Compare commits

...

6 Commits

Author SHA1 Message Date
king-dopey c95fd24aeb
Merge 902a80aa32 into 5cb74797fe 2025-01-17 16:41:26 +00:00
king-dopey 902a80aa32
Update Busybox version in Docker Image 2024-05-26 22:13:38 -07:00
David Heaps e723931503 Assume yes on docker dist-update command 2024-04-13 02:00:17 -07:00
David Heaps 382274c854 Added multi-tag Dockerhub image configuration 2024-02-12 22:43:54 -08:00
David Heaps 4fcd7bddc9 Completed image configuration, for mulitple tags:
latest has minimal dependencies
python includes python
perl includes perl
java includes java
full includes python perl and java
Also added additional openssl dependencies to all images
2024-02-12 22:27:07 -08:00
David Heaps 0317da0390 Combined the master and base docker images to create a minimized (app and dependency only) image based and the latest Debian images
Moved from from tar to cp and shell scripting for consistency and correct racing conditions documented in the shell script
Added erlang-base, curl, and ca-certificates
Copied ca-certificates, so Curl functions properly (including internally to freeswitch)
Fixed sound file downloading
Increased the complexity of the default generated password
Merged sudo process, but moved to su-exec from gosu, to clear vulnerabilities
Update Debian distro before freeswitch install, to keep dependencies fully up to date
Updated to the latest Busybox
2024-02-03 14:12:05 -08:00
10 changed files with 703 additions and 0 deletions

View File

@ -0,0 +1,98 @@
# vim:set ft=dockerfile:
ARG DEBIAN_VERSION=bookworm
FROM debian:${DEBIAN_VERSION} as stage
ENV LANG en_US.utf8
# ARGs are cleared after every FROM
# see: https://docs.docker.com/engine/reference/builder/#understand-how-arg-and-from-interact
ARG DEBIAN_VERSION
ARG TOKEN
ARG WITHOUT_PERL="true"
ARG WITHOUT_PYTHON="true"
ARG WITHOUT_JAVA="true"
# By default, install the full set of FreeSWITCH packages. Specify an alternative with:
# --build-arg="FS_META_PACKAGE=freeswitch-meta-vanilla"
# alternatives include:
# freeswitch-meta-bare
# freeswitch-meta-vanilla
# freeswitch-meta-sorbet
# freeswitch-meta-all-dbg
ARG FS_META_PACKAGE=freeswitch-meta-all
# Source Dockerfile:
# https://github.com/docker-library/postgres/blob/master/9.4/Dockerfile
# make the "en_US.UTF-8" locale so freeswitch will be utf-8 enabled by default
RUN apt-get update -qq && \
apt-get dist-upgrade -y && \
apt-get install -y --no-install-recommends locales ca-certificates gnupg2 gcc libc-dev patch wget curl && \
localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8 && \
curl -o /busybox.deb http://ftp.us.debian.org/debian/pool/main/b/busybox/busybox_1.36.1-7_amd64.deb && \
dpkg -i /busybox.deb && rm /busybox.deb && \
