.conf /etc/tinyproxy/tinyproxy.conf
# Copy Dante wrapper script
COPY wait_and_start_dante.sh /usr/local/bin/wait_and_start_dante.sh
RUN chmod +x /usr/local/bin/wait_and_start_dante.sh
# --- Copy the UniVPN Keeper Script ---
COPY univpn-keeper.sh.cli /usr/local/bin/univpn-keeper.sh
RUN chmod +x /usr/local/bin/univpn-keeper.sh
# --- Config UniVPN session autoconnect ---
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
RUN chmod +x /usr/local/bin/entrypoint.sh
# Set final working directory to user's home
WORKDIR /home/${USERNAME}
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
# Run Supervisor as the main process
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/supervisord.conf"]
# --- Optional Metadata ---
LABEL maintainer="Xavier Xiong <zx900930@gmail.com>"
LABEL version="${CLIENT_VERSION}"
LABEL description="Docker container for Huawei UniVPN CLI Client (v${CLIENT_VERSION})"