From: Matthew Newton Date: Wed, 1 May 2024 15:46:49 +0000 (+0100) Subject: regenerate all dockerfiles (normal and crossbuild) X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=cd5e5d5acb67d8ec48b4d54df74779da4a6e6643;p=thirdparty%2Ffreeradius-server.git regenerate all dockerfiles (normal and crossbuild) add: - debian12 - ubuntu22 - ubuntu24 - rocky8 - rocky9 remove: - centos7 - debian9 - debian10 - ubuntu18 --- diff --git a/scripts/docker/build-centos7/Dockerfile b/scripts/docker/build-centos7/Dockerfile deleted file mode 100644 index 7a273e59f44..00000000000 --- a/scripts/docker/build-centos7/Dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -ARG from=freeradius/centos7-deps -FROM ${from} - -SHELL ["/usr/bin/nice", "-n", "5", "/usr/bin/ionice", "-c", "3", "/bin/sh", "-x", "-c"] - -ARG cc=gcc -ARG branch=master -ARG dh_key_size=2048 - -WORKDIR /usr/local/src/repositories/freeradius-server -RUN git checkout ${branch} -RUN CC=${cc} scl enable devtoolset-8 './configure --prefix=/opt/freeradius --with-jsonc-lib-dir=/opt/nwkrad/lib64 --with-jsonc-include-dir=/opt/nwkrad/include --with-openssl-lib-dir=/opt/nwkrad/lib64 --with-openssl-include-dir=/opt/nwkrad/include' -RUN scl enable devtoolset-8 'make -j$(($(getconf _NPROCESSORS_ONLN) + 1))' -RUN scl enable devtoolset-8 'make install' -WORKDIR /opt/freeradius/etc/raddb -RUN sed -i -e 's/allow_vulnerable_openssl.*/allow_vulnerable_openssl = yes/' radiusd.conf -RUN make -C certs DH_KEY_SIZE=$dh_key_size -WORKDIR / - -FROM ${from} -COPY --from=0 /opt/freeradius /opt/freeradius - -EXPOSE 1812/udp 1813/udp -CMD ["/opt/freeradius/sbin/radiusd", "-f"] diff --git a/scripts/docker/build-centos7/Dockerfile.deps b/scripts/docker/build-centos7/Dockerfile.deps deleted file mode 100644 index 87ceb9259f9..00000000000 --- a/scripts/docker/build-centos7/Dockerfile.deps +++ /dev/null @@ -1,137 +0,0 @@ -FROM centos:centos7 - -# -# Install devtools like make and git and the EPEL -# repository for freetds and hiredis -# -RUN yum update -y -RUN yum install -y \ - epel-release \ - git \ - openssl \ - rpmdevtools \ - rsync \ - wget \ - yum-utils \ -# which is required by fixture setup utilities - which \ -# libnl3-devel is required for the EAP tests - libnl3-devel \ -# For debugging (e.g. in crossbuild) - gdb \ - less \ - vim - - -# -# Install GCC that has the requisite support for C11 keywords and atomics -# -RUN yum install -y \ - centos-release-scl -RUN yum install -y \ - devtoolset-8-gcc \ - devtoolset-8-gcc-c++ \ - devtoolset-8-make -ENV CC=/opt/rh/devtoolset-8/root/usr/bin/gcc - -# -# Remove the CentOS-SCLo repo which is apparently not valid? -# See: https://bugs.centos.org/view.php?id=14773 -# -RUN rm /etc/yum.repos.d/CentOS-SCLo-scl-rh.repo -RUN rm /etc/yum.repos.d/CentOS-SCLo-scl.repo - - -# -# Documentation build dependencies -# - -# - doxygen & JSON.pm -RUN yum install -y \ - doxygen \ - graphviz \ - perl-JSON -# - antora (npm needed) -RUN bash -c "$(wget -O - https://rpm.nodesource.com/setup_14.x)" && \ - yum install -y \ - nodejs -RUN npm i -g @antora/cli@2.1 @antora/site-generator-default@2.1 -# - pandoc -RUN curl -o - -L $(curl -s https://api.github.com/repos/jgm/pandoc/releases/latest | grep "browser_download_url.*amd64.tar.gz" | cut -d '"' -f 4) | tar xzvf - -C /tmp/ -RUN mv /tmp/pandoc-*/bin/* /usr/local/bin -# - asciidoctor -RUN yum install -y \ - rubygems-devel -RUN gem install asciidoctor - - -# -# Completely remove the defunct nodesource-source repo -# as it breaks yum-builddep -# https://github.com/nodesource/distributions/issues/998 -# https://github.com/nodesource/distributions/issues/576 -# -RUN awk '/nodesource-source/{T=1}//{if (!T){print}}' /etc/yum.repos.d/nodesource-el7.repo > \ - /etc/yum.repos.d/nodesource-el7.repo.new && \ - mv /etc/yum.repos.d/nodesource-el7.repo.new /etc/yum.repos.d/nodesource-el7.repo - -# -# Setup a src dir in /usr/local -# -RUN mkdir -p /usr/local/src/repositories -WORKDIR /usr/local/src/repositories - - -# -# Set up NetworkRADIUS extras repository -# -RUN echo $'[networkradius-extras]\n\ -name=NetworkRADIUS-extras-$releasever\n\ -baseurl=http://packages.networkradius.com/extras/centos/$releasever/\n\ -enabled=1\n\ -gpgcheck=1\n\ -gpgkey=https://packages.networkradius.com/pgp/packages@networkradius.com'\ -> /etc/yum.repos.d/networkradius-extras.repo -RUN rpm --import https://packages.networkradius.com/pgp/packages@networkradius.com - - -# -# Use LTB's openldap packages instead of the distribution version to avoid linking against NSS -# -RUN echo $'[ltb-project]\n\ -name=LTB project packages\n\ -baseurl=https://ltb-project.org/rpm/$releasever/$basearch\n\ -enabled=1\n\ -gpgcheck=1\n\ -gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project'\ -> /etc/yum.repos.d/ltb-project.repo -RUN rpm --import https://www.ltb-project.org/documentation/_static/RPM-GPG-KEY-LTB-project - -# -# Shallow clone the FreeRADIUS source -# -WORKDIR /usr/local/src/repositories -ARG source=https://github.com/FreeRADIUS/freeradius-server.git -ARG branch=master -RUN git clone --depth 1 --no-single-branch -b ${branch} ${source} - - -# -# Install build dependencies for all branches from v3 onwards -# -WORKDIR freeradius-server -RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^(v[3-9]*\.[0-9x]*\.x|master|${branch})$" | sort -u);\ - do \ - echo "BRANCH $i"; \ - git checkout $i; \ - [ -e redhat/freeradius.spec ] && yum-builddep -y redhat/freeradius.spec; \ - done - - -# -# Create the RPM build tree -# -ENV BUILDDIR=/root/rpmbuild -RUN rpmdev-setuptree - -RUN printf 'PATH=/opt/rh/$(scl -l)/root/usr/bin:$PATH\nexport PATH\n' > /etc/profile.d/devtoolset.sh diff --git a/scripts/docker/build-debian10/Dockerfile b/scripts/docker/build-debian10/Dockerfile deleted file mode 100644 index 83f32276843..00000000000 --- a/scripts/docker/build-debian10/Dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -ARG from=freeradius/debian10-deps -FROM ${from} - -SHELL ["/usr/bin/nice", "-n", "5", "/usr/bin/ionice", "-c", "3", "/bin/sh", "-x", "-c"] - -ARG cc=gcc -ARG branch=master -ARG dh_key_size=2048 - -WORKDIR /usr/local/src/repositories/freeradius-server -RUN git checkout ${branch} -RUN CC=${cc} ./configure --prefix=/opt/freeradius -RUN make -j$(($(getconf _NPROCESSORS_ONLN) + 1)) -RUN make install -WORKDIR /opt/freeradius/etc/raddb -RUN sed -i -e 's/allow_vulnerable_openssl.*/allow_vulnerable_openssl = yes/' radiusd.conf -RUN make -C certs DH_KEY_SIZE=$dh_key_size -WORKDIR / - -FROM ${from} -COPY --from=0 /opt/freeradius /opt/freeradius - -EXPOSE 1812/udp 1813/udp -CMD ["/opt/freeradius/sbin/radiusd", "-f"] diff --git a/scripts/docker/build-debian11/Dockerfile b/scripts/docker/build-debian11/Dockerfile deleted file mode 100644 index 2a24e410ffd..00000000000 --- a/scripts/docker/build-debian11/Dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -ARG from=freeradius/debian11-deps -FROM ${from} - -SHELL ["/usr/bin/nice", "-n", "5", "/usr/bin/ionice", "-c", "3", "/bin/sh", "-x", "-c"] - -ARG cc=gcc -ARG branch=master -ARG dh_key_size=2048 - -WORKDIR /usr/local/src/repositories/freeradius-server -RUN git checkout ${branch} -RUN CC=${cc} ./configure --prefix=/opt/freeradius -RUN make -j$(($(getconf _NPROCESSORS_ONLN) + 1)) -RUN make install -WORKDIR /opt/freeradius/etc/raddb -RUN sed -i -e 's/allow_vulnerable_openssl.*/allow_vulnerable_openssl = yes/' radiusd.conf -RUN make -C certs DH_KEY_SIZE=$dh_key_size -WORKDIR / - -FROM ${from} -COPY --from=0 /opt/freeradius /opt/freeradius - -EXPOSE 1812/udp 1813/udp -CMD ["/opt/freeradius/sbin/radiusd", "-f"] diff --git a/scripts/docker/build-debian9/Dockerfile b/scripts/docker/build-debian9/Dockerfile deleted file mode 100644 index 81c105ef1ac..00000000000 --- a/scripts/docker/build-debian9/Dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -ARG from=freeradius/debian9-deps -FROM ${from} - -SHELL ["/usr/bin/nice", "-n", "5", "/usr/bin/ionice", "-c", "3", "/bin/sh", "-x", "-c"] - -ARG cc=gcc -ARG branch=master -ARG dh_key_size=2048 - -WORKDIR /usr/local/src/repositories/freeradius-server -RUN git checkout ${branch} -RUN CC=${cc} ./configure --prefix=/opt/freeradius -RUN make -j$(($(getconf _NPROCESSORS_ONLN) + 1)) -RUN make install -WORKDIR /opt/freeradius/etc/raddb -RUN sed -i -e 's/allow_vulnerable_openssl.