Erik Brakkee
b41317c598
Next step is to do more validation in the UI. Specifically: * validate authorized keys * detection of accidental use of a private key Then, password based access can be disabled.
32 lines
1.2 KiB
Docker
32 lines
1.2 KiB
Docker
FROM alpine:3.19.3 as builder
|
|
|
|
RUN apk update && apk add go curl
|
|
RUN mkdir -p /opt/converge/bin
|
|
|
|
# if templ cannot be obtained: quick fix, remove this statement and run make, then build the image.
|
|
RUN curl -L https://github.com/a-h/templ/releases/download/v0.2.747/templ_Linux_x86_64.tar.gz -o templ.tar.gz && \
|
|
tar xvzf templ.tar.gz templ && \
|
|
chmod 755 templ && \
|
|
mv templ /bin
|
|
COPY cmd pkg static go.mod go.sum /opt/converge/
|
|
WORKDIR /opt/converge
|
|
RUN go mod download
|
|
COPY . /opt/converge/
|
|
RUN templ generate
|
|
RUN go build -ldflags "-linkmode 'external' -extldflags '-static'" -o bin ./cmd/...
|
|
RUN GOOS=windows GOARCH=amd64 go build -o bin ./cmd/...
|
|
|
|
FROM scratch
|
|
|
|
COPY --from=builder /opt/converge/bin/converge /opt/converge/bin/
|
|
COPY --from=builder /opt/converge/bin/agent \
|
|
/opt/converge/bin/tcptows \
|
|
/opt/converge/bin/wsproxy \
|
|
/opt/converge/bin/agent.exe \
|
|
/opt/converge/bin/tcptows.exe \
|
|
/opt/converge/bin/wsproxy.exe \
|
|
/opt/converge/static/
|
|
COPY --from=builder /opt/converge/static/ /opt/converge/static/
|
|
|
|
ENTRYPOINT ["/opt/converge/bin/converge", "-s", "/opt/converge/static", "-d", "/opt/converge/static" ]
|