freeswitch/docker
tmancill 0cea9811cd
[Docker] Change default freeswitch UID and GID to 499 in docker/master/Dockerfile
On several installs on recent Debian and Ubuntu systems, I have noticed
that GID 999 is already allocated on the system running the container,
making it a minor hassle to share a common freeswitch UID and GID
between the Docker host and the container.

The conflicting group id varies, but is typically either one of the systemd
groups or polkitd, which are dynamically created when those packages are
installed.  The behavior stems from the range of system GIDs being
between 100-999 ([see Debian Policy 9.2.2](https://www.debian.org/doc/debian-policy/ch-opersys.html#uid-and-gid-classes))
and the fact that system installation dynamically allocates from this
range.  I didn't track down exactly why these daemons are allocating
from the top of the range, since the default behavior of `adduser` and
`addgroup` ([link](6c04aa701a/adduser (L1255-1269)))
is to search from the bottom of the range, and the manpage for
`groupadd` says that it's default is also to use the smallest id,
but perhaps it was to avoid (other) conflicts.

The approach taken in this PR is to default to 499, more in the middle
of the range, which should reduce the chance of conflicting with an
existing system UID and GID.  The values are also now exposed as ARGs
and so can be explicitly set during the build with
`--build-arg="FREESWITCH_UID=xxx"` and `--build-arg="FREESWITCH_GID=yyy"`
if desired.
2024-01-05 18:42:58 +03:00
..
base_image
examples
master
release
README.md

README.md

Docker Setup

These are the official Docker files for master branch and the current release packages.

Volumes

These containers are set up so that you can mount your freeswitch configuration from a host or data volume container.

To mount freeswitch Configuration

-v $(pwd)/configuration:/etc/freeswitch

To mount tmp directory for storing recordings, etc

-v $(pwd)/tmp:/tmp

The container also has a healthcheck where it does a fs_cli status check to make sure the freeswitch service is still running.

Ports

The container should be run with host networking using docker run --network host ....

If you prefer to (or for some reason must) publish individual ports via --publish/-p, refer to this issue and this potential workaround regarding using docker with large port ranges.

The following ports will be used, depending upon your specific configuration:

  • 5060/tcp, 5060/udp, 5080/tcp, 5080/udp - SIP signaling
  • 5061/tcp, 5081/tcp - SIPS signaling
  • 5066/tcp, 7443/tcp - WebSocket signaling
  • 8021/tcp - the Event Socket
  • 16384-32768/udp, 64535-65535/udp - media

If you wish to help improve these please submit a pull request at:

https://github.com/signalwire/freeswitch

Thanks, /b