*/allow_vulnerable_openssl = yes/' radiusd.conf -RUN make -C certs DH_KEY_SIZE=$dh_key_size -WORKDIR / - -FROM ${from} -COPY --from=0 /opt/freeradius /opt/freeradius - -EXPOSE 1812/udp 1813/udp -CMD ["/opt/freeradius/sbin/radiusd", "-f"] diff --git a/scripts/docker/build-debian9/Dockerfile.deps b/scripts/docker/build-debian9/Dockerfile.deps deleted file mode 100644 index c2174683762..00000000000 --- a/scripts/docker/build-debian9/Dockerfile.deps +++ /dev/null @@ -1,99 +0,0 @@ -FROM debian:9-slim - -SHELL ["/usr/bin/nice", "-n", "5", "/usr/bin/ionice", "-c", "3", "/bin/sh", "-x", "-c"] - -ARG osname=stretch -ONBUILD ARG osname=${osname} - -ARG APT_OPTS="-y --option=Dpkg::options::=--force-unsafe-io --no-install-recommends" - -ARG DEBIAN_FRONTEND=noninteractive - -RUN apt-get update && \ -# Development utilities - apt-get install $APT_OPTS \ - apt-transport-https \ - devscripts \ - equivs \ - git \ - gnupg2 \ - lsb-release \ - procps \ - quilt \ - rsync \ - software-properties-common \ - wget \ -# eapol_test dependencies - libnl-3-dev \ - libnl-genl-3-dev \ -# For debugging (e.g. in crossbuild) - gdb \ - less \ - vim \ -# Compilers - g++ && \ - bash -c "$(wget -O - https://apt.llvm.org/llvm.sh)" - - -# -# Documentation build dependencies -# - -# - doxygen & JSON.pm -RUN apt-get install $APT_OPTS \ - doxygen \ - graphviz \ - libjson-perl -# - antora (npm needed) -RUN bash -c "$(wget -O - https://deb.nodesource.com/setup_14.x)" && \ - apt-get install $APT_OPTS \ - nodejs -RUN npm i -g @antora/cli@2.1 @antora/site-generator-default@2.1 -# - pandoc -RUN wget $(wget -qO - https://api.github.com/repos/jgm/pandoc/releases/latest | sed -ne 's/.*"browser_download_url".*"\(.*amd64\.deb\)"/\1/ p') && \ - find . -mindepth 1 -maxdepth 1 -type f -name 'pandoc-*.deb' -print0 | \ - xargs -0 -r apt-get install $APT_OPTS && \ - find . -mindepth 1 -maxdepth 1 -type f -name 'pandoc-*.deb' -delete -# - asciidoctor -RUN apt-get install $APT_OPTS \ - ruby -RUN gem install asciidoctor - - -# -# Setup a src dir in /usr/local -# -RUN mkdir -p /usr/local/src/repositories -WORKDIR /usr/local/src/repositories - - -# -# Set up NetworkRADIUS extras repository -# -RUN wget -O - "https://packages.networkradius.com/pgp/packages%40networkradius.com" | apt-key add && \ - echo "deb http://packages.networkradius.com/extras/debian/stretch stretch main" >> /etc/apt/sources.list.d/networkradius-extras.list && \ - apt-get update - - -# -# Shallow clone the FreeRADIUS source -# -WORKDIR /usr/local/src/repositories -ARG source=https://github.com/FreeRADIUS/freeradius-server.git -ARG branch=master -RUN git clone --depth 1 --no-single-branch -b ${branch} ${source} - - -# -# Install build dependencies for all branches from v3 onwards -# -WORKDIR freeradius-server -RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^(v[3-9]*\.[0-9x]*\.x|master|${branch})$" | sort -u); \ - do \ - git checkout $i; \ - if [ -e ./debian/control.in ] ; then \ - debian/rules debian/control ; \ - fi ; \ - mk-build-deps -irt"apt-get -o Debug::pkgProblemResolver=yes $APT_OPTS" debian/control ; \ - apt-get -y remove libiodbc2-dev ; \ - done diff --git a/scripts/docker/build-debian9/README b/scripts/docker/build-debian9/README deleted file mode 100644 index f7a6135061e..00000000000 --- a/scripts/docker/build-debian9/README +++ /dev/null @@ -1,15 +0,0 @@ - -Build source image - - docker build . -f Dockerfile.source -t freeradius:debian9-source - -Then either build and run jenkins image - - docker build . -f Dockerfile.jenkins -t freeradius:debian9-jenkins - docker run -d -p 2222:22 freeradius:debian9-jenkins - -or build and run the server - - docker build . -t freeradius:debian9 - docker run -d -p 1812:1812/udp -p 1813:1813/udp freeradius:debian9 - diff --git a/scripts/docker/build-debiansid/Dockerfile b/scripts/docker/build-debiansid/Dockerfile deleted file mode 100644 index f96c7b6e091..00000000000 --- a/scripts/docker/build-debiansid/Dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -ARG from=freeradius/debiansid-deps -FROM ${from} - -SHELL ["/usr/bin/nice", "-n", "5", "/usr/bin/ionice", "-c", "3", "/bin/sh", "-x", "-c"] - -ARG cc=gcc -ARG branch=master -ARG dh_key_size=2048 - -WORKDIR /usr/local/src/repositories/freeradius-server -RUN git checkout ${branch} -RUN CC=${cc} ./configure --prefix=/opt/freeradius -RUN make -j$(($(getconf _NPROCESSORS_ONLN) + 1)) -RUN make install -WORKDIR /opt/freeradius/etc/raddb -RUN sed -i -e 's/allow_vulnerable_openssl.*/allow_vulnerable_openssl = yes/' radiusd.conf -RUN make -C certs DH_KEY_SIZE=$dh_key_size -WORKDIR / - -FROM ${from} -COPY --from=0 /opt/freeradius /opt/freeradius - -EXPOSE 1812/udp 1813/udp -CMD ["/opt/freeradius/sbin/radiusd", "-f"] diff --git a/scripts/docker/build-ubuntu18/Dockerfile b/scripts/docker/build-ubuntu18/Dockerfile deleted file mode 100644 index 8fb43fb3ca2..00000000000 --- a/scripts/docker/build-ubuntu18/Dockerfile +++ /dev/null @@ -1,24 +0,0 @@ -ARG from=freeradius/ubuntu18-deps -FROM ${from} - -SHELL ["/usr/bin/nice", "-n", "5", "/usr/bin/ionice", "-c", "3", "/bin/sh", "-x", "-c"] - -ARG cc=gcc -ARG branch=master -ARG dh_key_size=2048 - -WORKDIR /usr/local/src/repositories/freeradius-server -RUN git checkout ${branch} -RUN CC=${cc} ./configure --prefix=/opt/freeradius -RUN make -j$(($(getconf _NPROCESSORS_ONLN) + 1)) -RUN make install -WORKDIR /opt/freeradius/etc/raddb -RUN sed -i -e 's/allow_vulnerable_openssl.*/allow_vulnerable_openssl = yes/' radiusd.conf -RUN make -C certs DH_KEY_SIZE=$dh_key_size -WORKDIR / - -FROM ${from} -COPY --from=0 /opt/freeradius /opt/freeradius - -EXPOSE 1812/udp 1813/udp -CMD ["/opt/freeradius/sbin/radiusd", "-f"] diff --git a/scripts/docker/build-ubuntu20/Dockerfile b/scripts/docker/build-ubuntu20/Dockerfile deleted file mode 100644 index e6b89a65e17..00000000000 --- a/scripts/docker/build-ubuntu20/Dockerfile +++ /dev/null @@ -1,25 +0,0 @@ -ARG from=freeradius/ubuntu20-deps -FROM ${from} - -SHELL ["/usr/bin/nice", "-n", "5", "/usr/bin/ionice", "-c", "3", "/bin/sh", "-x", "-c"] - -ARG cc=gcc -ARG branch=master -ARG dh_key_size=2048 - -WORKDIR /usr/local/src/repositories/freeradius-server -RUN git checkout ${branch} -RUN CC=${cc} ./configure --prefix=/opt/freeradius -RUN make -j$(($(getconf _NPROCESSORS_ONLN) + 1)) -RUN make install -WORKDIR /opt/freeradius/etc/raddb -RUN sed -i -e 's/allow_vulnerable_openssl.*/allow_vulnerable_openssl = yes/' radiusd.conf -RUN make -C certs DH_KEY_SIZE=$dh_key_size -WORKDIR / - -FROM ${from} -COPY --from=0 /opt/freeradius /opt/freeradius - -EXPOSE 1812/udp 1813/udp -ENV LD_LIBRARY_PATH=/opt/freeradius/lib -CMD ["/opt/freeradius/sbin/radiusd", "-f"] diff --git a/scripts/docker/build-ubuntu20/Dockerfile.deps b/scripts/docker/build-ubuntu20/Dockerfile.deps deleted file mode 100644 index 2c10af80bda..00000000000 --- a/scripts/docker/build-ubuntu20/Dockerfile.deps +++ /dev/null @@ -1,100 +0,0 @@ -FROM ubuntu:20.04 - -SHELL ["/usr/bin/nice", "-n", "5", "/usr/bin/ionice", "-c", "3", "/bin/sh", "-x", "-c"] - -ARG osname=focal -ONBUILD ARG osname=${osname} - -ARG APT_OPTS="-y --option=Dpkg::options::=--force-unsafe-io --no-install-recommends" - -ARG DEBIAN_FRONTEND=noninteractive - -RUN apt-get update && \ -# Development utilities - apt-get install $APT_OPTS \ - devscripts \ - equivs \ - git \ - gnupg2 \ - lsb-release \ - procps \ - quilt \ - rsync \ - software-properties-common \ - wget \ -# eapol_test dependencies - libnl-3-dev \ - libnl-genl-3-dev \ -# For debugging (e.g. in crossbuild) - gdb \ - less \ - vim \ -# Compilers - clang \ - g++ \ - lldb \ - llvm - - -# -# Documentation build dependencies -# - -# - doxygen & JSON.pm -RUN apt-get install $APT_OPTS \ - doxygen \ - graphviz \ - libjson-perl -# - antora (npm needed) -RUN bash -c "$(wget -O - https://deb.nodesource.com/setup_14.x)" && \ - apt-get install $APT_OPTS \ - nodejs -RUN npm i -g @antora/cli@2.1 @antora/site-generator-default@2.1 -# - pandoc -RUN wget $(wget -qO - https://api.github.com/repos/jgm/pandoc/releases/latest | sed -ne 's/.*"browser_download_url".*"\(.*amd64\.deb\)"/\1/ p') && \ - find . -mindepth 1 -maxdepth 1 -type f -name 'pandoc-*.deb' -print0 | \ - xargs -0 -r apt-get install $APT_OPTS && \ - find . -mindepth 1 -maxdepth 1 -type f -name 'pandoc-*.deb' -delete -# - asciidoctor -RUN apt-get install $APT_OPTS \ - ruby -RUN gem install asciidoctor - - -# -# Setup a src dir in /usr/local -# -RUN mkdir -p /usr/local/src/repositories -WORKDIR /usr/local/src/repositories - - -# -# Set up NetworkRADIUS extras repository -# -RUN wget -O - "https://packages.networkradius.com/pgp/packages%40networkradius.com" | apt-key add && \ - echo "deb http://packages.networkradius.com/extras/ubuntu/focal focal main" > /etc/apt/sources.list.d/networkradius-extras.list && \ - apt-get update - - -# -# Shallow clone the FreeRADIUS source -# -WORKDIR /usr/local/src/repositories -ARG source=https://github.com/FreeRADIUS/freeradius-server.git -ARG branch=master -RUN git clone --depth 1 --no-single-branch -b ${branch} ${source} - - -# -# Install build dependencies for all branches from v3 onwards -# -WORKDIR freeradius-server -RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^(v[3-9]*\.