alpine基础镜像+基础环境,执行与验证
Radicale 【caldav server】,群晖部署(替代Synology Calendar)
一、alpine基础镜像执行与验证:
root@hh:/volume1/server/source/alpine_python# cat python_alpine.dockerfile
# 构建物打包阶段 final stage
#FROM alpine:latest
FROM python:3.7-alpine
LABEL maintainer="kk 2021.11.28"
# 配置apk包加速镜像
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories \
&& echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories \
&& apk update \
&& apk upgrade
# 安装基础包
RUN apk add --no-cache ca-certificates \
&& apk add tzdata \
&& apk add bash \
&& apk add s6 \
&& apk add wget \
&& apk add curl \
&& apk add openssh-client \
&& apk add iperf3 \
# ethtool:用于获取以太网卡的配置信息,或者修改这些配置
&& apk add ethtool \
# nftables:是一个 netfilter 项目,旨在替换现有的 {ip,ip6,arp,eb}tables 框架,为{ip,ip6}tables提供一个新的包过滤框架、一个新的用户空间实用程序(nft)和一个兼容层。它使用现有的钩子、链接跟踪系统、用户空间排队组件和 netfilter 日志子系统。
&& apk add nftables \
# busybox-extras:包含 telnet 命令
&& apk add busybox-extras \
&& apk add tcpdump \
&& apk add iputils \
&& apk add iptables \
# iproute2:ip link、ip route、ss 等命令
&& apk add iproute2 \
# net-tools:ifconfig、netstat、route 等命令
&& apk add net-tools \
#&& apk add telnet\
#&& apk add traceroute \
&& apk add coreutils \
&& apk add libc6-compat \
&& update-ca-certificates 2>/dev/null || true \
&& rm -rf /tmp/* \
&& rm -rf /var/cache/apk/*
# 缺少/etc/nsswitch.conf 文件,导致 golang 程序在 Alpine 镜像下hosts定义的域名不生效
#&& [ ! -e /etc/nsswitch.conf ] \
#&& echo "hosts: files dns" > /etc/nsswitch.conf
# 设置 操作系统时区
RUN cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
#&& ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
&& echo "Asia/Shanghai" > /etc/timezone
#&& apk del tzdata
# 设置时区变量
ENV TIME_ZONE Asia/Shanghai
# 设置 语言支持
ENV LANG=zh_CN.UTF-8
ENV LANGUAGE=zh_CN:zh
# 打包应用
#ENV APP_NAME=${APP_NAME}
#ENV APP_ROOT="/data/apps/"${APP_NAME}
#RUN mkdir -p $APP_ROOT
#WORKDIR $APP_ROOT
# 设置启动时预期的命令参数, 可以被 docker run 的参数覆盖掉.
#CMD ["/bin/bash"]
#CMD $APP_ROOT/$APP_NAME
修改apk源
RUN sed -i 's/dl-cdn.alpinelinux.org/mirrors.ustc.edu.cn/g' /etc/apk/repositories \
&& echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing" >> /etc/apk/repositories \
&& apk update \
&& apk upgrade
验证:
root@hh:/volume1/server/source/alpine_python# docker run -it python3.7-alpine:v1
/bin/bash
bash-5.1# cat /etc/apk/repositories
https://mirrors.ustc.edu.cn/alpine/v3.14/main
https://mirrors.ustc.edu.cn/alpine/v3.14/community
http://dl-cdn.alpinelinux.org/alpine/edge/testing
安装基础包
# 安装基础包
RUN apk add --no-cache ca-certificates \
&& apk add tzdata \
&& apk add bash \
&& apk add s6 \
&& apk add wget \
&& apk add curl \
&& apk add openssh-client \
&& apk add iperf3 \
# ethtool:用于获取以太网卡的配置信息,或者修改这些配置
&& apk add ethtool \
# nftables:是一个 netfilter 项目,旨在替换现有的 {ip,ip6,arp,eb}tables 框架,为{ip,ip6}tables提供一个新的包过滤框架、一个新的用户空间实用程序(nft)和一个兼容层。它使用现有的钩子、链接
跟踪系统、用户空间排队组件和 netfilter 日志子系统。
&& apk add nftables \
# busybox-extras:包含 telnet 命令
&& apk add busybox-extras \
