# Golang Docker 容器的构建 ## Create.sh ```bash #!/bin/bash docker build -t godocker:1.0 . ``` ## Dockerfile ```dockerfile FROM ubuntu:16.04 ENV GOROOT=/usr/local/go \ GOPATH=/go \ GOBIN=/usr/local/go/bin \ PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/go/bin \ LANG="zh_CN.UTF-8" \ LANGUAGE="zh_CN.UTF-8" COPY --chown=root:root entrypoint.sh nats-0.0.24-amd64.deb nats-server-v2.3.2-amd64.deb nats-top-v0.4.0-amd64.deb / COPY --chown=root:root sshd_config /etc/ssh/ ADD --chown=root:root bashrc.tar.gz /root RUN apt update -y && apt upgrade -y \ && apt install -y tzdata \ && ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \ && echo 'Asia/Shanghai' >/etc/timezone \ && apt install -y gdb tree cmake wget aria2 vim bison build-essential make gcc gcc-multilib autoconf automake autoconf-archive gnu-standards autoconf-doc libtool-doc libtool gcc-doc global git openssl gnu-efi xz-utils debianutils iputils-ping e2fslibs-dev ccache gawk wget diffstat bc zip unzip chrpath socat texinfo cpio flex minicom xterm gtkterm parted gparted tmux python-crypto python3 python3-pip python3-pexpect libncurses-dev libncurses5-dev libncursesw5-dev libssl-dev libpciaccess-dev uuid-dev libsystemd-dev libevent-dev libxml2-dev libusb-1.0-0-dev liblz4-tool libsdl1.2-dev libssl-dev libblkid-dev libboost-dev libleveldb-dev libgflags-dev libgoogle-glog-dev libblas-dev liblmdb-dev libsnappy-dev libopenblas-dev python-numpy libboost-python-dev gfortran usbutils pciutils openssh-server locales language-pack-zh-han* \ && apt install -y gcc-arm-linux-gnueabihf g++-arm-linux-gnueabihf gcc-arm-none-eabi gdb-arm-none-eabi \ && wget https://golang.google.cn/dl/go1.16.6.linux-amd64.tar.gz \ && tar -xf go1.16.6.linux-amd64.tar.gz -C /usr/local/ && rm -rf go1.16.6.linux-amd64.tar.gz \ && go env -w GO111MODULE=on \ && go env -w GOPROXY=https://goproxy.cn \ && go get -v github.com/ramya-rao-a/go-outline && go install github.com/ramya-rao-a/go-outline@latest \ && go get -v github.com/go-delve/delve/cmd/dlv && go install github.com/go-delve/delve/cmd/dlv@latest \ && go get -v github.com/mdempsky/gocode && go install github.com/mdempsky/gocode@latest \ && go get -v github.com/uudashr/gopkgs/v2/cmd/gopkgs && go install github.com/uudashr/gopkgs/v2/cmd/gopkgs@latest \ && go get -v github.com/rogpeppe/godef && go install github.com/rogpeppe/godef@latest \ && go get -v github.com/sqs/goreturns && go install github.com/sqs/goreturns@latest \ && go get -v github.com/cweill/gotests/gotests && go install github.com/cweill/gotests/gotests@latest \ && go get -v github.com/fatih/gomodifytags && go install github.com/fatih/gomodifytags@latest \ && go get -v github.com/josharian/impl && go install github.com/josharian/impl@latest \ && go get -v github.com/haya14busa/goplay/cmd/goplay && go install github.com/haya14busa/goplay/cmd/goplay@latest \ && go get -v honnef.co/go/tools/cmd/staticcheck && go install honnef.co/go/tools/cmd/staticcheck@latest \ && go get -v golang.org/x/tools/gopls && go install golang.org/x/tools/gopls@latest \ && go get -v golang.org/x/tools/cmd/godoc && go install golang.org/x/tools/cmd/godoc@latest \ && apt install -y /nats-0.0.24-amd64.deb && rm -rf /nats-0.0.24-amd64.deb \ && apt install -y /nats-server-v2.3.2-amd64.deb && rm -rf /nats-server-v2.3.2-amd64.deb \ && apt install -y /nats-top-v0.4.0-amd64.deb && rm -rf /nats-top-v0.4.0-amd64.deb ENTRYPOINT ["/entrypoint.sh"] ``` ## .bashrc ```bash # ~/.bashrc: executed by bash(1) for non-login shells. # see /usr/share/doc/bash/examples/startup-files (in the package bash-doc) # for examples # If not running interactively, don't do anything case $- in *i*) ;; *) return;; esac # don't put duplicate lines or lines starting with space in the history. # See bash(1) for more options HISTCONTROL=ignoreboth # append to the history file, don't overwrite it shopt -s histappend # for setting history length see HISTSIZE and HISTFILESIZE in bash(1) HISTSIZE=1000 HISTFILESIZE=2000 # check the window size after each command and, if necessary, # update the values of LINES and COLUMNS. shopt -s checkwinsize # If set, the pattern "**" used in a pathname expansion context will # match all files and zero or more directories and subdirectories. #shopt -s globstar # make less more friendly for non-text input files, see lesspipe(1) #[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)" # set variable identifying the chroot you work in (used in the prompt below) if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then debian_chroot=$(cat /etc/debian_chroot) fi # set a fancy prompt (non-color, unless we know we "want" color) case "$TERM" in xterm-color|*-256color) color_prompt=yes;; esac # uncomment for a colored prompt, if the terminal has the capability; turned # off by default to not distract the user: the focus in a terminal window # should be on the output of commands, not on the prompt #force_color_prompt=yes if [ -n "$force_color_prompt" ]; then if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then # We have color support; assume it's compliant with Ecma-48 # (ISO/IEC-6429). (Lack of such support is extremely rare, and such # a case would tend to support setf rather than setaf.) color_prompt=yes else color_prompt= fi fi if [ "$color_prompt" = yes ]; then PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ ' else PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ ' fi unset color_prompt force_color_prompt # If this is an xterm set the title to user@host:dir case "$TERM" in xterm*|rxvt*) PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1" ;; *) ;; esac # enable color support of ls and also add handy aliases if [ -x /usr/bin/dircolors ]; then test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)" alias ls='ls --color=auto' #alias dir='dir --color=auto' #alias vdir='vdir --color=auto' #alias grep='grep --color=auto' #alias fgrep='fgrep --color=auto' #alias egrep='egrep --color=auto' fi # colored GCC warnings and errors #export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01' # some more ls aliases #alias ll='ls -l' #alias la='ls -A' #alias l='ls -CF' # Alias definitions. # You may want to put all your additions into a separate file like # ~/.bash_aliases, instead of adding them here directly. # See /usr/share/doc/bash-doc/examples in the bash-doc package. if [ -f ~/.bash_aliases ]; then . ~/.bash_aliases fi # enable programmable completion features (you don't need to enable # this, if it's already enabled in /etc/bash.bashrc and /etc/profile # sources /etc/bash.bashrc). if ! shopt -oq posix; then if [ -f /usr/share/bash-completion/bash_completion ]; then . /usr/share/bash-completion/bash_completion elif [ -f /etc/bash_completion ]; then . /etc/bash_completion fi fi # Codespaces bash prompt theme __bash_prompt() { PS1='${debian_chroot:+($debian_chroot)}\[\033[00m\][\[\033[0;32m\]\u\[\033[00m\]:\[\033[1;31m\]\h\[\033[00m\]] \[\033[1;34m\]\W\[\033[00m\]\$ ' unset -f __bash_prompt } __bash_prompt export PROMPT_DIRTRIM=4 export PATH=/usr/local/go/bin:$PATH export LANG="zh_CN.UTF-8" export LANGUAGE="zh_CN.UTF-8" alias ls='ls --color=auto' alias ll='ls -alF' alias la='ls -A' alias l='ls -CF' alias dir='dir --color=auto' alias vidr='vdir --color=auto' alias grep='grep --color=auto' alias fgrep='fgrep --color=auto' alias egrep='egrep --color=auto' ``` ## entrypoint.sh ```bash #!/bin/bash service ssh start exec $@ ``` ## sshd_config ```bash # Package generated configuration file # See the sshd_config(5) manpage for details # What ports, IPs and protocols we listen for Port 22 # Use these options to restrict which interfaces/protocols sshd will bind to #ListenAddress :: #ListenAddress 0.0.0.0 Protocol 2 # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key HostKey /etc/ssh/ssh_host_ecdsa_key HostKey /etc/ssh/ssh_host_ed25519_key #Privilege Separation is turned on for security UsePrivilegeSeparation yes # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 ServerKeyBits 1024 # Logging SyslogFacility AUTH LogLevel INFO # Authentication: LoginGraceTime 120 #PermitRootLogin prohibit-password PermitRootLogin yes StrictModes yes RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile %h/.ssh/authorized_keys # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes # To enable empty passwords, change to yes (NOT RECOMMENDED) PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Change to no to disable tunnelled clear text passwords #PasswordAuthentication yes # Kerberos options #KerberosAuthentication no #KerberosGetAFSToken no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes X11Forwarding yes X11DisplayOffset 10 PrintMotd no TCPKeepAlive yes #UseLogin no #MaxStartups 10:30:60 #Banner /etc/issue.net # Allow client to pass locale environment variables AcceptEnv LANG LC_* #Subsystem sftp /usr/lib/openssh/sftp-server Subsystem sftp internal-sftp # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM yes ```