curl -o /usr/local/bin/su-exec.c https://raw.githubusercontent.com/ncopa/su-exec/master/su-exec.c && \
gcc -Wall /usr/local/bin/su-exec.c -o/usr/local/bin/su-exec && \
chown root:root /usr/local/bin/su-exec && \
chmod 0755 /usr/local/bin/su-exec && \
rm /usr/local/bin/su-exec.c
# https://freeswitch.org/confluence/display/FREESWITCH/Debian
# https://developer.signalwire.com/freeswitch/FreeSWITCH-Explained/Installation/Linux/Debian_67240088/
RUN wget --no-verbose --http-user=signalwire --http-password=${TOKEN} \
-O /usr/share/keyrings/signalwire-freeswitch-repo.gpg \
https://freeswitch.signalwire.com/repo/deb/debian-release/signalwire-freeswitch-repo.gpg \
&& echo "machine freeswitch.signalwire.com login signalwire password ${TOKEN}" > /etc/apt/auth.conf \
&& echo "deb [signed-by=/usr/share/keyrings/signalwire-freeswitch-repo.gpg] https://freeswitch.signalwire.com/repo/deb/debian-release/ ${DEBIAN_VERSION} main" > /etc/apt/sources.list.d/freeswitch.list \
&& apt-get -qq update \
&& apt-get install -y ${FS_META_PACKAGE} \
&& rm /etc/apt/auth.conf \
&& apt-get purge -y --auto-remove wget gcc libc-dev \
&& apt-get clean && rm -rf /var/lib/apt/lists/*
#Create the new root in a separate layer
COPY make_root_fs.sh freeswitch-config.patch /
RUN if [ "$WITHOUT_PERL" = "false" ] ; then sed -i 's/WITHOUT_PERL=.*/WITHOUT_PERL=\"false\"/' make_root_fs.sh; fi && \
if [ "$WITHOUT_PYTHON" = "false" ] ; then sed -i 's/WITHOUT_PYTHON=.*/WITHOUT_PYTHON=\"false\"/' make_root_fs.sh; fi && \
if [ "$WITHOUT_JAVA" = "false" ] ; then sed -i 's/WITHOUT_JAVA=.*/WITHOUT_JAVA=\"false\"/' make_root_fs.sh; fi && \
sh /make_root_fs.sh
FROM scratch
ENV LANG en_US.utf8
COPY --from=stage /tmp/newroot /
COPY docker-entrypoint.sh healthcheck.sh sounds_version.txt /
# explicitly set user/group IDs
ARG FREESWITCH_UID=499
ARG FREESWITCH_GID=499
RUN groupadd -r freeswitch --gid=${FREESWITCH_GID} && useradd -r -g freeswitch --uid=${FREESWITCH_UID} freeswitch && \
mkdir -p /var/log/freeswitch && mkdir -p /var/run/freeswitch
## Ports
# Document ports used by this container
### 8021 fs_cli, 5060 5061 5080 5081 sip and sips, 5066 ws, 7443 wss, 8081 8082 verto, 16384-32768, 64535-65535 rtp
EXPOSE 8021/tcp
EXPOSE 5060/tcp 5060/udp 5080/tcp 5080/udp
EXPOSE 5061/tcp 5061/udp 5081/tcp 5081/udp
EXPOSE 5066/tcp
EXPOSE 7443/tcp
EXPOSE 8081/tcp 8082/tcp
EXPOSE 64535-65535/udp
EXPOSE 16384-32768/udp
# Volumes
## Freeswitch Configuration
VOLUME ["/etc/freeswitch"]
## Tmp so we can get core dumps out
VOLUME ["/tmp"]
# Limits Configuration
COPY build/freeswitch.limits.conf /etc/security/limits.d/
# Healthcheck to make sure the service is running
SHELL ["/bin/bash", "-c"]
HEALTHCHECK --interval=15s --timeout=5s \
CMD fs_cli -x status | grep -q ^UP || exit 1
ENTRYPOINT ["/docker-entrypoint.sh"]
CMD ["freeswitch"]