[0-9x]*\.x|master|${branch})$" | sort -u); \ - do \ - git checkout $i; \ - if [ -e ./debian/control.in ] ; then \ - debian/rules debian/control ; \ - fi ; \ - mk-build-deps -irt"apt-get -o Debug::pkgProblemResolver=yes $APT_OPTS" debian/control ; \ - apt-get -y remove libiodbc2-dev ; \ - done diff --git a/scripts/docker/build/debian11/Dockerfile b/scripts/docker/build/debian11/Dockerfile new file mode 100644 index 00000000000..e622e8a572c --- /dev/null +++ b/scripts/docker/build/debian11/Dockerfile @@ -0,0 +1,97 @@ +# Auto generated for debian11 +# from scripts/docker/m4/docker.deb.m4 +# +# Rebuild this file with `make docker.debian11.regen` +# +ARG from=debian:bullseye +FROM ${from} as build + +ARG DEBIAN_FRONTEND=noninteractive + +# +# Install build tools +# +RUN apt-get update +RUN apt-get install -y devscripts equivs git quilt gcc curl + +# +# Set up NetworkRADIUS extras repository +# +RUN install -d -o root -g root -m 0755 /etc/apt/keyrings \ + && curl -o /etc/apt/keyrings/packages.networkradius.com.asc "https://packages.networkradius.com/pgp/packages%40networkradius.com" \ + && echo "deb [signed-by=/etc/apt/keyrings/packages.networkradius.com.asc] http://packages.networkradius.com/extras/debian/bullseye bullseye main" > /etc/apt/sources.list.d/networkradius-extras.list \ + && apt-get update + +# +# Create build directory +# +RUN mkdir -p /usr/local/src/repositories/freeradius-server +WORKDIR /usr/local/src/repositories/freeradius-server/ + +# +# Copy the FreeRADIUS directory in +# +COPY . . + +# +# Clean up tree - we want to build from the latest commit, not from +# any cruft left around on the local system +# +RUN git clean -fdxx \ + && git reset --hard HEAD + +# +# Install build dependencies +# +RUN if [ -e ./debian/control.in ]; then \ + debian/rules debian/control; \ + fi; \ + echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control + +# +# Build the server +# +RUN make -j$(nproc) deb + +# +# Clean environment and run the server +# +FROM ${from} +ARG DEBIAN_FRONTEND=noninteractive + +COPY --from=build /usr/local/src/repositories/*.deb /tmp/ + +# +# We need curl to get the signing key +# +RUN apt-get update \ + && apt-get install -y curl \ + && apt-get clean \ + && rm -r /var/lib/apt/lists/* + +# +# Set up NetworkRADIUS extras repository +# +RUN install -d -o root -g root -m 0755 /etc/apt/keyrings \ + && curl -o /etc/apt/keyrings/packages.networkradius.com.asc "https://packages.networkradius.com/pgp/packages%40networkradius.com" \ + && echo "deb [signed-by=/etc/apt/keyrings/packages.networkradius.com.asc] http://packages.networkradius.com/extras/debian/bullseye bullseye main" > /etc/apt/sources.list.d/networkradius-extras.list + +ARG freerad_uid=101 +ARG freerad_gid=101 + +RUN groupadd -g ${freerad_gid} -r freerad \ + && useradd -u ${freerad_uid} -g freerad -r -M -d /etc/freeradius -s /usr/sbin/nologin freerad \ + && apt-get update \ + && apt-get install -y /tmp/*.deb \ + && apt-get clean \ + && rm -r /var/lib/apt/lists/* /tmp/*.deb \ + \ + && ln -s /etc/freeradius /etc/raddb + +WORKDIR / +COPY scripts/docker/etc/docker-entrypoint.sh.deb docker-entrypoint.sh +RUN chmod +x docker-entrypoint.sh + +EXPOSE 1812/udp 1813/udp +ENTRYPOINT ["/docker-entrypoint.sh"] +CMD ["freeradius"] diff --git a/scripts/docker/build-debian10/Dockerfile.deps b/scripts/docker/build/debian11/Dockerfile.cb similarity index 60% rename from scripts/docker/build-debian10/Dockerfile.deps rename to scripts/docker/build/debian11/Dockerfile.cb index c1bf031113d..88a1d0ad6e4 100644 --- a/scripts/docker/build-debian10/Dockerfile.deps +++ b/scripts/docker/build/debian11/Dockerfile.cb @@ -1,17 +1,25 @@ -FROM debian:10-slim +# Auto generated for debian11 +# from scripts/docker/m4/crossbuild.deb.m4 +# +# Rebuild this file with `make crossbuild.debian11.regen` +# +ARG from=debian:bullseye +FROM ${from} as build SHELL ["/usr/bin/nice", "-n", "5", "/usr/bin/ionice", "-c", "3", "/bin/sh", "-x", "-c"] -ARG osname=buster -ONBUILD ARG osname=${osname} - ARG APT_OPTS="-y --option=Dpkg::options::=--force-unsafe-io --no-install-recommends" ARG DEBIAN_FRONTEND=noninteractive + +# +# Install add-apt-repository (may be needed for clang) and +# package development utilities +# RUN apt-get update && \ -# Development utilities apt-get install $APT_OPTS \ + software-properties-common \ devscripts \ equivs \ git \ @@ -20,45 +28,75 @@ RUN apt-get update && \ procps \ quilt \ rsync \ - software-properties-common \ - wget \ -# eapol_test dependencies + wget && \ + apt-get clean && \ + rm -r /var/lib/apt/lists/* + + +# +# Set up NetworkRADIUS extras repository +# +RUN install -d -o root -g root -m 0755 /etc/apt/keyrings && \ + wget -O /etc/apt/keyrings/packages.networkradius.com.asc "https://packages.networkradius.com/pgp/packages%40networkradius.com" && \ + echo "deb [signed-by=/etc/apt/keyrings/packages.networkradius.com.asc] http://packages.networkradius.com/extras/debian/bullseye bullseye main" > /etc/apt/sources.list.d/networkradius-extras.list && \ + apt-get update + + +# +# Install compilers +# +RUN apt-get install $APT_OPTS \ + g++ \ + llvm clang lldb + + + + +# +# Install eapol_test dependencies +# +RUN apt-get install $APT_OPTS \ libnl-3-dev \ - libnl-genl-3-dev \ -# For debugging (e.g. in crossbuild) + libnl-genl-3-dev + + +# +# Install debugging utilities +# +RUN apt-get install $APT_OPTS \ gdb \ less \ - vim \ -# Compilers - clang \ - g++ \ lldb \ - llvm + vim # # Documentation build dependencies # +WORKDIR /tmp + # - doxygen & JSON.pm RUN apt-get install $APT_OPTS \ doxygen \ graphviz \ libjson-perl -# - antora (npm needed) -RUN bash -c "$(wget -O - https://deb.nodesource.com/setup_14.x)" && \ - apt-get install $APT_OPTS \ - nodejs -RUN npm i -g @antora/cli@2.1 @antora/site-generator-default@2.1 + +# - antora (needs npm) +RUN bash -c "$(wget -O - https://deb.nodesource.com/setup_20.x)" && \ + apt-get install $APT_OPTS nodejs && \ + npm i -g @antora/cli@3.1.7 @antora/site-generator-default@3.1.7 + # - pandoc RUN wget $(wget -qO - https://api.github.com/repos/jgm/pandoc/releases/latest | sed -ne 's/.*"browser_download_url".*"\(.*amd64\.deb\)"/\1/ p') && \ find . -mindepth 1 -maxdepth 1 -type f -name 'pandoc-*.deb' -print0 | \ xargs -0 -r apt-get install $APT_OPTS && \ find . -mindepth 1 -maxdepth 1 -type f -name 'pandoc-*.deb' -delete + # - asciidoctor RUN apt-get install $APT_OPTS \ - ruby -RUN gem install asciidoctor + ruby ruby-dev && \ + gem install asciidoctor # @@ -68,22 +106,12 @@ RUN mkdir -p /usr/local/src/repositories WORKDIR /usr/local/src/repositories -# -# Set up NetworkRADIUS extras repository -# -RUN wget -O - "https://packages.networkradius.com/pgp/packages%40networkradius.com" | apt-key add && \ - echo "deb http://packages.networkradius.com/extras/debian/buster buster main" >> /etc/apt/sources.list.d/networkradius-extras.list && \ - apt-get update - - # # Shallow clone the FreeRADIUS source # WORKDIR /usr/local/src/repositories ARG source=https://github.com/FreeRADIUS/freeradius-server.git -ARG branch=master -RUN git clone --depth 1 --no-single-branch -b ${branch} ${source} - +RUN git clone --depth 1 --no-single-branch ${source} # # Install build dependencies for all branches from v3 onwards diff --git a/scripts/docker/build/debian12/Dockerfile b/scripts/docker/build/debian12/Dockerfile new file mode 100644 index 00000000000..229dc24a643 --- /dev/null +++ b/scripts/docker/build/debian12/Dockerfile @@ -0,0 +1,97 @@ +# Auto generated for debian12 +# from scripts/docker/m4/docker.deb.m4 +# +# Rebuild this file with `make docker.debian12.regen` +# +ARG from=debian:bookworm +FROM ${from} as build + +ARG DEBIAN_FRONTEND=noninteractive + +# +# Install build tools +# +RUN apt-get update +RUN apt-get install -y devscripts equivs git quilt gcc curl + +# +# Set up NetworkRADIUS extras repository +# +RUN install -d -o root -g root -m 0755 /etc/apt/keyrings \ + && curl -o /etc/apt/keyrings/packages.networkradius.com.asc "https://packages.networkradius.com/pgp/packages%40networkradius.com" \ + && echo "deb [signed-by=/etc/apt/keyrings/packages.networkradius.com.asc] http://packages.networkradius.com/extras/debian/bookworm bookworm main" > /etc/apt/sources.list.d/networkradius-extras.list \ + && apt-get update + +# +# Create build directory +# +RUN mkdir -p /usr/local/src/repositories/freeradius-server +WORKDIR /usr/local/src/repositories/freeradius-server/ + +# +# Copy the FreeRADIUS directory in +# +COPY . . + +# +# Clean up tree - we want to build from the latest commit, not from +# any cruft left around on the local system +# +RUN git clean -fdxx \ + && git reset --hard HEAD + +# +# Install build dependencies +# +RUN if [ -e ./debian/control.in ]; then \ + debian/rules debian/control; \ + fi; \ + echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control + +# +# Build the server +# +RUN make -j$(nproc) deb + +# +# Clean environment and run the server +# +FROM ${from} +ARG DEBIAN_FRONTEND=noninteractive + +COPY --from=build /usr/local/src/repositories/*.deb /tmp/ + +# +# We need curl to get the signing key +# +RUN apt-get update \ + && apt-get install -y curl \ + && apt-get clean \ + && rm -r /var/lib/apt/lists/* + +# +# Set up NetworkRADIUS extras repository +# +RUN install -d -o root -g root -m 0755 /etc/apt/keyrings \ + && curl -o /etc/apt/keyrings/packages.networkradius.com.asc "https://packages.networkradius.com/pgp/packages%40networkradius.com" \ + && echo "deb [signed-by=/etc/apt/keyrings/packages.networkradius.com.asc] http://packages.networkradius.com/extras/debian/bookworm bookworm main" > /etc/apt/sources.list.d/networkradius-extras.list + +ARG freerad_uid=101 +ARG freerad_gid=101 + +RUN groupadd -g ${freerad_gid} -r freerad \ + && useradd -u ${freerad_uid} -g freerad -r -M -d /etc/freeradius -s /usr/sbin/nologin freerad \ + && apt-get