-
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
127 lines (108 loc) · 5.31 KB
/
Dockerfile
File metadata and controls
127 lines (108 loc) · 5.31 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
# syntax=docker/dockerfile:1.7
ARG BASE_IMAGE_REGISTRY=ghcr.io
ARG BASE_IMAGE_NAME=linuxserver/baseimage-alpine
ARG BASE_IMAGE_VARIANT=3.22
ARG BASE_IMAGE=${BASE_IMAGE_REGISTRY}/${BASE_IMAGE_NAME}:${BASE_IMAGE_VARIANT}
ARG BUILD_OUTPUT_DIR=/out
ARG TAR1090_DB_URL=https://github.com/wiedehopf/tar1090-db/raw/csv/aircraft.csv.gz
ARG READSB_REPO_URL=https://github.com/wiedehopf/readsb
ARG READSB_REPO_BRANCH=dev
ARG VCS_URL=https://github.com/blackoutsecure/docker-readsb
FROM ${BASE_IMAGE} AS builder
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
ARG BUILD_OUTPUT_DIR
ARG TAR1090_DB_URL
ARG READSB_REPO_URL
ARG READSB_REPO_BRANCH
ARG VCS_URL
RUN apk add --no-cache \
build-base \
ca-certificates \
git \
librtlsdr-dev \
linux-headers \
ncurses-dev \
pkgconf \
wget \
zlib-dev \
zstd-dev
WORKDIR /src
RUN git clone --branch ${READSB_REPO_BRANCH} --single-branch --depth 1 ${READSB_REPO_URL} . && \
BUILD_DATE="$(git log -1 --format=%cI)" && \
VERSION="$(cat VERSION 2>/dev/null || cat version 2>/dev/null || git describe --tags --always --dirty 2>/dev/null || echo unknown)" && \
VCS_REF="$(git rev-parse HEAD)" && \
printf 'BUILD_DATE=%s\nVERSION=%s\nVCS_REF=%s\nVCS_URL=%s\n' "${BUILD_DATE}" "${VERSION}" "${VCS_REF}" "${VCS_URL}" > /tmp/readsb-build-metadata.env && \
rm -rf .git
COPY src/usb-reset.c /tmp/usb-reset.c
RUN gcc -O2 -s -o /tmp/usb-reset /tmp/usb-reset.c
RUN set -e && \
MARCH="" && \
if [ "$(uname -m)" = "x86_64" ]; then MARCH=" -march=nehalem"; fi && \
mkdir -p "${BUILD_OUTPUT_DIR}/usr/local/bin" && \
make -j"$(nproc)" RTLSDR=yes OPTIMIZE="-O2${MARCH}" && \
install -D -m 0755 readsb "${BUILD_OUTPUT_DIR}/usr/local/bin/readsb" && \
install -D -m 0755 viewadsb "${BUILD_OUTPUT_DIR}/usr/local/bin/viewadsb" && \
make clean && \
make -j"$(nproc)" PRINT_UUIDS=yes TRACKS_UUID=yes OPTIMIZE="-O2${MARCH}" && \
install -D -m 0755 readsb "${BUILD_OUTPUT_DIR}/usr/local/bin/readsb-uuid" && \
install -D -m 0755 viewadsb "${BUILD_OUTPUT_DIR}/usr/local/bin/viewadsb-uuid" && \
strip --strip-unneeded \
"${BUILD_OUTPUT_DIR}/usr/local/bin/"* && \
install -D -m 0755 /tmp/usb-reset "${BUILD_OUTPUT_DIR}/usr/local/bin/usb-reset" && \
mkdir -p "${BUILD_OUTPUT_DIR}/usr/local/share/tar1090" "${BUILD_OUTPUT_DIR}/usr/local/share/readsb" && \
install -D -m 0644 /tmp/readsb-build-metadata.env "${BUILD_OUTPUT_DIR}/usr/local/share/readsb/build-metadata.env" && \
wget -q --https-only --tries=3 --timeout=20 -O "${BUILD_OUTPUT_DIR}/usr/local/share/tar1090/aircraft.csv.gz" "${TAR1090_DB_URL}"
FROM ${BASE_IMAGE}
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
ARG READSB_USER=abc
ARG READSB_RUN_DIR=/run/readsb
ARG TAR1090_DB_PATH=/usr/local/share/tar1090/aircraft.csv.gz
ARG VCS_URL
LABEL build_version="Linuxserver.io version:- unknown Build-date:- unknown"
LABEL maintainer="Blackout Secure - https://blackoutsecure.app/"
LABEL org.opencontainers.image.title="docker-readsb" \
org.opencontainers.image.description="LinuxServer.io style containerized build of readsb, a high-performance ADS-B decoder with RTL-SDR support. Outputs JSON and network feeds, running in a hardened LinuxServer.io-based environment for reliable aircraft signal decoding." \
org.opencontainers.image.url="${VCS_URL}" \
org.opencontainers.image.source="${VCS_URL}" \
org.opencontainers.image.revision="unknown" \
org.opencontainers.image.created="unknown" \
org.opencontainers.image.version="unknown" \
org.opencontainers.image.licenses="GPL-3.0-or-later"
ENV HOME="/config" \
READSB_USER="${READSB_USER}" \
READSB_RUN_DIR="${READSB_RUN_DIR}" \
TAR1090_DB_PATH="${TAR1090_DB_PATH}" \
READSB_ARGS="--net --device-type rtlsdr --write-json ${READSB_RUN_DIR} --write-json-every 1 --db-file ${TAR1090_DB_PATH}"
RUN apk add --no-cache \
librtlsdr \
ncurses-libs \
jemalloc \
zlib \
zstd \
curl \
jq \
kmod \
procps \
psmisc \
rtl-sdr \
usbutils
COPY --link --from=builder /out/usr/local/ /usr/local/
COPY --link root/ /
ENV LD_PRELOAD="/usr/lib/libjemalloc.so.2" \
MALLOC_CONF="narenas:1,tcache:false"
RUN if [ -f /usr/local/share/readsb/build-metadata.env ]; then . /usr/local/share/readsb/build-metadata.env; fi && \
echo "Linuxserver.io version:- ${VERSION:-unknown} Build-date:- ${BUILD_DATE:-unknown} Revision:- ${VCS_REF:-unknown}" > /build_version && \
find /etc/s6-overlay/s6-rc.d -type f \( -name run -o -name finish -o -name check \) -exec chmod 0755 {} + && \
# Disable base image services not needed by this container:
# - svc-cron: no cron jobs; if crontabs exist from base image, crond starts and fills logs
# - init-crontab-config: sets up crontabs that would trigger svc-cron
rm -f /etc/s6-overlay/s6-rc.d/user/contents.d/svc-cron \
/etc/s6-overlay/s6-rc.d/user/contents.d/init-crontab-config && \
rm -rf /tmp/* /var/tmp/* /var/cache/apk/*
EXPOSE 30001 30002 30003 30004 30005 30104
VOLUME ["/config"]
# Health check: verify aircraft.json exists and was updated within the last 60s
HEALTHCHECK --interval=30s --timeout=5s --start-period=60s --retries=3 \
CMD ["/bin/bash", "-c", \
"test -f /run/readsb/aircraft.json && \
find /run/readsb/aircraft.json -mmin -1 | grep -q ."]