&& apk add tcpdump \
&& apk add iputils \
&& apk add iptables \
# iproute2:ip link、ip route、ss 等命令
&& apk add iproute2 \
# net-tools:ifconfig、netstat、route 等命令
&& apk add net-tools \
#&& apk add telnet\
#&& apk add traceroute \
&& apk add coreutils \
&& apk add libc6-compat \
&& update-ca-certificates 2>/dev/null || true \
&& rm -rf /tmp/* \
&& rm -rf /var/cache/apk/*
# 缺少/etc/nsswitch.conf 文件,导致 golang 程序在 Alpine 镜像下hosts定义的域名不生效
#&& [ ! -e /etc/nsswitch.conf ] \
#&& echo "hosts: files dns" > /etc/nsswitch.conf
- 验证
bash-5.1# apk list | grep ca-certificates
WARNING: Ignoring https://mirrors.ustc.edu.cn/alpine/v3.14/main: No such file or directory
WARNING: Ignoring https://mirrors.ustc.edu.cn/alpine/v3.14/community: No such file or directory
WARNING: Ignoring http://dl-cdn.alpinelinux.org/alpine/edge/testing: No such file or directory
ca-certificates-20191127-r5 x86_64 {ca-certificates} (MPL-2.0 AND MIT) [installed]
ca-certificates-bundle-20191127-r5 x86_64 {ca-certificates} (MPL-2.0 AND MIT) [installed]
tzdata-2021e-r0 x86_64 {tzdata} (Public-Domain) [installed]
bash-5.1.4-r0 x86_64 {bash} (GPL-3.0-or-later) [installed]
s6-2.10.0.3-r0 x86_64 {s6} (ISC) [installed]
s6-ipcserver-2.10.0.3-r0 x86_64 {s6} (ISC) [installed]
wget-1.21.1-r1 x86_64 {wget} (GPL-3.0-or-later WITH OpenSSL-Exception) [installed]
libcurl-7.79.1-r0 x86_64 {curl} (MIT) [installed]
curl-7.79.1-r0 x86_64 {curl} (MIT) [installed]
openssh-client-default-8.6_p1-r3 x86_64 {openssh} (BSD) [installed]
openssh-client-common-8.6_p1-r3 x86_64 {openssh} (BSD) [installed]
iperf3-3.10.1-r0 x86_64 {iperf3} (BSD-3-Clause) [installed]
ethtool-5.12-r0 x86_64 {ethtool} (GPL-2.0-only) [installed]
nftables-0.9.9-r0 x86_64 {nftables} (GPL-2.0-or-later) [installed]
busybox-extras-1.33.1-r6 x86_64 {busybox} (GPL-2.0-only) [installed]
bash-5.1# telnet
bash-5.1# tcpdump
iputils-20210202-r0 x86_64 {iputils} (BSD-3-Clause AND GPL-2.0-or-later AND MIT) [installed]
iptables-1.8.7-r1 x86_64 {iptables} (GPL-2.0-or-later) [installed]
iproute2-tc-5.12.0-r0 x86_64 {iproute2} (GPL-2.0-or-later) [installed]
iproute2-minimal-5.12.0-r0 x86_64 {iproute2} (GPL-2.0-or-later) [installed]
iproute2-5.12.0-r0 x86_64 {iproute2} (GPL-2.0-or-later) [installed]
iproute2-ss-5.12.0-r0 x86_64 {iproute2} (GPL-2.0-or-later) [installed]
bash-5.1# ip addr
bash-5.1# ip link
bash-5.1# ip route
bash-5.1# ss
net-tools-1.60_git20140218-r2 x86_64 {net-tools} (GPL-2.0) [installed]
mii-tool-1.60_git20140218-r2 x86_64 {net-tools} (GPL-2.0) [installed]
bash-5.1# netstat
bash-5.1# route
bash-5.1# ifconfig
bash-5.1# traceroute
coreutils-8.32-r2 x86_64 {coreutils} (GPL-3.0-or-later) [installed]
libc6-compat-1.2.2-r3 x86_64 {musl} (MIT) [installed]
时区
# 设置 操作系统时区
RUN cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
#&& ln -s /usr/share/zoneinfo/Asia/Shanghai /etc/localtime \
