-
Notifications
You must be signed in to change notification settings - Fork 3
/
Dockerfile.rhel
53 lines (41 loc) · 2.12 KB
/
Dockerfile.rhel
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
# builder
FROM registry.access.redhat.com/ubi8/ubi:latest as builder
ARG WIREGUARD_VERSION
ARG WIREGUARD_KERNEL_VERSION
ARG WIREGUARD_SHA256
ARG WIREGUARD_LINUX_COMPAT_ARCHIVE_LOCATION
WORKDIR /tmp
ADD ./pki /etc/pki
ADD ./rhsm /etc/rhsm
ADD ./yum.repos.d /etc/yum.repos.d
RUN dnf --disablerepo=* --enablerepo=rhel-8-for-x86_64-baseos-rpms update -y && \
dnf install -y \
libmnl-devel elfutils-libelf-devel findutils binutils boost-atomic boost-chrono \
boost-date-time boost-system boost-thread cpp dyninst efivar-libs gc \
gcc glibc-devel glibc-headers guile isl libatomic_ops libdwarf libmpc \
libpkgconf libtool-ltdl libxcrypt-devel make mokutil pkgconf pkgconf-m4 \
pkgconf-pkg-config unzip zip /usr/bin/pkg-config xz \
kernel-core-${WIREGUARD_KERNEL_VERSION} \
kernel-devel-${WIREGUARD_KERNEL_VERSION} \
kernel-modules-${WIREGUARD_KERNEL_VERSION}
RUN curl -LS ${WIREGUARD_LINUX_COMPAT_ARCHIVE_LOCATION} | \
{ t="$(mktemp)"; trap "rm -f '$t'" INT TERM EXIT; cat >| "$t"; sha256sum --quiet -c <<<"${WIREGUARD_SHA256} $t" \
|| exit 1; cat "$t"; } | tar xJf -
RUN cd /tmp/wireguard-linux-compat-${WIREGUARD_VERSION}/src; \
make KERNELRELEASE=${WIREGUARD_KERNEL_VERSION} -j$(nproc) && \
make install KERNELRELEASE=${WIREGUARD_KERNEL_VERSION}
# base
FROM registry.access.redhat.com/ubi8/ubi:latest
WORKDIR /tmp
ARG WIREGUARD_KERNEL_VERSION
ENV WIREGUARD_KERNEL_VERSION ${WIREGUARD_KERNEL_VERSION}
RUN yum update -y
RUN yum install kmod -y
COPY --from=builder /usr/lib/modules/${WIREGUARD_KERNEL_VERSION}/kernel/net/ipv4/udp_tunnel.ko.xz \
/lib/modules/${WIREGUARD_KERNEL_VERSION}/kernel/net/ipv4/udp_tunnel.ko.xz
COPY --from=builder /usr/lib/modules/${WIREGUARD_KERNEL_VERSION}/kernel/net/ipv6/ip6_udp_tunnel.ko.xz \
/lib/modules/${WIREGUARD_KERNEL_VERSION}/kernel/net/ipv6/ip6_udp_tunnel.ko.xz
COPY --from=builder /usr/lib/modules/${WIREGUARD_KERNEL_VERSION}/extra/wireguard.ko \
/lib/modules/${WIREGUARD_KERNEL_VERSION}/wireguard.ko
RUN depmod -a ${WIREGUARD_KERNEL_VERSION}
CMD /usr/bin/true