2021-05-13 17:44:02 +02:00
|
|
|
# Inspiration:
|
|
|
|
# * https://github.com/ungoogled-software/ungoogled-chromium-archlinux/blob/master/.github/workflows/build/Dockerfile
|
|
|
|
# * https://github.com/WhyNotHugo/docker-makepkg/blob/main/Dockerfile
|
2021-05-13 15:44:34 +02:00
|
|
|
|
|
|
|
FROM archlinux:base-devel
|
|
|
|
|
2021-06-23 16:54:57 +02:00
|
|
|
# 0. DisableDownloadTimeout
|
2021-06-18 21:46:50 +02:00
|
|
|
# 1. Add de-p1st mirror
|
2021-09-10 12:16:36 +02:00
|
|
|
# 2. Add home_ungoogled_chromium_Arch (ungoogled-chromium) mirror
|
|
|
|
# 3. Add signing key of home_ungoogled_chromium_Arch mirror
|
|
|
|
# 4. Enable parallel downloads
|
2021-06-18 21:46:50 +02:00
|
|
|
# TODO: Wait until next baseimage update
|
|
|
|
# && sed --in-place 's|^#ParallelDownloads\s*=.*$|ParallelDownloads = 4|' /etc/pacman.conf \
|
2021-09-10 12:16:36 +02:00
|
|
|
# 5. Update mirrors + packages
|
|
|
|
# 6. Install svn for makepkg to handle svn sources
|
2021-06-23 16:54:57 +02:00
|
|
|
RUN printf '\n[options]\nDisableDownloadTimeout\n' >> /etc/pacman.conf && \
|
|
|
|
printf '\n[de-p1st]\nSigLevel = Optional TrustAll\nServer = https://arch.p1st.de\n' >> /etc/pacman.conf && \
|
2021-09-10 12:16:36 +02:00
|
|
|
printf '\n[home_ungoogled_chromium_Arch]\nSigLevel = Required TrustAll\nServer = https://download.opensuse.org/repositories/home:/ungoogled_chromium/Arch/$arch\n' >> /etc/pacman.conf && \
|
|
|
|
curl -s 'https://download.opensuse.org/repositories/home:/ungoogled_chromium/Arch/x86_64/home_ungoogled_chromium_Arch.key' | pacman-key --add - && \
|
2021-09-09 12:37:46 +02:00
|
|
|
pacman -Syu --noconfirm && \
|
|
|
|
pacman -S --needed --noconfirm svn
|
2021-06-18 21:46:50 +02:00
|
|
|
|
|
|
|
# 1. Set packager
|
|
|
|
# 2. Store built packages in /out/
|
|
|
|
RUN sed --in-place 's|^#PACKAGER=.*$|PACKAGER="Daniel Langbein <daniel@systemli.org>"|' /etc/makepkg.conf && \
|
|
|
|
sed --in-place 's|^#PKGDEST=.*$|PKGDEST=/out|' /etc/makepkg.conf
|
2021-05-13 15:44:34 +02:00
|
|
|
|
|
|
|
# Create a normal user to be used by makepkg
|
|
|
|
RUN useradd --create-home build
|
|
|
|
RUN echo "build ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
|
|
|
|
|
|
|
|
# Create output directory
|
|
|
|
RUN mkdir -p /out
|
|
|
|
|
|
|
|
# Continue execution (and CMD) as notroot:
|
|
|
|
USER build
|
|
|
|
WORKDIR /home/build
|
|
|
|
|
|
|
|
# Auto-fetch GPG keys (to check signatures):
|
2021-06-17 10:37:04 +02:00
|
|
|
RUN install -dm0700 .gnupg && \
|
|
|
|
install -m0600 <(printf "keyserver-options auto-key-retrieve\nkeyserver hkp://keyserver.ubuntu.com\n") .gnupg/gpg.conf
|
|
|
|
#
|
|
|
|
# GnuPG key import from keys.opengpg.org does not work for all keys, see
|
|
|
|
# https://keys.openpgp.org/about/usage#gnupg-troubleshooting
|
|
|
|
# https://superuser.com/a/1485255
|
|
|
|
# It seems as if thos won't be fixed:
|
|
|
|
# https://dev.gnupg.org/T4393
|
|
|
|
# Thus we use the ubuntu keyserver instead.
|
2021-05-13 15:44:34 +02:00
|
|
|
|
|
|
|
COPY run.sh /home/build/run.sh
|
|
|
|
ENTRYPOINT [ "/bin/bash", "/home/build/run.sh" ]
|
|
|
|
# Default arguments passed to /run.sh
|
2021-05-13 15:47:51 +02:00
|
|
|
# CMD [ "de-p1st-font" ]
|