Add docker folder and Dockerfile to build the image, fixes #17

diff --git a/README.md b/README.md
index 1f91056b341b1423629e895db67dcd90ffa2699b..eb3016e2c19163b2e6d6ac82469548453f246cde 100644 (file)
--- a/README.md
+++ b/README.md
@@ -7,3 +7,7 @@ An RPKI Validator and RTR Server, part of the [FORT project](https://www.fortpro
 FORT Validator's documentation (installation, usage, etc.) can be found at [https://nicmx.github.io/FORT-validator/](https://nicmx.github.io/FORT-validator/).
 
 If you wish to generate the docs by yourself, visit the [docs directory](docs/).
+
+## Docker image
+
+A Dockerfile to build the image is located at the [docker directory](docker/).
\ No newline at end of file

diff --git a/docker/Dockerfile b/docker/Dockerfile
new file mode 100644 (file)
index 0000000..4a4cd41
--- /dev/null
+++ b/docker/Dockerfile
@@ -0,0 +1,39 @@
+#--- Alpine build container ---
+FROM alpine:latest AS builder
+ARG FORT_VERSION=1.3.0
+
+# Install compiler and dependencies
+RUN apk --update --no-cache add build-base autoconf automake pkgconfig jansson-dev check-dev \
+    openssl-dev openssl libexecinfo-dev bsd-compat-headers rsync wget curl-dev libxml2 libxml2-dev
+
+# Download FORT source code
+WORKDIR /root
+RUN wget https://github.com/NICMx/FORT-validator/releases/download/v${FORT_VERSION}/fort-${FORT_VERSION}.tar.gz
+RUN tar -xf fort-${FORT_VERSION}.tar.gz
+
+# Compile and install FORT
+WORKDIR /root/fort-${FORT_VERSION}
+RUN ./configure && make && make install
+
+
+#--- FORT image ---
+FROM alpine:latest
+
+# Install dependencies
+RUN apk --update --no-cache add openssl jansson rsync libexecinfo tini libxml2 libcurl
+
+# Install FORT binaries
+COPY --from=builder /usr/local/bin/fort /usr/local/bin/fort
+COPY --from=builder /usr/local/share/man/man8/fort.8 /usr/local/share/man/man8/fort.8
+
+# Create required directories
+RUN mkdir -p /var/local/fort && mkdir -p /etc/fort
+
+# Create a default configuration file
+RUN echo '{"tal":"/etc/fort/tal","local-repository":"/var/local/fort"}' > /etc/fort/fort.conf
+
+
+# Run FORT via TINI
+EXPOSE 323
+ENTRYPOINT ["tini", "-g", "--", "fort"]
+CMD ["--configuration-file", "/etc/fort/fort.conf"]

diff --git a/docker/README.md b/docker/README.md
new file mode 100644 (file)
index 0000000..a01bd6b
--- /dev/null
+++ b/docker/README.md
@@ -0,0 +1,79 @@
+# FORT Validator Docker image
+
+Docker image for [NICMx/FORT-validator](https://github.com/NICMx/FORT-validator) (using the [latest release](https://github.com/NICMx/FORT-validator/releases/latest)), based on Alpine Linux.
+
+Special thanks to [ximon18](https://github.com/ximon18) for its [contribution](https://github.com/NICMx/FORT-validator/issues/17).
+
+**This image doesn't include TAL (Trust Anchor Locator) files.** They must be obtained somewhere else (here's [an example](https://github.com/NICMx/FORT-validator/tree/master/examples/tal)).
+
+## Usage
+
+By default, the container uses a configuration file located (inside the container) at `/etc/fort/fort.conf`. The file content is:
+
+```
+{
+  "tal":"/etc/fort/tal",
+  "local-repository":"/var/local/fort"
+}
+```
+
+Here's a basic usage example to run FORT validator mostly with default values (runs as RTR server by default, bound to port 323):
+
+```
+docker run --name fort -v host/path/to/tals:/etc/fort/tal:ro -p 323:323 -d fort
+```
+
+At this example:
+- `host/path/to/tals` is the path a the host machine where the TALs are located (`-v` mounts the content at the container, the last value `:ro` is to use it as read only). Inside the container, by default `fort` will seek the TALs at `/etc/fort/tal`.
+- The host port `323` is mapped to the container port `323`, which is the default value where the RTR server will be bound to (see [`--server.port`](https://nicmx.github.io/FORT-validator/usage.html#--serverport)).
+- `-d` runs the container in daemon mode.
+
+When using `-d` to run the service in the background the logs can be tailed like so:
+
+```
+docker logs -f fort
+```
+
+## Examples
+
+The container can receive more configuration arguments, useful to set more [Program Arguments](https://nicmx.github.io/FORT-validator/usage.html).
+
+1. Store the local cache at the host machine (using the path `path/to/cache`) and run as RTR server:
+
+```
+docker run --name fort -v path/to/tals:/etc/fort/tal:ro \
+           -v path/to/cache:/var/local/fort \
+           -p 323:323 -d fort
+```
+
+2. Use your own config file:
+
+```
+docker run --name fort -v path/to/config/file:/etc/fort/fort.conf:ro -p 323:323 -d fort
+```
+
+3. Use your own command arguments:
+
+```
+docker run --name fort -v path/to/tals:/etc/fort/tal:ro -p 323:323 -ti fort [args]
+```
+
+3.1. Using the [`--help`](https://nicmx.github.io/FORT-validator/usage.html#--help) argument:
+
+```
+docker run --name fort --rm -ti fort -- -help
+```
+
+3.2. Running once and printing the resulting valid ROAs to standard output:
+
+```
+docker run --name fort --rm -v path/to/tals:/etc/fort/tal:ro \
+           -ti fort --tal /etc/fort/tal --mode standalone --output.roa -
+```
+
+3.3. Using a SLURM file (located at `path/to/slurm/my.slurm`):
+
+```
+docker run --name fort -rm -v path/to/tals:/etc/fort/tal:ro -v path/to/slurm:/tmp:ro \
+           -p 323:323 -ti fort --slurm /tmp/my.slurm
+```