update \ + && apt-get install -y /tmp/*.deb \ + && apt-get clean \ + && rm -r /var/lib/apt/lists/* /tmp/*.deb \ + \ + && ln -s /etc/freeradius /etc/raddb + +WORKDIR / +COPY scripts/docker/etc/docker-entrypoint.sh.deb docker-entrypoint.sh +RUN chmod +x docker-entrypoint.sh + +EXPOSE 1812/udp 1813/udp +ENTRYPOINT ["/docker-entrypoint.sh"] +CMD ["freeradius"] diff --git a/scripts/docker/build/debian12/Dockerfile.cb b/scripts/docker/build/debian12/Dockerfile.cb new file mode 100644 index 00000000000..526630adbab --- /dev/null +++ b/scripts/docker/build/debian12/Dockerfile.cb @@ -0,0 +1,128 @@ +# Auto generated for debian12 +# from scripts/docker/m4/crossbuild.deb.m4 +# +# Rebuild this file with `make crossbuild.debian12.regen` +# +ARG from=debian:bookworm +FROM ${from} as build + +SHELL ["/usr/bin/nice", "-n", "5", "/usr/bin/ionice", "-c", "3", "/bin/sh", "-x", "-c"] + +ARG APT_OPTS="-y --option=Dpkg::options::=--force-unsafe-io --no-install-recommends" + +ARG DEBIAN_FRONTEND=noninteractive + + +# +# Install add-apt-repository (may be needed for clang) and +# package development utilities +# +RUN apt-get update && \ + apt-get install $APT_OPTS \ + software-properties-common \ + devscripts \ + equivs \ + git \ + gnupg2 \ + lsb-release \ + procps \ + quilt \ + rsync \ + wget && \ + apt-get clean && \ + rm -r /var/lib/apt/lists/* + + +# +# Set up NetworkRADIUS extras repository +# +RUN install -d -o root -g root -m 0755 /etc/apt/keyrings && \ + wget -O /etc/apt/keyrings/packages.networkradius.com.asc "https://packages.networkradius.com/pgp/packages%40networkradius.com" && \ + echo "deb [signed-by=/etc/apt/keyrings/packages.networkradius.com.asc] http://packages.networkradius.com/extras/debian/bookworm bookworm main" > /etc/apt/sources.list.d/networkradius-extras.list && \ + apt-get update + + +# +# Install compilers +# +RUN apt-get install $APT_OPTS \ + g++ \ + llvm clang lldb + + + + +# +# Install eapol_test dependencies +# +RUN apt-get install $APT_OPTS \ + libnl-3-dev \ + libnl-genl-3-dev + + +# +# Install debugging utilities +# +RUN apt-get install $APT_OPTS \ + gdb \ + less \ + lldb \ + vim + + +# +# Documentation build dependencies +# + +WORKDIR /tmp + +# - doxygen & JSON.pm +RUN apt-get install $APT_OPTS \ + doxygen \ + graphviz \ + libjson-perl + +# - antora (needs npm) +RUN bash -c "$(wget -O - https://deb.nodesource.com/setup_20.x)" && \ + apt-get install $APT_OPTS nodejs && \ + npm i -g @antora/cli@3.1.7 @antora/site-generator-default@3.1.7 + +# - pandoc +RUN wget $(wget -qO - https://api.github.com/repos/jgm/pandoc/releases/latest | sed -ne 's/.*"browser_download_url".*"\(.*amd64\.deb\)"/\1/ p') && \ + find . -mindepth 1 -maxdepth 1 -type f -name 'pandoc-*.deb' -print0 | \ + xargs -0 -r apt-get install $APT_OPTS && \ + find . -mindepth 1 -maxdepth 1 -type f -name 'pandoc-*.deb' -delete + +# - asciidoctor +RUN apt-get install $APT_OPTS \ + ruby ruby-dev && \ + gem install asciidoctor + + +# +# Setup a src dir in /usr/local +# +RUN mkdir -p /usr/local/src/repositories +WORKDIR /usr/local/src/repositories + + +# +# Shallow clone the FreeRADIUS source +# +WORKDIR /usr/local/src/repositories +ARG source=https://github.com/FreeRADIUS/freeradius-server.git +RUN git clone --depth 1 --no-single-branch ${source} + +# +# Install build dependencies for all branches from v3 onwards +# +WORKDIR freeradius-server +RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^(v[3-9]*\.[0-9x]*\.x|master|${branch})$" | sort -u); \ + do \ + git checkout $i; \ + if [ -e ./debian/control.in ] ; then \ + debian/rules debian/control ; \ + fi ; \ + mk-build-deps -irt"apt-get -o Debug::pkgProblemResolver=yes $APT_OPTS" debian/control ; \ + apt-get -y remove libiodbc2-dev ; \ + done diff --git a/scripts/docker/build/debiansid/Dockerfile b/scripts/docker/build/debiansid/Dockerfile new file mode 100644 index 00000000000..da0d06cf44a --- /dev/null +++ b/scripts/docker/build/debiansid/Dockerfile @@ -0,0 +1,97 @@ +# Auto generated for debiansid +# from scripts/docker/m4/docker.deb.m4 +# +# Rebuild this file with `make docker.debiansid.regen` +# +ARG from=debian:sid +FROM ${from} as build + +ARG DEBIAN_FRONTEND=noninteractive + +# +# Install build tools +# +RUN apt-get update +RUN apt-get install -y devscripts equivs git quilt gcc curl + +# +# Set up NetworkRADIUS extras repository +# +RUN install -d -o root -g root -m 0755 /etc/apt/keyrings \ + && curl -o /etc/apt/keyrings/packages.networkradius.com.asc "https://packages.networkradius.com/pgp/packages%40networkradius.com" \ + && echo "deb [signed-by=/etc/apt/keyrings/packages.networkradius.com.asc] http://packages.networkradius.com/extras/debian/sid sid main" > /etc/apt/sources.list.d/networkradius-extras.list \ + && apt-get update + +# +# Create build directory +# +RUN mkdir -p /usr/local/src/repositories/freeradius-server +WORKDIR /usr/local/src/repositories/freeradius-server/ + +# +# Copy the FreeRADIUS directory in +# +COPY . . + +# +# Clean up tree - we want to build from the latest commit, not from +# any cruft left around on the local system +# +RUN git clean -fdxx \ + && git reset --hard HEAD + +# +# Install build dependencies +# +RUN if [ -e ./debian/control.in ]; then \ + debian/rules debian/control; \ + fi; \ + echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control + +# +# Build the server +# +RUN make -j$(nproc) deb + +# +# Clean environment and run the server +# +FROM ${from} +ARG DEBIAN_FRONTEND=noninteractive + +COPY --from=build /usr/local/src/repositories/*.deb /tmp/ + +# +# We need curl to get the signing key +# +RUN apt-get update \ + && apt-get install -y curl \ + && apt-get clean \ + && rm -r /var/lib/apt/lists/* + +# +# Set up NetworkRADIUS extras repository +# +RUN install -d -o root -g root -m 0755 /etc/apt/keyrings \ + && curl -o /etc/apt/keyrings/packages.networkradius.com.asc "https://packages.networkradius.com/pgp/packages%40networkradius.com" \ + && echo "deb [signed-by=/etc/apt/keyrings/packages.networkradius.com.asc] http://packages.networkradius.com/extras/debian/sid sid main" > /etc/apt/sources.list.d/networkradius-extras.list + +ARG freerad_uid=101 +ARG freerad_gid=101 + +RUN groupadd -g ${freerad_gid} -r freerad \ + && useradd -u ${freerad_uid} -g freerad -r -M -d /etc/freeradius -s /usr/sbin/nologin freerad \ + && apt-get update \ + && apt-get install -y /tmp/*.deb \ + && apt-get clean \ + && rm -r /var/lib/apt/lists/* /tmp/*.deb \ + \ + && ln -s /etc/freeradius /etc/raddb + +WORKDIR / +COPY scripts/docker/etc/docker-entrypoint.sh.deb docker-entrypoint.sh +RUN chmod +x docker-entrypoint.sh + +EXPOSE 1812/udp 1813/udp +ENTRYPOINT ["/docker-entrypoint.sh"] +CMD ["freeradius"] diff --git a/scripts/docker/build-debian11/Dockerfile.deps b/scripts/docker/build/debiansid/Dockerfile.cb similarity index 60% rename from scripts/docker/build-debian11/Dockerfile.deps rename to scripts/docker/build/debiansid/Dockerfile.cb index 6ad86f858c5..39cd3763804 100644 --- a/scripts/docker/build-debian11/Dockerfile.deps +++ b/scripts/docker/build/debiansid/Dockerfile.cb @@ -1,17 +1,25 @@ -FROM debian:bullseye +# Auto generated for debiansid +# from scripts/docker/m4/crossbuild.deb.m4 +# +# Rebuild this file with `make crossbuild.debiansid.regen` +# +ARG from=debian:sid +FROM ${from} as build SHELL ["/usr/bin/nice", "-n", "5", "/usr/bin/ionice", "-c", "3", "/bin/sh", "-x", "-c"] -ARG osname=bullseye -ONBUILD ARG osname=${osname} - ARG APT_OPTS="-y --option=Dpkg::options::=--force-unsafe-io --no-install-recommends" ARG DEBIAN_FRONTEND=noninteractive + +# +# Install add-apt-repository (may be needed for clang) and +# package development utilities +# RUN apt-get update && \ -# Development utilities apt-get install $APT_OPTS \ + software-properties-common \ devscripts \ equivs \ git \ @@ -20,45 +28,75 @@ RUN apt-get update && \ procps \ quilt \ rsync \ - software-properties-common \ - wget \ -# eapol_test dependencies + wget && \ + apt-get clean && \ + rm -r /var/lib/apt/lists/* + + +# +# Set up NetworkRADIUS extras repository +# +RUN install -d -o root -g root -m 0755 /etc/apt/keyrings && \ + wget -O /etc/apt/keyrings/packages.networkradius.com.asc "https://packages.networkradius.com/pgp/packages%40networkradius.com" && \ + echo "deb [signed-by=/etc/apt/keyrings/packages.networkradius.com.asc] http://packages.networkradius.com/extras/debian/sid sid main" > /etc/apt/sources.list.d/networkradius-extras.list && \ + apt-get update + + +# +# Install compilers +# +RUN apt-get install $APT_OPTS \ + g++ \ + llvm clang lldb + + + + +# +# Install eapol_test dependencies +# +RUN apt-get install $APT_OPTS \ libnl-3-dev \ - libnl-genl-3-dev \ -# For debugging (e.g. in crossbuild) + libnl-genl-3-dev + + +# +# Install debugging utilities +# +RUN apt-get install $APT_OPTS \ gdb \ less \ - vim \ -# Compilers - clang \ - g++ \ lldb \ - llvm + vim # # Documentation build dependencies # +WORKDIR /tmp + # - doxygen & JSON.pm RUN apt-get install $APT_OPTS \ doxygen \ graphviz \ libjson-perl -# - antora (npm needed) -RUN bash -c "$(wget -O - https://deb.nodesource.com/setup_14.x)" && \ - apt-get install $APT_OPTS \ - nodejs -RUN npm i -g @antora/cli@2.1 @antora/site-generator-default@2.1 + +# - antora (needs npm) +RUN bash -c "$(wget -O - https://deb.nodesource.com/setup_20.x)" && \ + apt-get install $APT_OPTS nodejs && \ + npm i -g @antora/cli@3.1.7 @antora/site-generator-default@3.1.7 + # - pandoc RUN wget $(wget -qO - https://api.github.com/repos/jgm/pandoc/releases/latest | sed -ne 's/.