Created
June 3, 2019 23:04
-
-
Save justengland/4608e18cf2058e3e71fde266d84776b0 to your computer and use it in GitHub Desktop.
Ansible Python3 Dockerfile
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#------------------------------------------------------------------------------ | |
# Dockerfile used to help run ansible commands to keep things in spec | |
# build: cd | |
# prune: docker rmi jengland/local | |
# run from windows command line: docker run --rm -it -w /usr/src/project -v "~/.aws":/root/.aws -v "%cd%":/usr/src/project jengland/local bash | |
# run from powershell: docker run --rm -it -w /usr/src/project -v ~/.aws:/root/.aws -v ${PWD}:/usr/src/project jengland/local bash | |
# windows terminal override: "cmd.exe" /k ""docker" run --rm -it -w /usr/src/project -v "~/share":/home/hurdler/share -v "~/.aws":/home/hurdler/.aws -v "%cd%":/usr/src/project jengland/local bash" | |
# windows cleanup: FOR /f "tokens=*" %i IN ('docker ps -a -q') DO docker kill %i then docker system prune | |
#------------------------------------------------------------------------------ | |
# Refactored to a base image, because I got sick of build the prereqs | |
FROM ubuntu | |
WORKDIR /usr/src/build | |
RUN apt-get update && \ | |
DEBIAN_FRONTEND=noninteractive apt-get install -y \ | |
wget \ | |
curl \ | |
openssh-client \ | |
iputils-ping \ | |
inetutils-traceroute \ | |
dnsutils \ | |
jq \ | |
sudo \ | |
nano \ | |
vim \ | |
bash \ | |
git \ | |
unzip \ | |
python3.6 \ | |
python3-pip \ | |
python3-dev \ | |
python-pip \ | |
python-dev \ | |
ruby-full \ | |
libkrb5-dev \ | |
krb5-user \ | |
rsync \ | |
telnetd \ | |
build-essential && \ | |
pip3 install --upgrade pip && \ | |
apt-get clean && \ | |
rm -rf /var/lib/apt/lists/* | |
# Install Python Apps | |
RUN pip install pipenv \ | |
ansible==2.7.11 | |
## Setup local user with passwordless sudo | |
RUN groupadd ansible && \ | |
useradd ansible -g ansible && \ | |
mkdir -p /home/ansible/ && \ | |
chown -R ansible:ansible /home/ansible | |
WORKDIR /home/ansible/work/ansible | |
# Install the hardening roles | |
RUN ansible-galaxy install dev-sec.os-hardening | |
USER ansible | |
RUN ansible-galaxy install dev-sec.os-hardening | |
# COPY ./ansible /home/ansible | |
## setup fancy color | |
ENV TERM xterm-256color | |
# CMD ["bash", "-l"] | |
CMD ["bash"] | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment