276 lines
10 KiB
Markdown
276 lines
10 KiB
Markdown
# Golang Docker 容器的构建
|
|
|
|
## Create.sh
|
|
|
|
```bash
|
|
#!/bin/bash
|
|
docker build -t godocker:1.0 .
|
|
```
|
|
|
|
## Dockerfile
|
|
|
|
```dockerfile
|
|
FROM ubuntu:16.04
|
|
ENV GOROOT=/usr/local/go \
|
|
GOPATH=/go \
|
|
GOBIN=/usr/local/go/bin \
|
|
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/go/bin \
|
|
LANG="zh_CN.UTF-8" \
|
|
LANGUAGE="zh_CN.UTF-8"
|
|
COPY --chown=root:root entrypoint.sh nats-0.0.24-amd64.deb nats-server-v2.3.2-amd64.deb nats-top-v0.4.0-amd64.deb /
|
|
COPY --chown=root:root sshd_config /etc/ssh/
|
|
ADD --chown=root:root bashrc.tar.gz /root
|
|
RUN apt update -y && apt upgrade -y \
|
|
&& apt install -y tzdata \
|
|
&& ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
|
|
&& echo 'Asia/Shanghai' >/etc/timezone \
|
|
&& apt install -y gdb tree cmake wget aria2 vim bison build-essential make gcc gcc-multilib autoconf automake autoconf-archive gnu-standards autoconf-doc libtool-doc libtool gcc-doc global git openssl gnu-efi xz-utils debianutils iputils-ping e2fslibs-dev ccache gawk wget diffstat bc zip unzip chrpath socat texinfo cpio flex minicom xterm gtkterm parted gparted tmux python-crypto python3 python3-pip python3-pexpect libncurses-dev libncurses5-dev libncursesw5-dev libssl-dev libpciaccess-dev uuid-dev libsystemd-dev libevent-dev libxml2-dev libusb-1.0-0-dev liblz4-tool libsdl1.2-dev libssl-dev libblkid-dev libboost-dev libleveldb-dev libgflags-dev libgoogle-glog-dev libblas-dev liblmdb-dev libsnappy-dev libopenblas-dev python-numpy libboost-python-dev gfortran usbutils pciutils openssh-server locales language-pack-zh-han* \
|
|
&& apt install -y gcc-arm-linux-gnueabihf g++-arm-linux-gnueabihf gcc-arm-none-eabi gdb-arm-none-eabi \
|
|
&& wget https://golang.google.cn/dl/go1.16.6.linux-amd64.tar.gz \
|
|
&& tar -xf go1.16.6.linux-amd64.tar.gz -C /usr/local/ && rm -rf go1.16.6.linux-amd64.tar.gz \
|
|
&& go env -w GO111MODULE=on \
|
|
&& go env -w GOPROXY=https://goproxy.cn \
|
|
&& go get -v github.com/ramya-rao-a/go-outline && go install github.com/ramya-rao-a/go-outline@latest \
|
|
&& go get -v github.com/go-delve/delve/cmd/dlv && go install github.com/go-delve/delve/cmd/dlv@latest \
|
|
&& go get -v github.com/mdempsky/gocode && go install github.com/mdempsky/gocode@latest \
|
|
&& go get -v github.com/uudashr/gopkgs/v2/cmd/gopkgs && go install github.com/uudashr/gopkgs/v2/cmd/gopkgs@latest \
|
|
&& go get -v github.com/rogpeppe/godef && go install github.com/rogpeppe/godef@latest \
|
|
&& go get -v github.com/sqs/goreturns && go install github.com/sqs/goreturns@latest \
|
|
&& go get -v github.com/cweill/gotests/gotests && go install github.com/cweill/gotests/gotests@latest \
|
|
&& go get -v github.com/fatih/gomodifytags && go install github.com/fatih/gomodifytags@latest \
|
|
&& go get -v github.com/josharian/impl && go install github.com/josharian/impl@latest \
|
|
&& go get -v github.com/haya14busa/goplay/cmd/goplay && go install github.com/haya14busa/goplay/cmd/goplay@latest \
|
|
&& go get -v honnef.co/go/tools/cmd/staticcheck && go install honnef.co/go/tools/cmd/staticcheck@latest \
|
|
&& go get -v golang.org/x/tools/gopls && go install golang.org/x/tools/gopls@latest \
|
|
&& go get -v golang.org/x/tools/cmd/godoc && go install golang.org/x/tools/cmd/godoc@latest \
|
|
&& apt install -y /nats-0.0.24-amd64.deb && rm -rf /nats-0.0.24-amd64.deb \
|
|
&& apt install -y /nats-server-v2.3.2-amd64.deb && rm -rf /nats-server-v2.3.2-amd64.deb \
|
|
&& apt install -y /nats-top-v0.4.0-amd64.deb && rm -rf /nats-top-v0.4.0-amd64.deb
|
|
ENTRYPOINT ["/entrypoint.sh"]
|
|
```
|
|
|
|
## .bashrc
|
|
|
|
```bash
|
|
# ~/.bashrc: executed by bash(1) for non-login shells.
|
|
# see /usr/share/doc/bash/examples/startup-files (in the package bash-doc)
|
|
# for examples
|
|
|
|
# If not running interactively, don't do anything
|
|
case $- in
|
|
*i*) ;;
|
|
*) return;;
|
|
esac
|
|
|
|
# don't put duplicate lines or lines starting with space in the history.
|
|
# See bash(1) for more options
|
|
HISTCONTROL=ignoreboth
|
|
|
|
# append to the history file, don't overwrite it
|
|
shopt -s histappend
|
|
|
|
# for setting history length see HISTSIZE and HISTFILESIZE in bash(1)
|
|
HISTSIZE=1000
|
|
HISTFILESIZE=2000
|
|
|
|
# check the window size after each command and, if necessary,
|
|
# update the values of LINES and COLUMNS.
|
|
shopt -s checkwinsize
|
|
|
|
# If set, the pattern "**" used in a pathname expansion context will
|
|
# match all files and zero or more directories and subdirectories.
|
|
#shopt -s globstar
|
|
|
|
# make less more friendly for non-text input files, see lesspipe(1)
|
|
#[ -x /usr/bin/lesspipe ] && eval "$(SHELL=/bin/sh lesspipe)"
|
|
|
|
# set variable identifying the chroot you work in (used in the prompt below)
|
|
if [ -z "${debian_chroot:-}" ] && [ -r /etc/debian_chroot ]; then
|
|
debian_chroot=$(cat /etc/debian_chroot)
|
|
fi
|
|
|
|
# set a fancy prompt (non-color, unless we know we "want" color)
|
|
case "$TERM" in
|
|
xterm-color|*-256color) color_prompt=yes;;
|
|
esac
|
|
|
|
# uncomment for a colored prompt, if the terminal has the capability; turned
|
|
# off by default to not distract the user: the focus in a terminal window
|
|
# should be on the output of commands, not on the prompt
|
|
#force_color_prompt=yes
|
|
|
|
if [ -n "$force_color_prompt" ]; then
|
|
if [ -x /usr/bin/tput ] && tput setaf 1 >&/dev/null; then
|
|
# We have color support; assume it's compliant with Ecma-48
|
|
# (ISO/IEC-6429). (Lack of such support is extremely rare, and such
|
|
# a case would tend to support setf rather than setaf.)
|
|
color_prompt=yes
|
|
else
|
|
color_prompt=
|
|
fi
|
|
fi
|
|
|
|
if [ "$color_prompt" = yes ]; then
|
|
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
|
|
else
|
|
PS1='${debian_chroot:+($debian_chroot)}\u@\h:\w\$ '
|
|
fi
|
|
unset color_prompt force_color_prompt
|
|
|
|
# If this is an xterm set the title to user@host:dir
|
|
case "$TERM" in
|
|
xterm*|rxvt*)
|
|
PS1="\[\e]0;${debian_chroot:+($debian_chroot)}\u@\h: \w\a\]$PS1"
|
|
;;
|
|
*)
|
|
;;
|
|
esac
|
|
|
|
# enable color support of ls and also add handy aliases
|
|
if [ -x /usr/bin/dircolors ]; then
|
|
test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dircolors -b)"
|
|
alias ls='ls --color=auto'
|
|
#alias dir='dir --color=auto'
|
|
#alias vdir='vdir --color=auto'
|
|
|
|
#alias grep='grep --color=auto'
|
|
#alias fgrep='fgrep --color=auto'
|
|
#alias egrep='egrep --color=auto'
|
|
fi
|
|
|
|
# colored GCC warnings and errors
|
|
#export GCC_COLORS='error=01;31:warning=01;35:note=01;36:caret=01;32:locus=01:quote=01'
|
|
|
|
# some more ls aliases
|
|
#alias ll='ls -l'
|
|
#alias la='ls -A'
|
|
#alias l='ls -CF'
|
|
|
|
# Alias definitions.
|
|
# You may want to put all your additions into a separate file like
|
|
# ~/.bash_aliases, instead of adding them here directly.
|
|
# See /usr/share/doc/bash-doc/examples in the bash-doc package.
|
|
|
|
if [ -f ~/.bash_aliases ]; then
|
|
. ~/.bash_aliases
|
|
fi
|
|
|
|
# enable programmable completion features (you don't need to enable
|
|
# this, if it's already enabled in /etc/bash.bashrc and /etc/profile
|
|
# sources /etc/bash.bashrc).
|
|
if ! shopt -oq posix; then
|
|
if [ -f /usr/share/bash-completion/bash_completion ]; then
|
|
. /usr/share/bash-completion/bash_completion
|
|
elif [ -f /etc/bash_completion ]; then
|
|
. /etc/bash_completion
|
|
fi
|
|
fi
|
|
|
|
# Codespaces bash prompt theme
|
|
__bash_prompt() {
|
|
PS1='${debian_chroot:+($debian_chroot)}\[\033[00m\][\[\033[0;32m\]\u\[\033[00m\]:\[\033[1;31m\]\h\[\033[00m\]] \[\033[1;34m\]\W\[\033[00m\]\$ '
|
|
unset -f __bash_prompt
|
|
}
|
|
__bash_prompt
|
|
export PROMPT_DIRTRIM=4
|
|
export PATH=/usr/local/go/bin:$PATH
|
|
export LANG="zh_CN.UTF-8"
|
|
export LANGUAGE="zh_CN.UTF-8"
|
|
|
|
alias ls='ls --color=auto'
|
|
alias ll='ls -alF'
|
|
alias la='ls -A'
|
|
alias l='ls -CF'
|
|
alias dir='dir --color=auto'
|
|
alias vidr='vdir --color=auto'
|
|
alias grep='grep --color=auto'
|
|
alias fgrep='fgrep --color=auto'
|
|
alias egrep='egrep --color=auto'
|
|
```
|
|
|
|
## entrypoint.sh
|
|
|
|
```bash
|
|
#!/bin/bash
|
|
service ssh start
|
|
exec $@
|
|
```
|
|
|
|
## sshd_config
|
|
|
|
```bash
|
|
# Package generated configuration file
|
|
# See the sshd_config(5) manpage for details
|
|
# What ports, IPs and protocols we listen for
|
|
Port 22
|
|
# Use these options to restrict which interfaces/protocols sshd will bind to
|
|
#ListenAddress ::
|
|
#ListenAddress 0.0.0.0
|
|
Protocol 2
|
|
# HostKeys for protocol version 2
|
|
HostKey /etc/ssh/ssh_host_rsa_key
|
|
HostKey /etc/ssh/ssh_host_dsa_key
|
|
HostKey /etc/ssh/ssh_host_ecdsa_key
|
|
HostKey /etc/ssh/ssh_host_ed25519_key
|
|
#Privilege Separation is turned on for security
|
|
UsePrivilegeSeparation yes
|
|
# Lifetime and size of ephemeral version 1 server key
|
|
KeyRegenerationInterval 3600
|
|
ServerKeyBits 1024
|
|
# Logging
|
|
SyslogFacility AUTH
|
|
LogLevel INFO
|
|
# Authentication:
|
|
LoginGraceTime 120
|
|
#PermitRootLogin prohibit-password
|
|
PermitRootLogin yes
|
|
StrictModes yes
|
|
RSAAuthentication yes
|
|
PubkeyAuthentication yes
|
|
#AuthorizedKeysFile %h/.ssh/authorized_keys
|
|
# Don't read the user's ~/.rhosts and ~/.shosts files
|
|
IgnoreRhosts yes
|
|
# For this to work you will also need host keys in /etc/ssh_known_hosts
|
|
RhostsRSAAuthentication no
|
|
# similar for protocol version 2
|
|
HostbasedAuthentication no
|
|
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
|
|
#IgnoreUserKnownHosts yes
|
|
# To enable empty passwords, change to yes (NOT RECOMMENDED)
|
|
PermitEmptyPasswords no
|
|
# Change to yes to enable challenge-response passwords (beware issues with
|
|
# some PAM modules and threads)
|
|
ChallengeResponseAuthentication no
|
|
# Change to no to disable tunnelled clear text passwords
|
|
#PasswordAuthentication yes
|
|
# Kerberos options
|
|
#KerberosAuthentication no
|
|
#KerberosGetAFSToken no
|
|
#KerberosOrLocalPasswd yes
|
|
#KerberosTicketCleanup yes
|
|
# GSSAPI options
|
|
#GSSAPIAuthentication no
|
|
#GSSAPICleanupCredentials yes
|
|
X11Forwarding yes
|
|
X11DisplayOffset 10
|
|
PrintMotd no
|
|
TCPKeepAlive yes
|
|
#UseLogin no
|
|
#MaxStartups 10:30:60
|
|
#Banner /etc/issue.net
|
|
# Allow client to pass locale environment variables
|
|
AcceptEnv LANG LC_*
|
|
#Subsystem sftp /usr/lib/openssh/sftp-server
|
|
Subsystem sftp internal-sftp
|
|
# Set this to 'yes' to enable PAM authentication, account processing,
|
|
# and session processing. If this is enabled, PAM authentication will
|
|
# be allowed through the ChallengeResponseAuthentication and
|
|
# PasswordAuthentication. Depending on your PAM configuration,
|
|
# PAM authentication via ChallengeResponseAuthentication may bypass
|
|
# the setting of "PermitRootLogin without-password".
|
|
# If you just want the PAM account and session checks to run without
|
|
# PAM authentication, then enable this but set PasswordAuthentication
|
|
# and ChallengeResponseAuthentication to 'no'.
|
|
UsePAM yes
|
|
```
|