103
docker/master-min/README.md Normal file
View File

@ -0,0 +1,103 @@
About
-----
This is an updated, minimized, official FreeSwitch docker image.
Container designed to run on host network.
Size of image decreased to 120MB (54MB compressed)
Significantly increased security:
1) removed all libs except libc, busybox, erlang, ca-certificates, gnupg2, passwd, curl, freeswitch and dependent libs.
2) removed 'system' API command from vanila config
3) updated FreeSwitch default SIP password to random value
Used environment variables
--------------------------
1) ```SOUND_RATES``` - rates of sound files that must be downloaded and installed. Available values ```8000```, ```16000```, ```32000```, ```48000```. May defined multiply values using semicolon as delimiter. Example ```SOUND_RATES=8000:16000```;
2) ```SOUND_TYPES``` - types of sound files that must be downloaded and installed. Available values music, ```en-us-callie```, ```en-us-allison```, ```ru-RU-elena```, ```en-ca-june```, ```fr-ca-june```, ```pt-BR-karina```, ```sv-se-jakob```, ```zh-cn-sinmei```, ```zh-hk-sinmei```. Example ```SOUND_TYPES=music:en-us-callie```;
3) ```EPMD``` - start epmd daemon, useful when you use mod_erlang and mod_kazoo FreeSwitch modules. Available values ```true```, ```false```.
Usage container
---------------
1) Creating volume for sound files. This may be skipped if you not use freeswitch MOH and other sound files.
```sh
docker volume create --name freeswitch-sounds
```
2) Stating container
```sh
docker run --net=host --name freeswitch \
-e SOUND_RATES=8000:16000 \
-e SOUND_TYPES=music:en-us-callie \
-v freeswitch-sounds:/usr/share/freeswitch/sounds \
-v /etc/freeswitch/:/etc/freeswitch \
dheaps/freeswitch
```
systemd unit file
-----------------
You can use this systemd unit file on your hosts.
```sh
$ cat /etc/systemd/system/freeswitch-docker.service
[Unit]
Description=freeswitch Container
After=docker.service network-online.target
Requires=docker.service
[Service]
Restart=always
TimeoutStartSec=0
#One ExecStart/ExecStop line to prevent hitting bugs in certain systemd versions
ExecStart=/bin/sh -c 'docker rm -f freeswitch; \
docker run -t --net=host --name freeswitch \
-e SOUND_RATES=8000:16000 \
-e SOUND_TYPES=music:en-us-callie \
-v freeswitch-sounds:/usr/share/freeswitch/sounds \
-v /etc/kazoo/freeswitch/:/etc/freeswitch \
dheaps/freeswitch'
ExecStop=-/bin/sh -c '/usr/bin/docker stop freeswitch; \
/usr/bin/docker rm -f freeswitch;'
[Install]
WantedBy=multi-user.target
```
Unit file can be placed to ```/etc/systemd/system/freeswitch-docker.service``` and enabled by command
```sh
systemd start freeswitch-docker.service
systemd enable freeswitch-docker.service
```
.bashrc file
------------
To simplify freeswitch management you can add alias for ```fs_cli``` to ```.bashrc``` file as example bellow.
```sh
alias fs_cli='docker exec -i -t freeswitch /usr/bin/fs_cli'
```
How to create custom container
------------------------------
This container created from scratch image by addiding required freeswitch files packaged to tar.gz archive.
To create custom container:
1. clone freeswitch repo
```sh
git clone https://github.com/signalwire/freeswitch.git
```
2. modify ```freeswitch/docker/master-min/Dockerfile``` with customizations
- Stage files are not inlcuded by default, but is the place to add additional packages/dependancies
3. modify ```freeswitch/docker/master-min/make_root_fs.sh``` with customizations
- If files/packages were added to the stage image add them here
- Additional installed packages should be added to the PACKAGES variable in fs_files_debian()
- Additinoal installed files should be added in make_new_root()
4. build custom container
```sh
docker build -t freeswitch_custom .
```
Read more
---------
[Dockerfile of older official FreeSwitch image](https://github.com/signalwire/freeswitch/tree/master/docker/release)
[Dockerfile of the updated FreeSwitch image that this image is based on](https://github.com/signalwire/freeswitch/tree/master/docker/master)
[Dockerfile of minimized base image FreeSwitch image that this image is based on](https://github.com/signalwire/freeswitch/tree/master/docker/base_image)

View File

@ -0,0 +1,15 @@
freeswitch soft core unlimited
freeswitch soft data unlimited
freeswitch soft fsize unlimited
freeswitch soft memlock unlimited
freeswitch soft nofile 999999
freeswitch soft rss unlimited
freeswitch hard stack 240
freeswitch soft cpu unlimited
freeswitch soft nproc unlimited
freeswitch soft as unlimited
freeswitch soft priority -11
freeswitch soft locks unlimited
freeswitch soft sigpending unlimited
freeswitch soft msgqueue unlimited
freeswitch soft nice -11