*"browser_download_url".*"\(.*amd64\.deb\)"/\1/ p') && \ find . -mindepth 1 -maxdepth 1 -type f -name 'pandoc-*.deb' -print0 | \ xargs -0 -r apt-get install $APT_OPTS && \ find . -mindepth 1 -maxdepth 1 -type f -name 'pandoc-*.deb' -delete + # - asciidoctor RUN apt-get install $APT_OPTS \ - ruby -RUN gem install asciidoctor + ruby ruby-dev && \ + gem install asciidoctor # @@ -68,22 +106,12 @@ RUN mkdir -p /usr/local/src/repositories WORKDIR /usr/local/src/repositories -# -# Set up NetworkRADIUS extras repository -# -RUN wget -O - "https://packages.networkradius.com/pgp/packages%40networkradius.com" | apt-key add && \ - echo "deb http://packages.networkradius.com/extras/debian/${osname} ${osname} main" >> /etc/apt/sources.list.d/networkradius-extras.list && \ - apt-get update - - # # Shallow clone the FreeRADIUS source # WORKDIR /usr/local/src/repositories ARG source=https://github.com/FreeRADIUS/freeradius-server.git -ARG branch=master -RUN git clone --depth 1 --no-single-branch -b ${branch} ${source} - +RUN git clone --depth 1 --no-single-branch ${source} # # Install build dependencies for all branches from v3 onwards diff --git a/scripts/docker/build/rocky8/Dockerfile b/scripts/docker/build/rocky8/Dockerfile new file mode 100644 index 00000000000..a5255293def --- /dev/null +++ b/scripts/docker/build/rocky8/Dockerfile @@ -0,0 +1,156 @@ +# Auto generated for rocky8 +# from scripts/docker/m4/docker.rpm.m4 +# +# Rebuild this file with `make docker.rocky8.regen` +# +ARG from=rockylinux/rockylinux:8 +FROM ${from} as build + +RUN rpmkeys --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rockyofficial + +# +# Install build tools +# +RUN yum groupinstall -y "Development Tools" + +RUN yum install -y rpmdevtools openssl dnf-utils + + +# +# Set up NetworkRADIUS extras repository +# +RUN echo $'[networkradius-extras]\n\ +name=NetworkRADIUS-extras-$releasever\n\ +baseurl=http://packages.networkradius.com/extras/rocky/$releasever/\n\ +enabled=1\n\ +gpgcheck=1\n\ +gpgkey=https://packages.networkradius.com/pgp/packages@networkradius.com'\ +> /etc/yum.repos.d/networkradius-extras.repo +RUN rpm --import https://packages.networkradius.com/pgp/packages@networkradius.com + +# +# Create build directory +# +RUN mkdir -p /usr/local/src/repositories/freeradius-server +WORKDIR /usr/local/src/repositories/freeradius-server/ + +# +# Copy the FreeRADIUS directory in +# +COPY . . + +# +# Clean up tree - we want to build from the latest commit, not from +# any cruft left around on the local system +# +RUN git clean -fdxx \ + && git reset --hard HEAD + +# +# Other requirements +# + +# Use LTB's openldap packages instead of the distribution version to avoid linking against NSS +RUN echo $'[ltb-project]\n\ +name=LTB project packages\n\ +baseurl=https://ltb-project.org/rpm/$releasever/$basearch\n\ +enabled=1\n\ +gpgcheck=1\n\ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project'\ +> /etc/yum.repos.d/ltb-project.repo +RUN rpm --import https://ltb-project.org/lib/RPM-GPG-KEY-LTB-project + +# Enable EPEL repository for freetds and hiredis +RUN yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm + +# Enable powertools repo +RUN yum config-manager --enable powertools + +# Enable epel-testing, currently needed for hiredis-devel +RUN yum config-manager --enable epel-testing + +# +# Install build dependencies +# +# Run twice, it doesn't always get everything with one invocation +RUN [ -e redhat/freeradius.spec ] && \ + yum-builddep -y redhat/freeradius.spec && \ + yum-builddep -y redhat/freeradius.spec + +# +# Create RPM build environment +# +ENV BUILDDIR=/root/rpmbuild +RUN rpmdev-setuptree + +RUN ./configure +RUN make pkg_version > /VERSION +RUN cat /VERSION +RUN make freeradius-server-$(cat /VERSION).tar.bz2 +RUN cp freeradius-server-$(cat /VERSION).tar.bz2 $BUILDDIR/SOURCES/ +RUN cp -r redhat/* $BUILDDIR/SOURCES/ +RUN make dist-check-rpm +RUN cp -r redhat/freeradius.spec $BUILDDIR/SPECS/ +WORKDIR $BUILDDIR + +# +# Build the server +# +ENV QA_RPATHS=0x0003 +RUN rpmbuild -bb --define "_release $(cat /VERSION)" "$BUILDDIR/SPECS/freeradius.spec" + +RUN mkdir /root/rpms +RUN mv $BUILDDIR/RPMS/*/*.rpm /root/rpms/ + +# +# Clean environment and run the server +# +FROM ${from} + +COPY --from=build /root/rpms /tmp/ + +# +# Set up NetworkRADIUS extras repository +# +RUN echo $'[networkradius-extras]\n\ +name=NetworkRADIUS-extras-$releasever\n\ +baseurl=http://packages.networkradius.com/extras/rocky/$releasever/\n\ +enabled=1\n\ +gpgcheck=1\n\ +gpgkey=https://packages.networkradius.com/pgp/packages@networkradius.com'\ +> /etc/yum.repos.d/networkradius-extras.repo +RUN rpm --import https://packages.networkradius.com/pgp/packages@networkradius.com + +# +# Other requirements +# +# Use LTB's openldap packages instead of the distribution version to avoid linking against NSS +RUN echo $'[ltb-project]\n\ +name=LTB project packages\n\ +baseurl=https://ltb-project.org/rpm/$releasever/$basearch\n\ +enabled=1\n\ +gpgcheck=1\n\ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project'\ +> /etc/yum.repos.d/ltb-project.repo \ + && rpm --import https://ltb-project.org/lib/RPM-GPG-KEY-LTB-project + + +# EPEL repository for freetds and hiredis +RUN yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm \ + && yum install -y dnf-utils \ + && yum config-manager --enable epel-testing + +ARG radiusd_uid=95 +ARG radiusd_gid=95 + +RUN groupadd -g ${radiusd_gid} -r radiusd \ + && useradd -u ${radiusd_uid} -g radiusd -r -M -d /home/radiusd -s /sbin/nologin radiusd \ + && yum install -y /tmp/*.rpm + +WORKDIR / +COPY scripts/docker/etc/docker-entrypoint.sh.rpm docker-entrypoint.sh +RUN chmod +x docker-entrypoint.sh + +EXPOSE 1812/udp 1813/udp +ENTRYPOINT ["/docker-entrypoint.sh"] +CMD ["radiusd"] diff --git a/scripts/docker/build/rocky8/Dockerfile.cb b/scripts/docker/build/rocky8/Dockerfile.cb new file mode 100644 index 00000000000..0cf07cb36e5 --- /dev/null +++ b/scripts/docker/build/rocky8/Dockerfile.cb @@ -0,0 +1,115 @@ +# Auto generated for rocky8 +# from scripts/docker/m4/crossbuild.rpm.m4 +# +# Rebuild this file with `make crossbuild.rocky8.regen` +# +ARG from=rockylinux/rockylinux:8 +FROM ${from} as build + +# +# Install devtools like make and git and the EPEL +# repository for freetds and hiredis +# +RUN yum update -y +RUN yum install -y rpmdevtools openssl epel-release git procps yum-utils \ + rsync dnf-plugins-core + + +RUN yum config-manager --set-enabled powertools + +# +# Install GCC that has the requisite support for C11 keywords and atomics +# +RUN yum install -y gcc-toolset-9 + + +# +# Documentation build dependencies +# + +# - doxygen & JSON.pm +RUN yum install -y doxygen graphviz perl-JSON +# - antora (npm needed) +RUN curl -sL https://rpm.nodesource.com/setup_20.x | bash - +RUN yum install -y nodejs +RUN npm i -g @antora/cli@3.1.7 @antora/site-generator-default@3.1.7 +# - pandoc +RUN curl -o - -L $(curl -s https://api.github.com/repos/jgm/pandoc/releases/latest | grep "browser_download_url.*tar.gz" | cut -d '"' -f 4) | tar xzvf - -C /tmp/ +RUN mv /tmp/pandoc-*/bin/* /usr/local/bin +# - asciidoctor +RUN yum install -y rubygems-devel +RUN gem install asciidoctor + +# +# Setup a src dir in /usr/local +# +RUN mkdir -p /usr/local/src/repositories +WORKDIR /usr/local/src/repositories + +# +# Set up NetworkRADIUS extras repository for latest libkqueue +# +RUN echo $'[networkradius-extras]\n\ +name=NetworkRADIUS-extras-$releasever\n\ +baseurl=http://packages.networkradius.com/extras/rocky/$releasever/\n\ +enabled=1\n\ +gpgcheck=1\n\ +gpgkey=https://packages.networkradius.com/pgp/packages@networkradius.com'\ +> /etc/yum.repos.d/networkradius-extras.repo +RUN rpm --import https://packages.networkradius.com/pgp/packages@networkradius.com + +# +# Use LTB's openldap packages instead of the distribution version to avoid linking against NSS +# +RUN echo $'[ltb-project]\n\ +name=LTB project packages\n\ +baseurl=https://ltb-project.org/rpm/$releasever/$basearch\n\ +enabled=1\n\ +gpgcheck=1\n\ +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-LTB-project'\ +> /etc/yum.repos.d/ltb-project.repo +RUN rpm --import https://ltb-project.org/lib/RPM-GPG-KEY-LTB-project + +# +# Shallow clone the FreeRADIUS source +# +WORKDIR /usr/local/src/repositories +ARG source=https://github.com/FreeRADIUS/freeradius-server.git +RUN git clone --depth 1 --no-single-branch ${source} + +# +# Install build dependencies for all branches from v3 onwards +# Nodesource has issues (no SRPMS in some repos) and is not needed here +# +WORKDIR freeradius-server +RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^(v[4-9]*\.