mirror of
https://codeberg.org/privacy1st/arch
synced 2024-12-23 01:16:04 +01:00
38 lines
1.2 KiB
Docker
38 lines
1.2 KiB
Docker
# Inspiration:
|
|
# * https://github.com/ungoogled-software/ungoogled-chromium-archlinux/blob/master/.github/workflows/build/Dockerfile
|
|
# * https://github.com/WhyNotHugo/docker-makepkg/blob/main/Dockerfile
|
|
|
|
FROM archlinux:base-devel
|
|
|
|
# 1. Add de-p1st mirror
|
|
# 2. Update mirrors + packages
|
|
|
|
RUN printf '\n[de-p1st]\nSigLevel = Optional TrustAll\nServer = https://arch.p1st.de\n' >> /etc/pacman.conf && \
|
|
pacman -Syu --noconfirm && \
|
|
pacman -S --noconfirm archiso openssh
|
|
|
|
# 1. Set packager
|
|
# 2. Store built packages in /out/
|
|
RUN sed --in-place 's|^#PACKAGER=.*$|PACKAGER="Daniel Langbein <daniel@systemli.org>"|' /etc/makepkg.conf && \
|
|
sed --in-place 's|^#PKGDEST=.*$|PKGDEST=/out|' /etc/makepkg.conf
|
|
|
|
# Create a normal user to build the ISO
|
|
RUN useradd --create-home build
|
|
RUN echo "build ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
|
|
|
|
# Create output directory
|
|
RUN mkdir -p /out
|
|
|
|
# Continue execution (and CMD) as notroot:
|
|
USER build
|
|
WORKDIR /home/build
|
|
|
|
# Auto-fetch GPG keys (to check signatures):
|
|
RUN mkdir .gnupg && \
|
|
echo "keyserver-options auto-key-retrieve" > .gnupg/gpg.conf
|
|
|
|
COPY run.sh /home/build/run.sh
|
|
ENTRYPOINT [ "/bin/bash", "/home/build/run.sh" ]
|
|
# Default arguments passed to /run.sh
|
|
# CMD [ "clean" ]
|