View File

@ -0,0 +1,141 @@
#!/bin/sh
#
# FreeSWITCH Modular Media Switching Software Library / Soft-Switch Application
# Copyright (C) 2005-2016, Anthony Minessale II <anthm@freeswitch.org>
#
# Version: MPL 1.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/F
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is FreeSWITCH Modular Media Switching Software Library / Soft-Switch Application
#
# The Initial Developer of the Original Code is
# Michael Jerris <mike@jerris.com>
# Portions created by the Initial Developer are Copyright (C)
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Sergey Safarov <s.safarov@gmail.com>
#
if [ "$1" = 'freeswitch' ]; then
BASEURL=https://files.freeswitch.org/releases/sounds/
PID_FILE=/var/run/freeswitch/freeswitch.pid
get_password() {
< /dev/urandom tr -dc _A-Z-a-z-0-9\!\^\*\$\#\@\% | head -c${1:-24};echo;
}
get_sound_version() {
local SOUND_TYPE=$1
grep "$SOUND_TYPE" sounds_version.txt | sed -E "s/$SOUND_TYPE\s+//"
}
wget_helper() {
local SOUND_FILE=$1
grep -q $SOUND_FILE /usr/share/freeswitch/sounds/soundfiles_present.txt 2> /dev/null
if [ "$?" -eq 0 ]; then
echo "Skipping download of $SOUND_FILE. Already present"
return
fi
curl "$BASEURL/$SOUND_FILE" > "$SOUND_FILE"
if [ -f $SOUND_FILE ]; then
echo $SOUND_FILE >> /usr/share/freeswitch/sounds/soundfiles_present.txt
fi
}
download_sound_rates() {
local i
local f
local SOUND_TYPE=$1
local SOUND_VERSION=$2
for i in $SOUND_RATES
do
f=freeswitch-sounds-$SOUND_TYPE-$i-$SOUND_VERSION.tar.gz
echo "Downloading $f"
wget_helper $f
done
}
download_sound_types() {
local i
local SOUND_VERSION
for i in $SOUND_TYPES
do
SOUND_VERSION=$(get_sound_version $i)
download_sound_rates $i $SOUND_VERSION
done
}
extract_sound_files() {
local SOUND_FILES=freeswitch-sounds-*.tar.gz
for f in $SOUND_FILES
do
if [ -f $f ]; then
echo "Extracting file $f"
tar xzf "$f" -C /usr/share/freeswitch/sounds/
fi
done
}
delete_archives() {
local FILES_COUNT=$(ls -1 freeswitch-sounds-*.tar.gz 2> /dev/null | wc -l)
if [ "$FILES_COUNT" -ne 0 ]; then
echo "Removing downloaded 'tar.gz' archives"
rm -f freeswitch-sounds-*.tar.gz
fi
}
SOUND_RATES=$(echo "$SOUND_RATES" | sed -e 's/:/\n/g')
SOUND_TYPES=$(echo "$SOUND_TYPES" | sed -e 's/:/\n/g')
if [ -z "$SOUND_RATES" -o -z "$SOUND_TYPES" ]; then
echo "Environment variables 'SOUND_RATES' or 'SOUND_TYPES' not defined. Skipping sound files checking."
else
download_sound_types
extract_sound_files
delete_archives
fi
if [ "$EPMD" = "true" ]; then
/usr/bin/epmd -daemon
fi
if [ ! -f "/etc/freeswitch/freeswitch.xml" ]; then
SIP_PASSWORD=$(get_password)
mkdir -p /etc/freeswitch
cp -varf /usr/share/freeswitch/conf/vanilla/* /etc/freeswitch/
sed -i -e "s/default_password=.*\?/default_password=$SIP_PASSWORD\"/" /etc/freeswitch/vars.xml
echo "New FreeSwitch password for SIP calls set to '$SIP_PASSWORD'"
fi
chown -R freeswitch:freeswitch /etc/freeswitch
chown -R freeswitch:freeswitch /var/lib/freeswitch
chown -R freeswitch:freeswitch /var/run/freeswitch
chown -R freeswitch:freeswitch /var/log/freeswitch
trap '/usr/bin/freeswitch -stop' TERM
if [ -d /docker-entrypoint.d ]; then
for f in /docker-entrypoint.d/*.sh; do
[ -f "$f" ] && . "$f"
done
fi
su-exec freeswitch:freeswitch /usr/bin/freeswitch -nonat -c &
pid="$!"
wait $pid
exit 0
fi
exec "$@"

View File

@ -0,0 +1,30 @@
diff -ur a/usr/share/freeswitch/conf/vanilla/autoload_configs/logfile.conf.xml b/usr/share/freeswitch/conf/vanilla/autoload_configs/logfile.conf.xml
--- a/usr/share/freeswitch/conf/vanilla/autoload_configs/logfile.conf.xml 2017-06-13 13:15:43.000000000 +0000
+++ b/usr/share/freeswitch/conf/vanilla/autoload_configs/logfile.conf.xml 2017-07-02 18:38:58.000000000 +0000
@@ -25,5 +25,15 @@
<map name="all" value="console,debug,info,notice,warning,err,crit,alert"/>
</mappings>
</profile>
+ <profile name="stdout">
+ <settings>
+ <param name="logfile" value="/dev/stdout"/>
+ <param name="rollover" value="0"/>
+ <param name="uuid" value="true" />
+ </settings>
+ <mappings>
+ <map name="all" value="warning,err,crit,alert"/>
+ </mappings>
+ </profile>
</profiles>
</configuration>
diff -ur a/usr/share/freeswitch/conf/vanilla/vars.xml b/usr/share/freeswitch/conf/vanilla/vars.xml
--- a/usr/share/freeswitch/conf/vanilla/vars.xml 2017-06-13 13:15:43.000000000 +0000
+++ b/usr/share/freeswitch/conf/vanilla/vars.xml 2017-07-02 18:38:58.000000000 +0000
@@ -13,6 +13,7 @@
WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
-->
<X-PRE-PROCESS cmd="set" data="default_password=1234"/>
+ <X-PRE-PROCESS cmd="set" data="disable_system_api_commands=false"/>
<!-- Did you change it yet? -->
<!--
The following variables are set dynamically - calculated if possible by freeswitch - and