&& echo "Asia/Shanghai" > /etc/timezone
#&& apk del tzdata
- 验证
bash-5.1# cat /etc/timezone
Asia/Shanghai
bash-5.1# echo $TIME_ZONE
Asia/Shanghai
# 时间一致
bash-5.1# date
Sun Nov 28 22:32:18 CST 2021
语言
# 设置时区变量
ENV TIME_ZONE Asia/Shanghai
# 设置 语言支持
ENV LANG=zh_CN.UTF-8
ENV LANGUAGE=zh_CN:zh
- 验证
bash-5.1# echo $LANG
zh_CN.UTF-8
bash-5.1# echo $LANGUAGE
zh_CN:zh
python3软件运行环境
FROM python:3.7-alpine
bash-5.1# python --version
Python 3.7.12
bash-5.1# python3 --version
Python 3.7.12
bash-5.1# pip --version
pip 21.2.4 from /usr/local/lib/python3.7/site-packages/pip (python 3.7)
bash-5.1#
bash-5.1# pip3 --version
pip 21.2.4 from /usr/local/lib/python3.7/site-packages/pip (python 3.7)
bash-5.1# pip3 list
Package Version
---------- -------
pip 21.2.4
setuptools 57.5.0
wheel 0.37.0
二、radicale build/run
github.com/Kozea/Radic…
radicale.org/master.html…
官方带了dockerfile,参考了官网dockerfile
- radicale build/run
root@hh:/volume1/server/source/alpine_python# cat radicale3.0.6.dockerfile.v2
FROM python3.7-alpine:v1
LABEL maintainer="kk 2021.11.28"
RUN mkdir -p /usr/src/radicale \
&& mkdir -p /apps/radicale \
&& apk add bind-tools \
#&& pip install pip -U \
&& pip config set global.index-url https://mirrors.cloud.tencent.com/pypi/simple
#ARG VERSION=3.0.x
VOLUME /var/lib/radicale
VOLUME /etc/radicale
#EXPOSE 5232
RUN apk add --no-cache gcc musl-dev libffi-dev ca-certificates openssl
#RUN pip install --no-cache-dir "Radicale[bcrypt] @ https://github.com/Kozea/Radicale/archive/${VERSION}.tar.gz"
WORKDIR /usr/src/radicale
COPY Radicale-3.0.6/ .
RUN python3 setup.py install
RUN apk del gcc musl-dev libffi-dev
RUN rm -rf /usr/src/radicale
CMD ["radicale", "--hosts", "0.0.0.0:5232"]
#ENV CONF_FILE=$CONF_FILE
#CMD /apps/frp/frpc -c $CONF_FILE
- 验证
bash-5.1# ls -alhi /usr/src/radicale
bash-5.1# ls -alhi /apps/radicale
bash-5.1# apk list | grep bind-tools
bind-tools-9.16.20-r1 x86_64 {bind} (MPL-2.0) [installed]
bash-5.1# pip config list
global.index-url='https://mirrors.cloud.tencent.com/pypi/simple'
bash-5.1# ls -alhi /var/lib/radicale
bash-5.1# ls -alhi /etc/radicale
bash-5.1# netstat -antp
bash-5.1# apk list | grep openssl
bash-5.1# radicale --hosts 0.0.0.0:5232
[2021-11-28 23:20:50 +0800] [30] [CRITICAL] An exception occurred during server startup: Failed to start server '[0.0.0.0]:5232': [Errno 98] Address in use
bash-5.1# netstat
三、群晖,检查镜像、创建容器
- 验证
/etc/radicale # cat /etc/radicale/users
/etc/radicale # ls -alhi /apps/radicale/users
/etc/radicale # ls /usr/src/radicale/
3.1、必要配置:包括创建账号
# 在有htpasswd 的机器上执行指令,创建账号(加密),官方要求
# aaa 为文件名
➜ ~ htpasswd -c aaa kk
➜ ~ htpasswd -c aaa xhd
并写入 users 配置文件中
3.2、挂载配置文件以及目录
- 挂载:radicale 至 /etc/radicale ;程序默认创建目录,需要遵循除非改源码
- 挂载:radicale/conf 至 radicale/conf ;程序默认创建目录,需要遵循除非改源码
- 挂载:users 至 /apps/radicale/users;conf 文件中,个人自定义目录(可随意)
3.3、访问(默认5232端口)
- 默认 http://192.168.50.204:5232
- 使用刚创建的密码
