-
-
Notifications
You must be signed in to change notification settings - Fork 379
/
Dockerfile
53 lines (48 loc) · 1.74 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
# syntax=docker/dockerfile:1
FROM ghcr.io/linuxserver/baseimage-alpine:3.21
# set version label
ARG BUILD_DATE
ARG VERSION
ARG WIREGUARD_RELEASE
LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}"
LABEL maintainer="thespad"
RUN \
if [ -z ${WIREGUARD_RELEASE+x} ]; then \
WIREGUARD_RELEASE=$(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.21/main/x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \
&& awk '/^P:wireguard-tools$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://'); \
fi && \
echo "**** install dependencies ****" && \
apk add --no-cache \
bc \
coredns \
grep \
iproute2 \
iptables \
iptables-legacy \
ip6tables \
iputils \
kmod \
libcap-utils \
libqrencode-tools \
net-tools \
openresolv \
wireguard-tools==${WIREGUARD_RELEASE} && \
echo "wireguard" >> /etc/modules && \
cd /sbin && \
for i in ! !-save !-restore; do \
rm -rf iptables$(echo "${i}" | cut -c2-) && \
rm -rf ip6tables$(echo "${i}" | cut -c2-) && \
ln -s iptables-legacy$(echo "${i}" | cut -c2-) iptables$(echo "${i}" | cut -c2-) && \
ln -s ip6tables-legacy$(echo "${i}" | cut -c2-) ip6tables$(echo "${i}" | cut -c2-); \
done && \
sed -i 's|\[\[ $proto == -4 \]\] && cmd sysctl -q net\.ipv4\.conf\.all\.src_valid_mark=1|[[ $proto == -4 ]] \&\& [[ $(sysctl -n net.ipv4.conf.all.src_valid_mark) != 1 ]] \&\& cmd sysctl -q net.ipv4.conf.all.src_valid_mark=1|' /usr/bin/wg-quick && \
rm -rf /etc/wireguard && \
ln -s /config/wg_confs /etc/wireguard && \
printf "Linuxserver.io version: ${VERSION}\nBuild-date: ${BUILD_DATE}" > /build_version && \
echo "**** clean up ****" && \
rm -rf \
/tmp/*
# add local files
COPY /root /
# ports and volumes
EXPOSE 51820/udp