View File

@ -0,0 +1,41 @@
#!/bin/sh
#
# FreeSWITCH Modular Media Switching Software Library / Soft-Switch Application
# Copyright (C) 2005-2016, Anthony Minessale II <anthm@freeswitch.org>
#
# Version: MPL 1.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/F
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is FreeSWITCH Modular Media Switching Software Library / Soft-Switch Application
#
# The Initial Developer of the Original Code is
# Michael Jerris <mike@jerris.com>
# Portions created by the Initial Developer are Copyright (C)
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Sergey Safarov <s.safarov@gmail.com>
#
# Check FreeSwitch status
fs_cli -x status | grep -q ^UP || exit 1
# Check erlang related modules is registered on epmd daemon
KAZOO_EXIST=$(fs_cli -x "module_exists mod_kazoo")
ERLANG_EXITS=$(fs_cli -x "module_exists mod_erlang_event")
if [ "$KAZOO_EXIST" == "true" -o "$ERLANG_EXITS" == "true" ]; then
/usr/bin/epmd -names | grep -qE "^name freeswitch at port" || exit 1
fi
exit 0

View File

@ -0,0 +1,6 @@
#!/bin/bash
docker build --build-arg TOKEN="$Token" -t "$IMAGE_NAME" .
docker build --build-arg TOKEN="$Token" --build-arg WITHOUT_PYTHON="false" -t "$DOCKER_REPO:python" .
docker build --build-arg TOKEN="$Token" --build-arg WITHOUT_JAVA="false" -t "$DOCKER_REPO:java" .
docker build --build-arg TOKEN="$Token" --build-arg WITHOUT_PERL="false" -t "$DOCKER_REPO:perl" .
docker build --build-arg TOKEN="$Token" --build-arg WITHOUT_PERL="false" --build-arg WITHOUT_PYTHON="false" --build-arg WITHOUT_JAVA="false" -t "$DOCKER_REPO:full" .

View File

@ -0,0 +1,5 @@
#!/bin/bash
docker push "$DOCKER_REPO:python"
docker push "$DOCKER_REPO:java"
docker push "$DOCKER_REPO:perl"
docker push "$DOCKER_REPO:full"