[0-9x]*\.x|master)$");\ + do \ + git checkout $i; \ + [ -e redhat/freeradius.spec ] && yum-builddep -y redhat/freeradius.spec; \ + done + +# +# Tests require extra Yubikey libraries +# +RUN yum install -y libyubikey-devel + +# +# Which is required by fixture setup utilities +# +RUN yum install -y which + +# +# Explicitly install libnl3-devel which is required for the EAP tests +# +RUN yum install -y libnl3-devel + +# +# We test with TLS1.1, but that is disabled by default on some +# newer systems. +# +RUN update-crypto-policies --set LEGACY + +# +# Create the RPM build tree +# +RUN rpmdev-setuptree diff --git a/scripts/docker/build/rocky9/Dockerfile b/scripts/docker/build/rocky9/Dockerfile new file mode 100644 index 00000000000..372778c1779 --- /dev/null +++ b/scripts/docker/build/rocky9/Dockerfile @@ -0,0 +1,138 @@ +# Auto generated for rocky9 +# from scripts/docker/m4/docker.rpm.m4 +# +# Rebuild this file with `make docker.rocky9.regen` +# +ARG from=rockylinux/rockylinux:9 +FROM ${from} as build + +RUN rpmkeys --import /etc/pki/rpm-gpg/RPM-GPG-KEY-Rocky-9 + +# +# Install build tools +# +RUN yum groupinstall -y "Development Tools" + +RUN yum install -y rpmdevtools openssl dnf-utils + + +# +# Set up NetworkRADIUS extras repository +# +RUN echo $'[networkradius-extras]\n\ +name=NetworkRADIUS-extras-$releasever\n\ +baseurl=http://packages.networkradius.com/extras/rocky/$releasever/\n\ +enabled=1\n\ +gpgcheck=1\n\ +gpgkey=https://packages.networkradius.com/pgp/packages@networkradius.com'\ +> /etc/yum.repos.d/networkradius-extras.repo +RUN rpm --import https://packages.networkradius.com/pgp/packages@networkradius.com + +# +# Create build directory +# +RUN mkdir -p /usr/local/src/repositories/freeradius-server +WORKDIR /usr/local/src/repositories/freeradius-server/ + +# +# Copy the FreeRADIUS directory in +# +COPY . . + +# +# Clean up tree - we want to build from the latest commit, not from +# any cruft left around on the local system +# +RUN git clean -fdxx \ + && git reset --hard HEAD + +# +# Other requirements +# + +# Enable EPEL repository for freetds and hiredis +RUN yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm + +# Enable Code Ready Builder repo (CentOS powertools equivalent) +RUN yum install -y yum-utils +RUN yum config-manager --enable crb + +# +# Install build dependencies +# +# Run twice, it doesn't always get everything with one invocation +RUN [ -e redhat/freeradius.spec ] && \ + yum-builddep -y redhat/freeradius.spec && \ + yum-builddep -y redhat/freeradius.spec + +# +# Create RPM build environment +# +ENV BUILDDIR=/root/rpmbuild +RUN rpmdev-setuptree + +RUN ./configure +RUN make pkg_version > /VERSION +RUN cat /VERSION +RUN make freeradius-server-$(cat /VERSION).tar.bz2 +RUN cp freeradius-server-$(cat /VERSION).tar.bz2 $BUILDDIR/SOURCES/ +RUN cp -r redhat/* $BUILDDIR/SOURCES/ +RUN make dist-check-rpm +RUN cp -r redhat/freeradius.spec $BUILDDIR/SPECS/ +WORKDIR $BUILDDIR + +# +# Build the server +# +ENV QA_RPATHS=0x0003 +RUN rpmbuild -bb --define "_release $(cat /VERSION)" "$BUILDDIR/SPECS/freeradius.spec" + +RUN mkdir /root/rpms +RUN mv $BUILDDIR/RPMS/*/*.rpm /root/rpms/ + +# +# Clean environment and run the server +# +FROM ${from} + +COPY --from=build /root/rpms /tmp/ + +# +# Set up NetworkRADIUS extras repository +# +RUN echo $'[networkradius-extras]\n\ +name=NetworkRADIUS-extras-$releasever\n\ +baseurl=http://packages.networkradius.com/extras/rocky/$releasever/\n\ +enabled=1\n\ +gpgcheck=1\n\ +gpgkey=https://packages.networkradius.com/pgp/packages@networkradius.com'\ +> /etc/yum.repos.d/networkradius-extras.repo +RUN rpm --import https://packages.networkradius.com/pgp/packages@networkradius.com + +# +# Other requirements +# + +# Needed for mysql-libs on Rocky 9 +RUN yum install -y yum-utils +RUN yum config-manager --enable crb + +# EPEL repository for freetds and hiredis +RUN yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm \ + && yum install -y dnf-utils \ + && yum config-manager --enable epel-testing + +ARG radiusd_uid=95 +ARG radiusd_gid=95 + +RUN groupadd -g ${radiusd_gid} -r radiusd \ + && useradd -u ${radiusd_uid} -g radiusd -r -M -d /home/radiusd -s /sbin/nologin radiusd \ + && yum install -y /tmp/*.rpm + +WORKDIR / +COPY scripts/docker/etc/docker-entrypoint.sh.rpm docker-entrypoint.sh +RUN chmod +x docker-entrypoint.sh + +EXPOSE 1812/udp 1813/udp +ENTRYPOINT ["/docker-entrypoint.sh"] +CMD ["radiusd"] diff --git a/scripts/docker/build/rocky9/Dockerfile.cb b/scripts/docker/build/rocky9/Dockerfile.cb new file mode 100644 index 00000000000..7c3c6ff44a9 --- /dev/null +++ b/scripts/docker/build/rocky9/Dockerfile.cb @@ -0,0 +1,98 @@ +# Auto generated for rocky9 +# from scripts/docker/m4/crossbuild.rpm.m4 +# +# Rebuild this file with `make crossbuild.rocky9.regen` +# +ARG from=rockylinux/rockylinux:9 +FROM ${from} as build + +# +# Install devtools like make and git and the EPEL +# repository for freetds and hiredis +# +RUN yum update -y +RUN yum install -y rpmdevtools openssl epel-release git procps yum-utils \ + rsync dnf-plugins-core + + + +RUN yum config-manager --set-enabled crb + +# +# Documentation build dependencies +# + +# - doxygen & JSON.pm +RUN yum install -y doxygen graphviz perl-JSON +# - antora (npm needed) +RUN curl -sL https://rpm.nodesource.com/setup_20.x | bash - +RUN yum install -y nodejs +RUN npm i -g @antora/cli@3.1.7 @antora/site-generator-default@3.1.7 +# - pandoc +RUN curl -o - -L $(curl -s https://api.github.com/repos/jgm/pandoc/releases/latest | grep "browser_download_url.*tar.gz" | cut -d '"' -f 4) | tar xzvf - -C /tmp/ +RUN mv /tmp/pandoc-*/bin/* /usr/local/bin +# - asciidoctor +RUN yum install -y rubygems-devel +RUN gem install asciidoctor + +# +# Setup a src dir in /usr/local +# +RUN mkdir -p /usr/local/src/repositories +WORKDIR /usr/local/src/repositories + +# +# Set up NetworkRADIUS extras repository for latest libkqueue +# +RUN echo $'[networkradius-extras]\n\ +name=NetworkRADIUS-extras-$releasever\n\ +baseurl=http://packages.networkradius.com/extras/rocky/$releasever/\n\ +enabled=1\n\ +gpgcheck=1\n\ +gpgkey=https://packages.networkradius.com/pgp/packages@networkradius.com'\ +> /etc/yum.repos.d/networkradius-extras.repo +RUN rpm --import https://packages.networkradius.com/pgp/packages@networkradius.com + +# +# Shallow clone the FreeRADIUS source +# +WORKDIR /usr/local/src/repositories +ARG source=https://github.com/FreeRADIUS/freeradius-server.git +RUN git clone --depth 1 --no-single-branch ${source} + +# +# Install build dependencies for all branches from v3 onwards +# Nodesource has issues (no SRPMS in some repos) and is not needed here +# +WORKDIR freeradius-server +RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^(v[4-9]*\.[0-9x]*\.x|master)$");\ + do \ + git checkout $i; \ + [ -e redhat/freeradius.spec ] && yum-builddep -y redhat/freeradius.spec; \ + done + +# +# Tests require extra Yubikey libraries +# +RUN yum install -y libyubikey-devel + +# +# Which is required by fixture setup utilities +# +RUN yum install -y which + +# +# Explicitly install libnl3-devel which is required for the EAP tests +# +RUN yum install -y libnl3-devel + +# +# We test with TLS1.1, but that is disabled by default on some +# newer systems. +# +RUN update-crypto-policies --set LEGACY + +# +# Create the RPM build tree +# +RUN rpmdev-setuptree diff --git a/scripts/docker/build/ubuntu20/Dockerfile b/scripts/docker/build/ubuntu20/Dockerfile new file mode 100644 index 00000000000..5d54f1e5c35 --- /dev/null +++ b/scripts/docker/build/ubuntu20/Dockerfile @@ -0,0 +1,92 @@ +# Auto generated for ubuntu20 +# from scripts/docker/m4/docker.deb.m4 +# +# Rebuild this file with `make docker.ubuntu20.regen` +# +ARG from=ubuntu:20.04 +FROM ${from} as build + +ARG DEBIAN_FRONTEND=noninteractive + +# +# Install build tools +# +RUN apt-get update +RUN apt-get install -y devscripts equivs git quilt gcc curl + +# +# Set up NetworkRADIUS extras repository +# +RUN install -d -o root -g root -m 0755 /etc/apt/keyrings \ + && curl -o /etc/apt/keyrings/packages.networkradius.com.asc "https://packages.networkradius.com/pgp/packages%40networkradius.com" \ + && echo "deb [signed-by=/etc/apt/keyrings/packages.networkradius.com.asc] http://packages.networkradius.com/extras/ubuntu/focal focal main" > /etc/apt/sources.list.d/networkradius-extras.list \ + && apt-get update + +# +# Create build directory +# +RUN mkdir -p /usr/local/src/repositories/freeradius-server +WORKDIR /usr/local/src/repositories/freeradius-server/ + +# +# Copy the FreeRADIUS directory in +# +COPY . . + +# +# Clean up tree - we want to build from the latest commit, not from +# any cruft left around on the local system +# +RUN git clean -fdxx \ + && git reset --hard HEAD + +# +# Install build dependencies +# +RUN if [ -e ./debian/control.in ]; then \ + debian/rules debian/control; \ + fi; \ + echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control + +# +# Build the server +# +RUN make -j$(nproc) deb + +# +# Clean environment and run the server +# +FROM ${from} +ARG DEBIAN_FRONTEND=noninteractive + +COPY --from=build /usr/local/src/repositories/*.deb /tmp/ + +# +# We need curl