47 lines
970 B
Docker
47 lines
970 B
Docker
FROM node:20
|
|
|
|
ARG TZ
|
|
ENV TZ="$TZ"
|
|
|
|
# Install basic development tools and iptables/ipset
|
|
RUN apt update && apt install -y less \
|
|
git \
|
|
procps \
|
|
sudo \
|
|
fzf \
|
|
zsh \
|
|
man-db \
|
|
unzip \
|
|
gnupg2 \
|
|
gh \
|
|
iptables \
|
|
ipset \
|
|
iproute2 \
|
|
dnsutils \
|
|
aggregate \
|
|
jq
|
|
|
|
# Ensure default node user has access to /usr/local/share
|
|
RUN mkdir -p /usr/local/share/npm-global && \
|
|
chown -R node:node /usr/local/share
|
|
|
|
ARG USERNAME=node
|
|
|
|
# Set up non-root user
|
|
USER node
|
|
|
|
# Install global packages
|
|
ENV NPM_CONFIG_PREFIX=/usr/local/share/npm-global
|
|
ENV PATH=$PATH:/usr/local/share/npm-global/bin
|
|
|
|
# Install codex
|
|
COPY dist/codex.tgz codex.tgz
|
|
RUN npm install -g codex.tgz
|
|
|
|
# Copy and set up firewall script
|
|
COPY scripts/init_firewall.sh /usr/local/bin/
|
|
USER root
|
|
RUN chmod +x /usr/local/bin/init_firewall.sh && \
|
|
echo "node ALL=(root) NOPASSWD: /usr/local/bin/init_firewall.sh" > /etc/sudoers.d/node-firewall && \
|
|
chmod 0440 /etc/sudoers.d/node-firewall
|
|
USER node |