253
docker/master-min/make_root_fs.sh Executable file
View File

@ -0,0 +1,253 @@
#!/bin/sh
#
# FreeSWITCH Modular Media Switching Software Library / Soft-Switch Application
# Copyright (C) 2005-2016, Anthony Minessale II <anthm@freeswitch.org>
#
# Version: MPL 1.1
#
# The contents of this file are subject to the Mozilla Public License Version
# 1.1 (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
# http://www.mozilla.org/MPL/F
#
# Software distributed under the License is distributed on an "AS IS" basis,
# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
# for the specific language governing rights and limitations under the
# License.
#
# The Original Code is FreeSWITCH Modular Media Switching Software Library / Soft-Switch Application
#
# The Initial Developer of the Original Code is
# Michael Jerris <mike@jerris.com>
# Portions created by the Initial Developer are Copyright (C)
# the Initial Developer. All Rights Reserved.
#
# Contributor(s):
#
# Sergey Safarov <s.safarov@gmail.com>
# David Heaps <king.dopey.10111@gmail.com>
#
BUILD_ROOT=/tmp/newroot
DEBFILELIST=/tmp/filelist
PACKAGELIST="libc6 busybox erlang erlang-base ca-certificates openssl gnupg2 passwd curl"
PACKAGESEARCH="freeswitch"
DEBFILELIST_BINARY="$DEBFILELIST.binary"
DEBFILELISTLINKED="$DEBFILELIST.full.linked"
FULLLIST="$DEBFILELIST.full"
FOLDERLIST="$FULLLIST.folder"
FOLDERLINKLIST="$FOLDERLIST.link"
FULLFILELIST="$FULLLIST.file"
WITHOUT_PERL="true"
WITHOUT_PYTHON="true"
WITHOUT_JAVA="true"
filter_unnecessary_files() {
# excluded following files and directories recursive
# /.
# /lib/systemd/
# /usr/share/doc/
# /usr/share/man/
# /usr/share/lintian/
# /usr/share/freeswitch/sounds/
# all "*.flac" files
sed -i \
-e '\|^/\.$|d' \
-e '\|^/lib/systemd|d' \
-e '\|^/usr/share/doc|d' \
-e '\|^/usr/share/man|d' \
-e '\|^/usr/share/lintian|d' \
-e '\|^/usr/share/freeswitch/sounds/|d' \
-e '\|^/.*\.flac$|d' \
-e '\|^/.*/flac$|d' \
$FULLLIST
# if disabled Perl and python removing this too
if [ "$WITHOUT_PERL" = "true" ];then
sed -i -e '\|^/usr/share/perl5|d' $FULLLIST
fi
if [ "$WITHOUT_PYTHON" = "true" ];then
sed -i -e '\|^/usr/lib/python3|d' -e '\|^/usr/share/pyshared|d' -e '\|^/usr/share/python-support|d' -e '\|^/lib/x86_64-linux-gnu/libpython3|d' -e '\|^/usr/lib/x86_64-linux-gnu/libpython|d' $FULLLIST
fi
if [ "$WITHOUT_JAVA" = "true" ];then
sed -i -e '\|^/usr/share/freeswitch/scripts/freeswitch.jar|d' $FULLLIST
fi
}
fs_files_debian() {
PACKAGES="$PACKAGELIST"
if [ "$WITHOUT_PERL" = "false" ];then
PACKAGES="$PACKAGES perl-base"
fi
if [ "$WITHOUT_PYTHON" = "false" ];then
PACKAGES="$PACKAGES python3 python3.11-minimal"
fi
if [ "$WITHOUT_JAVA" = "false" ];then
PACKAGES="$PACKAGES openjdk-17-jre-headless java-common"
fi
for search in $PACKAGESEARCH; do
NEW_PACKAGES=$(dpkg-query -f '${binary:Package}\n' -W "*$search*")
PACKAGES="$NEW_PACKAGES $PACKAGES"
done
for pkg in $PACKAGES
do
dpkg-query -L "$pkg" >> $DEBFILELIST 2> /dev/null
done
}
dpkg_search_cmd() {
dpkg-query -f '\${binary:Package}\n' -W "*$1*"
}
clean_build() {
rm -Rf $BUILD_ROOT
mkdir -p $BUILD_ROOT
rm -f $DEBFILELIST
rm -f $DEBFILELIST_BINARY
rm -f $DEBFILELISTLINKED
rm -f $FULLLIST
rm -f $FOLDERLIST
rm -f $FOLDERLINKLIST
rm -f $FULLFILELIST
}
sort_filelist() {
sort "$1" | uniq > "$1".new
mv -f "$1".new "$1"
}
ldd_helper() {
TESTFILE=$1
ldd "$TESTFILE" 2> /dev/null > /dev/null || return
RESULT=$(ldd "$TESTFILE" | grep -oP '\s\S+\s\(\S+\)' | sed -e 's/^\s//' -e 's/\s.*$//') #'
echo "$RESULT"