to get the signing key +# +RUN apt-get update \ + && apt-get install -y curl \ + && apt-get clean \ + && rm -r /var/lib/apt/lists/* + +# +# Set up NetworkRADIUS extras repository +# +RUN install -d -o root -g root -m 0755 /etc/apt/keyrings \ + && curl -o /etc/apt/keyrings/packages.networkradius.com.asc "https://packages.networkradius.com/pgp/packages%40networkradius.com" \ + && echo "deb [signed-by=/etc/apt/keyrings/packages.networkradius.com.asc] http://packages.networkradius.com/extras/ubuntu/focal focal main" > /etc/apt/sources.list.d/networkradius-extras.list + +RUN apt-get update \ + && apt-get install -y /tmp/*.deb \ + && apt-get clean \ + && rm -r /var/lib/apt/lists/* /tmp/*.deb \ + \ + && ln -s /etc/freeradius /etc/raddb + +WORKDIR / +COPY scripts/docker/etc/docker-entrypoint.sh.deb docker-entrypoint.sh +RUN chmod +x docker-entrypoint.sh + +EXPOSE 1812/udp 1813/udp +ENTRYPOINT ["/docker-entrypoint.sh"] +CMD ["freeradius"] diff --git a/scripts/docker/build-debiansid/Dockerfile.deps b/scripts/docker/build/ubuntu20/Dockerfile.cb similarity index 60% rename from scripts/docker/build-debiansid/Dockerfile.deps rename to scripts/docker/build/ubuntu20/Dockerfile.cb index 3676b4cde00..a13d9769b0d 100644 --- a/scripts/docker/build-debiansid/Dockerfile.deps +++ b/scripts/docker/build/ubuntu20/Dockerfile.cb @@ -1,17 +1,25 @@ -FROM debian:sid-slim +# Auto generated for ubuntu20 +# from scripts/docker/m4/crossbuild.deb.m4 +# +# Rebuild this file with `make crossbuild.ubuntu20.regen` +# +ARG from=ubuntu:20.04 +FROM ${from} as build SHELL ["/usr/bin/nice", "-n", "5", "/usr/bin/ionice", "-c", "3", "/bin/sh", "-x", "-c"] -ARG osname=sid -ONBUILD ARG osname=${osname} - ARG APT_OPTS="-y --option=Dpkg::options::=--force-unsafe-io --no-install-recommends" ARG DEBIAN_FRONTEND=noninteractive + +# +# Install add-apt-repository (may be needed for clang) and +# package development utilities +# RUN apt-get update && \ -# Development utilities apt-get install $APT_OPTS \ + software-properties-common \ devscripts \ equivs \ git \ @@ -20,45 +28,75 @@ RUN apt-get update && \ procps \ quilt \ rsync \ - software-properties-common \ - wget \ -# eapol_test dependencies + wget && \ + apt-get clean && \ + rm -r /var/lib/apt/lists/* + + +# +# Set up NetworkRADIUS extras repository +# +RUN install -d -o root -g root -m 0755 /etc/apt/keyrings && \ + wget -O /etc/apt/keyrings/packages.networkradius.com.asc "https://packages.networkradius.com/pgp/packages%40networkradius.com" && \ + echo "deb [signed-by=/etc/apt/keyrings/packages.networkradius.com.asc] http://packages.networkradius.com/extras/ubuntu/focal focal main" > /etc/apt/sources.list.d/networkradius-extras.list && \ + apt-get update + + +# +# Install compilers +# +RUN apt-get install $APT_OPTS \ + g++ \ + llvm clang lldb + + + + +# +# Install eapol_test dependencies +# +RUN apt-get install $APT_OPTS \ libnl-3-dev \ - libnl-genl-3-dev \ -# For debugging (e.g. in crossbuild) + libnl-genl-3-dev + + +# +# Install debugging utilities +# +RUN apt-get install $APT_OPTS \ gdb \ less \ - vim \ -# Compilers - clang \ - g++ \ lldb \ - llvm + vim # # Documentation build dependencies # +WORKDIR /tmp + # - doxygen & JSON.pm RUN apt-get install $APT_OPTS \ doxygen \ graphviz \ libjson-perl -# - antora (npm needed) -RUN bash -c "$(wget -O - https://deb.nodesource.com/setup_14.x)" && \ - apt-get install $APT_OPTS \ - nodejs -RUN npm i -g @antora/cli@2.1 @antora/site-generator-default@2.1 + +# - antora (needs npm) +RUN bash -c "$(wget -O - https://deb.nodesource.com/setup_20.x)" && \ + apt-get install $APT_OPTS nodejs && \ + npm i -g @antora/cli@3.1.7 @antora/site-generator-default@3.1.7 + # - pandoc RUN wget $(wget -qO - https://api.github.com/repos/jgm/pandoc/releases/latest | sed -ne 's/.*"browser_download_url".*"\(.*amd64\.deb\)"/\1/ p') && \ find . -mindepth 1 -maxdepth 1 -type f -name 'pandoc-*.deb' -print0 | \ xargs -0 -r apt-get install $APT_OPTS && \ find . -mindepth 1 -maxdepth 1 -type f -name 'pandoc-*.deb' -delete + # - asciidoctor RUN apt-get install $APT_OPTS \ - ruby -RUN gem install asciidoctor + ruby ruby-dev && \ + gem install asciidoctor # @@ -68,22 +106,12 @@ RUN mkdir -p /usr/local/src/repositories WORKDIR /usr/local/src/repositories -# -# Set up NetworkRADIUS extras repository -# -RUN wget -O - "https://packages.networkradius.com/pgp/packages%40networkradius.com" | apt-key add && \ - echo "deb http://packages.networkradius.com/extras/debian/${osname} ${osname} main" >> /etc/apt/sources.list.d/networkradius-extras.list && \ - apt-get update - - # # Shallow clone the FreeRADIUS source # WORKDIR /usr/local/src/repositories ARG source=https://github.com/FreeRADIUS/freeradius-server.git -ARG branch=master -RUN git clone --depth 1 --no-single-branch -b ${branch} ${source} - +RUN git clone --depth 1 --no-single-branch ${source} # # Install build dependencies for all branches from v3 onwards diff --git a/scripts/docker/build/ubuntu22/Dockerfile b/scripts/docker/build/ubuntu22/Dockerfile new file mode 100644 index 00000000000..43ab30b644f --- /dev/null +++ b/scripts/docker/build/ubuntu22/Dockerfile @@ -0,0 +1,97 @@ +# Auto generated for ubuntu22 +# from scripts/docker/m4/docker.deb.m4 +# +# Rebuild this file with `make docker.ubuntu22.regen` +# +ARG from=ubuntu:22.04 +FROM ${from} as build + +ARG DEBIAN_FRONTEND=noninteractive + +# +# Install build tools +# +RUN apt-get update +RUN apt-get install -y devscripts equivs git quilt gcc curl + +# +# Set up NetworkRADIUS extras repository +# +RUN install -d -o root -g root -m 0755 /etc/apt/keyrings \ + && curl -o /etc/apt/keyrings/packages.networkradius.com.asc "https://packages.networkradius.com/pgp/packages%40networkradius.com" \ + && echo "deb [signed-by=/etc/apt/keyrings/packages.networkradius.com.asc] http://packages.networkradius.com/extras/ubuntu/jammy jammy main" > /etc/apt/sources.list.d/networkradius-extras.list \ + && apt-get update + +# +# Create build directory +# +RUN mkdir -p /usr/local/src/repositories/freeradius-server +WORKDIR /usr/local/src/repositories/freeradius-server/ + +# +# Copy the FreeRADIUS directory in +# +COPY . . + +# +# Clean up tree - we want to build from the latest commit, not from +# any cruft left around on the local system +# +RUN git clean -fdxx \ + && git reset --hard HEAD + +# +# Install build dependencies +# +RUN if [ -e ./debian/control.in ]; then \ + debian/rules debian/control; \ + fi; \ + echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control + +# +# Build the server +# +RUN make -j$(nproc) deb + +# +# Clean environment and run the server +# +FROM ${from} +ARG DEBIAN_FRONTEND=noninteractive + +COPY --from=build /usr/local/src/repositories/*.deb /tmp/ + +# +# We need curl to get the signing key +# +RUN apt-get update \ + && apt-get install -y curl \ + && apt-get clean \ + && rm -r /var/lib/apt/lists/* + +# +# Set up NetworkRADIUS extras repository +# +RUN install -d -o root -g root -m 0755 /etc/apt/keyrings \ + && curl -o /etc/apt/keyrings/packages.networkradius.com.asc "https://packages.networkradius.com/pgp/packages%40networkradius.com" \ + && echo "deb [signed-by=/etc/apt/keyrings/packages.networkradius.com.asc] http://packages.networkradius.com/extras/ubuntu/jammy jammy main" > /etc/apt/sources.list.d/networkradius-extras.list + +ARG freerad_uid=101 +ARG freerad_gid=101 + +RUN groupadd -g ${freerad_gid} -r freerad \ + && useradd -u ${freerad_uid} -g freerad -r -M -d /etc/freeradius -s /usr/sbin/nologin freerad \ + && apt-get update \ + && apt-get install -y /tmp/*.deb \ + && apt-get clean \ + && rm -r /var/lib/apt/lists/* /tmp/*.deb \ + \ + && ln -s /etc/freeradius /etc/raddb + +WORKDIR / +COPY scripts/docker/etc/docker-entrypoint.sh.deb docker-entrypoint.sh +RUN chmod +x docker-entrypoint.sh + +EXPOSE 1812/udp 1813/udp +ENTRYPOINT ["/docker-entrypoint.sh"] +CMD ["freeradius"] diff --git a/scripts/docker/build-ubuntu18/Dockerfile.deps b/scripts/docker/build/ubuntu22/Dockerfile.cb similarity index 60% rename from scripts/docker/build-ubuntu18/Dockerfile.deps rename to scripts/docker/build/ubuntu22/Dockerfile.cb index 7f677624086..15c674d26e0 100644 --- a/scripts/docker/build-ubuntu18/Dockerfile.deps +++ b/scripts/docker/build/ubuntu22/Dockerfile.cb @@ -1,17 +1,25 @@ -FROM ubuntu:18.04 +# Auto generated for ubuntu22 +# from scripts/docker/m4/crossbuild.deb.m4 +# +# Rebuild this file with `make crossbuild.ubuntu22.regen` +# +ARG from=ubuntu:22.04 +FROM ${from} as build SHELL ["/usr/bin/nice", "-n", "5", "/usr/bin/ionice", "-c", "3", "/bin/sh", "-x", "-c"] -ARG osname=bionic -ONBUILD ARG osname=${osname} - ARG APT_OPTS="-y --option=Dpkg::options::=--force-unsafe-io --no-install-recommends" ARG DEBIAN_FRONTEND=noninteractive + +# +# Install add-apt-repository (may be needed for clang) and +# package development utilities +# RUN apt-get update && \ -# Development utilities apt-get install $APT_OPTS \ + software-properties-common \ devscripts \ equivs \ git \ @@ -20,45 +28,75 @@ RUN apt-get update && \ procps \ quilt \ rsync \ - software-properties-common \ - wget \ -# eapol_test dependencies + wget && \ + apt-get clean && \ + rm -r /var/lib/apt/lists/* + + +# +# Set up NetworkRADIUS extras repository +# +RUN install -d -o root -g root -m 0755 /etc/apt/keyrings && \ + wget -O /etc/apt/keyrings/packages.networkradius.com.asc "https://packages.networkradius.com/pgp/packages%40networkradius.com" && \ + echo "deb [signed-by=/etc/apt/keyrings/packages.networkradius.com.asc] http://packages.networkradius.com/extras/ubuntu/jammy jammy main" > /etc/apt/sources.list.d/networkradius-extras.list && \ + apt-get update + + +# +# Install compilers +# +RUN apt-get install $APT_OPTS \ + g++ \ + llvm clang lldb + + + + +# +# Install eapol_test dependencies +# +RUN apt-get install $APT_OPTS \ libnl-3-dev \ - libnl-genl-3-dev \ -# For debugging (e.g. in crossbuild) + libnl-genl-3-dev + + +# +# Install debugging utilities +# +RUN apt-get install $APT_OPTS \ gdb \ less \ - vim \ -# Compilers - clang \ - g++ \ lldb \ - llvm + vim # # Documentation build dependencies # +WORKDIR /tmp + # - doxygen & JSON.pm RUN apt-get install $APT_OPTS \ doxygen \ graphviz \ libjson-perl -# - antora (npm needed) -RUN bash -c "$(wget -O - https://deb.nodesource.com/setup_14.x)" && \ - apt-get install $APT_OPTS \ - nodejs -RUN npm i -g @antora/cli@2.1 @antora/site-generator-default@2.1 + +# - antora (needs npm) +RUN bash -c "$(wget -O - https://deb.nodesource.com/setup_20.x)" && \ + apt-get install $APT_OPTS nodejs && \ + npm i -g @antora/cli@3.1.7 @antora/site-generator-default@3.1.7 + # - pandoc RUN wget $(wget -qO - https://api.github.com/repos/jgm/pandoc/releases/latest | sed -ne 's/.*"browser_download_url".*"\(.*amd64\.deb\)"/\1/ p') && \ find . -mindepth 1 -maxdepth 1 -type f -name 'pandoc-*.deb' -print0 | \ xargs -0 -r apt-get install $APT_OPTS && \ find . -mindepth 1 -maxdepth 1 -type f -name 'pandoc-*.deb' -delete + # - asciidoctor RUN apt-get install $APT_OPTS \ - ruby -RUN gem install asciidoctor + ruby ruby-dev && \ + gem install asciidoctor # @@ -68,22 +106,12 @@ RUN mkdir -p /usr/local/src/repositories WORKDIR /usr/local/src/repositories -# -# Set up NetworkRADIUS extras repository -# -RUN wget -O - "https://packages.networkradius.com/pgp/packages%40networkradius.com" | apt-key add && \ - echo "deb http://packages.networkradius.com/extras/ubuntu/bionic bionic main" > /etc/apt/sources.list.d/networkradius-extras.list && \ - apt-get update - - # # Shallow clone the FreeRADIUS source # WORKDIR /usr/local/src/repositories ARG source=https://github.com/FreeRADIUS/freeradius-server.git -ARG branch=master -RUN git clone --depth 1 --no-single-branch -b ${branch} ${source} - +RUN git clone --depth 1 --no-single-branch ${source} # # Install build dependencies for all branches from v3 onwards diff --git a/scripts/docker/build/ubuntu24/Dockerfile b/scripts/docker/build/ubuntu24/Dockerfile new file mode 100644 index 00000000000..ae062147b41 --- /dev/null +++ b/scripts/docker/build/ubuntu24/Dockerfile @@ -0,0 +1,97 @@ +# Auto generated for ubuntu24 +# from scripts/docker/m4/docker.deb.m4 +# +# Rebuild this file with `make docker.ubuntu24.regen` +# +ARG from=ubuntu:24.04 +FROM ${from} as build + +ARG DEBIAN_FRONTEND=noninteractive + +# +# Install build tools +# +RUN apt-get update +RUN apt-get install -y devscripts equivs git quilt gcc curl + +# +# Set up NetworkRADIUS extras repository +# +RUN install -d -o root -g root -m 0755 /etc/apt/keyrings \ + && curl -o /etc/apt/keyrings/packages.networkradius.com.asc "https://packages.networkradius.com/pgp/packages%40networkradius.com" \ + && echo "deb [signed-by=/etc/apt/keyrings/packages.networkradius.com.asc] http://packages.networkradius.com/extras/ubuntu/noble noble main" > /etc/apt/sources.list.d/networkradius-extras.list \ + && apt-get update + +# +# Create build directory +# +RUN mkdir -p /usr/local/src/repositories/freeradius-server +WORKDIR /usr/local/src/repositories/freeradius-server/ + +# +# Copy the FreeRADIUS directory in +# +COPY . . + +# +# Clean up tree - we want to build from the latest commit, not from +# any cruft left around on the local system +# +RUN git clean -fdxx \ + && git reset --hard HEAD + +# +# Install build dependencies +# +RUN if [ -e ./debian/control.in ]; then \ + debian/rules debian/control; \ + fi; \ + echo 'y' | mk-build-deps -irt'apt-get -yV' debian/control + +# +# Build the server +# +RUN make -j$(nproc) deb + +# +# Clean environment and run the server +# +FROM ${from} +ARG DEBIAN_FRONTEND=noninteractive + +COPY --from=build /usr/local/src/repositories/*.deb /tmp/ + +# +# We need curl to get the signing key +# +RUN apt-get update \ + && apt-get install -y curl \ + && apt-get clean \ + && rm -r /var/lib/apt/lists/* + +# +# Set up NetworkRADIUS extras repository +# +RUN install -d -o root -g root -m 0755 /etc/apt/keyrings \ + && curl -o /etc/apt/keyrings/packages.networkradius.com.asc "https://packages.networkradius.com/pgp/packages%40networkradius.com" \ + && echo "deb [signed-by=/etc/apt/keyrings/packages.networkradius.com.asc] http://packages.networkradius.com/extras/ubuntu/noble noble main" > /etc/apt/sources.list.d/networkradius-extras.list + +ARG freerad_uid=101 +ARG freerad_gid=101 + +RUN groupadd -g ${freerad_gid} -r freerad \ + && useradd -u ${freerad_uid} -g freerad -r -M -d /etc/freeradius -s /usr/sbin/nologin freerad \ + && apt-get update \ + && apt-get install -y /tmp/*.deb \ + && apt-get clean \ + && rm -r /var/lib/apt/lists/* /tmp/*.deb \ + \ + && ln -s /etc/freeradius /etc/raddb + +WORKDIR / +COPY scripts/docker/etc/docker-entrypoint.sh.deb docker-entrypoint.sh +RUN chmod +x docker-entrypoint.sh + +EXPOSE 1812/udp 1813/udp +ENTRYPOINT ["/docker-entrypoint.sh"] +CMD ["freeradius"] diff --git a/scripts/docker/build/ubuntu24/Dockerfile.cb b/scripts/docker/build/ubuntu24/Dockerfile.cb new file mode 100644 index 00000000000..f6b2feb6b42 --- /dev/null +++ b/scripts/docker/build/ubuntu24/Dockerfile.cb @@ -0,0 +1,128 @@ +# Auto generated for ubuntu24 +# from scripts/docker/m4/crossbuild.deb.m4 +# +# Rebuild this file with `make crossbuild.ubuntu24.regen` +# +ARG from=ubuntu:24.04 +FROM ${from} as build + +SHELL ["/usr/bin/nice", "-n", "5", "/usr/bin/ionice", "-c", "3", "/bin/sh", "-x", "-c"] + +ARG APT_OPTS="-y --option=Dpkg::options::=--force-unsafe-io --no-install-recommends" + +ARG DEBIAN_FRONTEND=noninteractive + + +# +# Install add-apt-repository (may be needed for clang) and +# package development utilities +# +RUN apt-get update && \ + apt-get install $APT_OPTS \ + software-properties-common \ + devscripts \ + equivs \ + git \ + gnupg2 \ + lsb-release \ + procps \ + quilt \ + rsync \ + wget && \ + apt-get clean && \ + rm -r /var/lib/apt/lists/* + + +# +# Set up NetworkRADIUS extras repository +# +RUN install -d -o root -g root -m 0755 /etc/apt/keyrings && \ + wget -O /etc/apt/keyrings/packages.networkradius.com.asc "https://packages.networkradius.com/pgp/packages%40networkradius.com" && \ + echo "deb [signed-by=/etc/apt/keyrings/packages.networkradius.com.asc] http://packages.networkradius.com/extras/ubuntu/noble noble main" > /etc/apt/sources.list.d/networkradius-extras.list && \ + apt-get update + + +# +# Install compilers +# +RUN apt-get install $APT_OPTS \ + g++ \ + llvm clang lldb + + + + +# +# Install eapol_test dependencies +# +RUN apt-get install $APT_OPTS \ + libnl-3-dev \ + libnl-genl-3-dev + + +# +# Install debugging utilities +# +RUN apt-get install $APT_OPTS \ + gdb \ + less \ + lldb \ + vim + + +# +# Documentation build dependencies +# + +WORKDIR /tmp + +# - doxygen & JSON.pm +RUN apt-get install $APT_OPTS \ + doxygen \ + graphviz \ + libjson-perl + +# - antora (needs npm) +RUN bash -c "$(wget -O - https://deb.nodesource.com/setup_20.x)" && \ + apt-get install $APT_OPTS nodejs && \ + npm i -g @antora/cli@3.1.7 @antora/site-generator-default@3.1.7 + +# - pandoc +RUN wget $(wget -qO - https://api.github.com/repos/jgm/pandoc/releases/latest | sed -ne 's/.*"browser_download_url".*"\(.*amd64\.deb\)"/\1/ p') && \ + find . -mindepth 1 -maxdepth 1 -type f -name 'pandoc-*.deb' -print0 | \ + xargs -0 -r apt-get install $APT_OPTS && \ + find . -mindepth 1 -maxdepth 1 -type f -name 'pandoc-*.deb' -delete + +# - asciidoctor +RUN apt-get install $APT_OPTS \ + ruby ruby-dev && \ + gem install asciidoctor + + +# +# Setup a src dir in /usr/local +# +RUN mkdir -p /usr/local/src/repositories +WORKDIR /usr/local/src/repositories + + +# +# Shallow clone the FreeRADIUS source +# +WORKDIR /usr/local/src/repositories +ARG source=https://github.com/FreeRADIUS/freeradius-server.git +RUN git clone --depth 1 --no-single-branch ${source} + +# +# Install build dependencies for all branches from v3 onwards +# +WORKDIR freeradius-server +RUN for i in $(git for-each-ref --format='%(refname:short)' refs/remotes/origin 2>/dev/null | sed -e 's#origin/##' | egrep "^(v[3-9]*\.[0-9x]*\.x|master|${branch})$" | sort -u); \ + do \ + git checkout $i; \ + if [ -e ./debian/control.in ] ; then \ + debian/rules debian/control ; \ + fi ; \ + mk-build-deps -irt"apt-get -o Debug::pkgProblemResolver=yes $APT_OPTS" debian/control ; \ + apt-get -y remove libiodbc2-dev ; \ + done