forked from aind-containers/aind
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
128 lines (121 loc) · 4.62 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
# this dockerfile can be translated to `docker/dockerfile:1-experimental` syntax for enabling cache mounts:
# $ ./hack/translate-dockerfile-runopt-directive.sh < Dockerfile | DOCKER_BUILDKIT=1 docker build -f - .
ARG BASE=ubuntu:20.04
# Sep 26, 2020
ARG ANBOX_COMMIT=170f1e029e753e782c66bffb05e91dd770d47dc3
# ARG ANDROID_IMAGE=https://build.anbox.io/android-images/2018/07/19/android_amd64.img
# Mirror
ARG ANDROID_IMAGE=https://github.com/AkihiroSuda/anbox-android-images-mirror/releases/download/snapshot-20180719/android_amd64.img
# https://build.anbox.io/android-images/2018/07/19/android_amd64.img.sha256sum
ARG ANDROID_IMAGE_SHA256=6b04cd33d157814deaf92dccf8a23da4dc00b05ca6ce982a03830381896a8cca
FROM ${BASE} AS anbox
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && \
apt-get install -qq -y --no-install-recommends \
build-essential \
ca-certificates \
cmake \
cmake-data \
cmake-extras \
debhelper \
dbus \
git \
google-mock \
libboost-dev \
libboost-filesystem-dev \
libboost-log-dev \
libboost-iostreams-dev \
libboost-program-options-dev \
libboost-system-dev \
libboost-test-dev \
libboost-thread-dev \
libcap-dev \
libegl1-mesa-dev \
libexpat1-dev \
libgles2-mesa-dev \
libglm-dev \
libgtest-dev \
liblxc1 \
libproperties-cpp-dev \
libprotobuf-dev \
libsdl2-dev \
libsdl2-image-dev \
libsystemd-dev \
lxc-dev \
pkg-config \
protobuf-compiler \
python2
RUN git clone --recursive https://github.com/anbox/anbox /anbox
WORKDIR /anbox
ARG ANBOX_COMMIT
RUN git pull && git checkout ${ANBOX_COMMIT} && git submodule update --recursive
COPY ./src/patches/anbox /patches
# `git am` requires user info to be set
RUN git config user.email "nobody@example.com" && \
git config user.name "AinD Build Script" && \
if [ -f /patches/*.patch ]; then git am /patches/*.patch && git show --summary; fi
# runopt = --mount=type=cache,id=aind-anbox,target=/build
RUN ./scripts/build.sh && \
cp -f ./build/src/anbox /anbox-binary
FROM ${BASE} AS android-img
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && \
apt-get install -qq -y --no-install-recommends \
ca-certificates curl
ARG ANDROID_IMAGE
ARG ANDROID_IMAGE_SHA256
RUN curl --retry 10 -L -o /android.img $ANDROID_IMAGE \
&& echo $ANDROID_IMAGE_SHA256 /android.img | sha256sum --check
FROM ${BASE}
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && \
apt-get install -qq -y --no-install-recommends \
# base system
ca-certificates curl iproute2 jq kmod socat \
# lxc
iptables lxc \
# anbox deps
libboost-log1.71.0 libboost-thread1.71.0 libboost-program-options1.71.0 libboost-iostreams1.71.0 libboost-filesystem1.71.0 libegl1-mesa libgles2-mesa libprotobuf-lite17 libsdl2-2.0-0 libsdl2-image-2.0-0 \
# squashfuse
squashfuse fuse3 \
# adb
adb \
# systemd
dbus dbus-user-session systemd systemd-container systemd-sysv \
# X11
xvfb x11vnc \
# noVNC
websockify novnc \
# WM
fvwm xterm \
# debug utilities
busybox figlet file strace less && \
# ...
useradd --create-home --home-dir /home/user --uid 1000 -G systemd-journal user && \
curl -L -o /docker-entrypoint.sh https://raw.githubusercontent.com/AkihiroSuda/containerized-systemd/6ced78a9df65c13399ef1ce41c0bedc194d7cff6/docker-entrypoint.sh && \
chmod +x /docker-entrypoint.sh
# apk-pre.d is for pre-installed apks, /apk.d for the mountpoint for user-specific apks
RUN mkdir -p /apk-pre.d /apk.d && \
curl -L -o /apk-pre.d/FDroid.apk https://f-droid.org/FDroid.apk && \
curl -L -o /apk-pre.d/firefox.apk https://ftp.mozilla.org/pub/mobile/releases/68.9.0/android-x86_64/en-US/fennec-68.9.0.en-US.android-x86_64.apk && \
chmod 444 /apk-pre.d/*
COPY --from=android-img /android.img /aind-android.img
COPY --from=anbox /anbox-binary /usr/local/bin/anbox
COPY --from=anbox /anbox/scripts/anbox-bridge.sh /usr/local/share/anbox/anbox-bridge.sh
COPY --from=anbox /anbox/data/ui /usr/local/share/anbox/ui
RUN ldconfig
ADD src/anbox-container-manager-pre.sh /usr/local/bin/anbox-container-manager-pre.sh
ADD src/anbox-container-manager.service /lib/systemd/system/anbox-container-manager.service
RUN systemctl enable anbox-container-manager
ADD src/unsudo /usr/local/bin
ADD src/docker-2ndboot.sh /home/user
ENV WEBMODE 0
# Usage: docker run --rm --privileged -v /:/host --entrypoint bash ghcr.io/aind-containers/aind -exc "cp -f /install-kmod.sh /host/aind-install-kmod.sh && cd /host && chroot . /aind-install-kmod.sh"
ADD hack/install-kmod.sh /
VOLUME /var/lib/anbox
ENTRYPOINT ["/docker-entrypoint.sh", "unsudo"]
EXPOSE 5900
EXPOSE 8080
HEALTHCHECK --interval=15s --timeout=10s --start-period=60s --retries=5 \
CMD ["pgrep", "-f", "org.anbox.appmgr"]
CMD ["/home/user/docker-2ndboot.sh"]