}
find_binaries() {
cat $DEBFILELIST | while IFS= read -r f
do
ldd_helper "$f" >> $DEBFILELIST_BINARY
done
sort $DEBFILELIST_BINARY | sort | uniq | sed -e '/linux-vdso.so.1/d' > $DEBFILELIST_BINARY.new
mv -f $DEBFILELIST_BINARY.new $DEBFILELIST_BINARY
cat $DEBFILELIST_BINARY | xargs realpath > $DEBFILELIST_BINARY.new
cat $DEBFILELIST_BINARY.new >> $DEBFILELIST_BINARY
rm -f $DEBFILELIST_BINARY.new
}
symlink_helper() {
TESTFILE=$1
RESULT=$(readlink "$TESTFILE")
[ -z "$RESULT" ] ||
cd "$(dirname "$TESTFILE")" &&
RESULT=$(realpath "$RESULT" 2> /dev/null)
[ -z "$RESULT" ] || echo "$RESULT"
}
follow_symlinks() {
cat $FULLLIST | while IFS= read -r f
do
symlink_helper "$f" >> $DEBFILELISTLINKED
done
}
create_folder_structure() {
#Create the directory/folder structure first
#This is to prevent confusion with symlinked folders and allow for a simpler copy
cat $FULLLIST | while IFS= read -r f
do
FOLDER_TO_CREATE=""
if [ -d "$f" ]; then
FOLDER_TO_CREATE="$f"
else
FOLDER_TO_CREATE=$(dirname "$f")
if [ -n "$f" ]; then
echo "$f" >> $FULLFILELIST
fi
fi
#Check if folder is a link
if [ -L "$FOLDER_TO_CREATE" ]; then
echo "$FOLDER_TO_CREATE" >> $FOLDERLINKLIST
else
echo "$FOLDER_TO_CREATE" >> $FOLDERLIST
fi
done
sort_filelist $FOLDERLIST
sort_filelist $FOLDERLINKLIST
#Create links first, to prevent folder creation of a child, which was a link
cat $FOLDERLINKLIST | while IFS= read -r f
do
#Create the folder it's linking to at the same time, to prevent racing conditions
FOLDER_TO_CREATE=$(readlink "$f")
if [ -n "$BUILD_ROOT$FOLDER_TO_CREATE" ]; then
mkdir -p "$BUILD_ROOT$FOLDER_TO_CREATE"
chown --reference="$FOLDER_TO_CREATE" "$BUILD_ROOT$FOLDER_TO_CREATE"
chmod --reference="$FOLDER_TO_CREATE" "$BUILD_ROOT$FOLDER_TO_CREATE"
fi
#Get the parent folder of the link to allow for deep references
PARENT_FOLDER=$(dirname "$f")
if [ -n "$BUILD_ROOT$PARENT_FOLDER" ]; then
mkdir -p "$BUILD_ROOT$PARENT_FOLDER"
chown --reference="$PARENT_FOLDER" "$BUILD_ROOT$PARENT_FOLDER"
chmod --reference="$PARENT_FOLDER" "$BUILD_ROOT$PARENT_FOLDER"
fi
cp -pP "$f" "$BUILD_ROOT$PARENT_FOLDER"
done
#Create all remaining folders
cat $FOLDERLIST | while IFS= read -r f
do
if [ ! -e "$BUILD_ROOT$f" ]; then
mkdir -p "$BUILD_ROOT$f"
chown --reference="$f" "$BUILD_ROOT$f"
chmod --reference="$f" "$BUILD_ROOT$f"
fi
done
}
create_full_file_list() {
cat $DEBFILELIST > $FULLLIST
find_binaries
cat $DEBFILELIST_BINARY >> $FULLLIST
follow_symlinks
cat $DEBFILELISTLINKED >> $FULLLIST
sort_filelist $FULLLIST
}
copy_files() {
#Note that creating the folder stucture also creates FULLLIST.file, which excludes said folders
cat $FULLFILELIST | while IFS= read -r f
do
cp -pP "$f" "$BUILD_ROOT$f"
done
}
make_new_root() {
cd $BUILD_ROOT || exit
cp -p /usr/local/bin/su-exec usr/bin
find usr/share/freeswitch/conf/* -maxdepth 0 -type d -not -name vanilla -exec rm -Rf {} \;
# Patching config file
patch -p 1 < /freeswitch-config.patch
mkdir bin
busybox --install -s bin
cp -rpP /etc/ssl/certs etc/ssl
mkdir -p etc/pki/tls/certs
cp etc/ssl/certs/ca-certificates.crt etc/pki/tls/certs/ca-bundle.crt
}
CUR_DIR=$(pwd)
clean_build
fs_files_debian
sort_filelist $DEBFILELIST
create_full_file_list
filter_unnecessary_files
create_folder_structure
copy_files
make_new_root
cd "$CUR_DIR" || exit

View File

@ -0,0 +1,11 @@
music 1.0.52
en-us-callie 1.0.53
en-us-allison 1.0.2
ru-RU-elena 1.0.51
en-ca-june 1.0.51
fr-ca-june 1.0.51
pt-BR-karina 1.0.51
sv-se-jakob 1.0.50
zh-cn-sinmei 1.0.51
zh-hk-sinmei 1.0.51