diff options
| author | Fuwn <[email protected]> | 2024-06-24 17:49:36 -0700 |
|---|---|---|
| committer | Fuwn <[email protected]> | 2024-06-24 17:49:36 -0700 |
| commit | 105fcb3918a81d661797113ef2a6a4a1515130b5 (patch) | |
| tree | 39df4101ea8ced199a8dcac5c32da4645557e31e | |
| parent | b3ff004393aa8ead2a75c195c247228e97cccacf (diff) | |
| download | gigi-105fcb3918a81d661797113ef2a6a4a1515130b5.tar.xz gigi-105fcb3918a81d661797113ef2a6a4a1515130b5.zip | |
build(docker): create docker container
| -rw-r--r-- | .gitignore | 3 | ||||
| -rw-r--r-- | Dockerfile | 36 | ||||
| -rw-r--r-- | README.md | 27 | ||||
| -rw-r--r-- | build.ninja | 14 |
4 files changed, 80 insertions, 0 deletions
@@ -13,3 +13,6 @@ # Development Artifacts build compile_commands.json + +# Ninja +.ninja_* diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..60dde91 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,36 @@ +FROM alpine:latest as environment + +RUN apk update \ + && apk upgrade \ + && apk add --no-cache libstdc++ + +FROM environment as build_environment + +RUN apk add --no-cache \ + clang \ + ninja \ + alpine-sdk \ + linux-headers + +FROM build_environment as builder + +WORKDIR /gigi + +COPY ./gigi.c ./gigi.c +COPY ./build.ninja ./build.ninja + +RUN sed -i 's/#include <bits\/types\/FILE.h>//g' gigi.c + +RUN ninja + +RUN strip /gigi/build/gigi + +FROM environment + +WORKDIR /gigi + +COPY --from=builder /gigi/build/gigi ./ + +EXPOSE 79 + +ENTRYPOINT ["/gigi/gigi"] @@ -20,8 +20,35 @@ Gigi is a Finger protocol server with few features. $ git clone [email protected]:Fuwn/gigi.git $ cd gigi $ tup +$ # or +$ ninja ``` +### Docker + +This command runs the latest Gigi Docker image, with port 79 mapped from inside +the container to port 7979 on the host system. In practice, you'd actually map +port 79 to port 79, but that requires root privileges, so we're using 7979. + +It also mounts the ./.gigi directory from the host system to the /gigi/.gigi +directory inside the container. This is where you'd place all your profile +files. In practice, you'd likely make this a named volume, and add files to the +named volume itself. + +```bash +$ docker run -v ./.gigi/:/gigi/.gigi -p 7979:79 fuwn/gigi:latest +$ # or +$ docker run -v gigi-data:/gigi/.gigi -p 79:79 fuwn/gigi:latest +``` + +The second command is the more practical one, as it uses a named volume to store +the profile files. The named volume is persistent, and can be found at +`/var/lib/docker/volumes/gigi-data/_data` on most FHS systems. + +Docker also significantly reduces the risk of running Gigi, as it is sandboxed +from the host system. In static mode, there is little to no risk, but in dynamic +mode, there is a significant risk for arbitrary code execution. + ### Configuration Gigi is configured through the `./gigi` directory. diff --git a/build.ninja b/build.ninja new file mode 100644 index 0000000..a5447e6 --- /dev/null +++ b/build.ninja @@ -0,0 +1,14 @@ +outdir = build +cc = clang +name = gigi + +rule compile + command = $cc -std=c89 -c $in -o $out + +rule link + command = $cc $in -o $out + +build $outdir/$name.o: compile ./$name.c +build $outdir/$name: link $outdir/$name.o + +default $outdir/$name |