Skip to content

Commit

Permalink
[V3.0] Dockerfile, Dockerfile.auto, Dockerfile.naked
Browse files Browse the repository at this point in the history
  • Loading branch information
sickcodes committed Jan 24, 2021
1 parent 0541941 commit a09c565
Show file tree
Hide file tree
Showing 7 changed files with 397 additions and 33 deletions.
3 changes: 3 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
|Version|Date|Notes|
|---|---|---|
|3.0|2021-01-23|Add fast mode boot straight to shell. And -v $PWD/disk.img:/image for all Dockerfiles|
| |2021-01-22|Add additional helm chart instructions and files.|
| |2021-01-15|Fix helm initial disk creation process and add installation instructions.|
| |2021-01-14|Add Helm Chart for Kubernetes support.|
| |2021-01-08|Use IMAGE_PATH as a variable during envsubst for the full path of mac_hdd_ng.img. In preparation for full auto.|
| |2021-01-07|Fix sounds errors and sshd missing on latest build.|
Expand Down
9 changes: 8 additions & 1 deletion CREDITS.md
Original file line number Diff line number Diff line change
Expand Up @@ -44,4 +44,11 @@ These credits refer to the contributors to this repository:

[@PeterDaveHello](https://github.com/PeterDaveHello) - Improve Dockerfile #121

[@cephasara](https://github.com/cephasara) - Add helm chart #124
[@cephasara](https://github.com/cephasara) - Add helm chart #124

[@cephasara](https://github.com/cephasara) - Fix helm initial disk creation process and add installation instructions #125

[@cephasara](https://github.com/cephasara) - Add gpu passthrough support as well as dynamic OpenCore chainloader regeneration #132

[@cephasara](https://github.com/cephasara) - Fix helm installation failure and cleanup values organization #134

43 changes: 25 additions & 18 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
# Repo: https://github.com/sickcodes/Docker-OSX/
# Title: Mac on Docker (Docker-OSX)
# Author: Sick.Codes https://sick.codes/
# Version: 2.7
# Version: 3.0
# License: GPLv3+
#
# All credits for OSX-KVM and the rest at @Kholia's repo: https://github.com/kholia/osx-kvm
Expand All @@ -35,13 +35,14 @@
#
# Optargs:
#
# SIZE=200G
# VERSION=10.15.6
# ENV RAM=5
# ENV SMP=4
# ENV CORES=4
# ENV EXTRA=
# ENV INTERNAL_SSH_PORT=10022
# -v $PWD/disk.img:/image
# -e SIZE=200G
# -e VERSION=10.15.6
# -e RAM=5
# -e SMP=4
# -e CORES=4
# -e EXTRA=
# -e INTERNAL_SSH_PORT=10022
#
# Extra QEMU args:
#
Expand All @@ -55,15 +56,15 @@ MAINTAINER 'https://sick.codes' <https://sick.codes>
SHELL ["/bin/bash", "-c"]

# change disk size here or add during build, e.g. --build-arg VERSION=10.14.5 --build-arg SIZE=50G
ARG SIZE=200G
ARG VERSION=10.15.6
ARG SIZE 200G
ARG VERSION 10.15.6

ARG RANKMIRRORS=no
# OPTIONAL: Arch Linux server mirrors for super fast builds
# set RANKMIRRORS to any value other that nothing, e.g. -e RANKMIRRORS=true
ARG RANKMIRRORS
ARG MIRROR_COUNTRY=US
ARG MIRROR_COUNT=10

# Arch Linux server mirrors for faster builds
RUN if [[ "${RANKMIRRORS}" = yes ]]; then { pacman -Sy wget --noconfirm || pacman -Syu wget --noconfirm ; } \
RUN if [[ "${RANKMIRRORS}" ]]; then { pacman -Sy wget --noconfirm || pacman -Syu wget --noconfirm ; } \
; wget -O ./rankmirrors "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/rankmirrors" \
; wget -O- "https://www.archlinux.org/mirrorlist/?country=${MIRROR_COUNTRY:-US}&protocol=https&use_mirror_status=on" \
| sed -e 's/^#Server/Server/' -e '/^#/d' \
Expand All @@ -72,7 +73,7 @@ RUN if [[ "${RANKMIRRORS}" = yes ]]; then { pacman -Sy wget --noconfirm || pacma
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirrors.evowise.com/archlinux/$repo/os/$arch' \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch' \
&& cat /etc/pacman.d/mirrorlist; fi
&& cat /etc/pacman.d/mirrorlist ; fi

# This fails on hub.docker.com, useful for debugging in cloud
# RUN [[ $(egrep -c '(svm|vmx)' /proc/cpuinfo) -gt 0 ]] || { echo KVM not possible on this host && exit 1; }
Expand Down Expand Up @@ -135,7 +136,7 @@ RUN touch enable-ssh.sh \
# RUN yes | sudo pacman -Syu qemu libvirt dnsmasq virt-manager bridge-utils edk2-ovmf netctl libvirt-dbus --overwrite --noconfirm
RUN yes | sudo pacman -Syu qemu libvirt dnsmasq virt-manager bridge-utils openresolv jack iptables-nft edk2-ovmf netctl libvirt-dbus --overwrite --noconfirm \
RUN yes | sudo pacman -Syu qemu libvirt dnsmasq virt-manager bridge-utils openresolv jack ebtables edk2-ovmf netctl libvirt-dbus --overwrite --noconfirm \
; yes | sudo pacman -Scc
# RUN sudo systemctl enable libvirtd.service
Expand Down Expand Up @@ -188,15 +189,21 @@ RUN grep -v InstallMedia ./Launch.sh > ./Launch-nopicker.sh \
ENV USER arch
ENV DISPLAY=:0.0
ENV DISPLAY :0.0
USER arch
VOLUME ["/tmp/.X11-unix"]
VOLUME /image
ENV IMAGE_PATH=/home/arch/OSX-KVM/mac_hdd_ng.img
CMD ./enable-ssh.sh && envsubst < ./Launch.sh | bash
CMD case "$(file --brief /image)" in \
QEMU*) export IMAGE_PATH=/image;; \
directory*) export IMAGE_PATH=/home/arch/OSX-KVM/mac_hdd_ng.img;; \
esac \
; ./enable-ssh.sh && envsubst < ./Launch.sh | bash
# virt-manager mode: eta son
# CMD virsh define <(envsubst < Docker-OSX.xml) && virt-manager || virt-manager
Expand Down
156 changes: 156 additions & 0 deletions Dockerfile.auto
Original file line number Diff line number Diff line change
@@ -0,0 +1,156 @@
#!/usr/bin/docker
# ____ __ ____ ______ __
# / __ \____ _____/ /_____ _____/ __ \/ ___/ |/ /
# / / / / __ \/ ___/ //_/ _ \/ ___/ / / /\__ \| /
# / /_/ / /_/ / /__/ ,< / __/ / / /_/ /___/ / |
# /_____/\____/\___/_/|_|\___/_/ \____//____/_/|_| AUTOINSTALL
#
# Title: Mac on Docker (Docker-OSX) [AUTOINSTALL]
# Author: Sick.Codes https://twitter.com/sickcodes
# Version: 3.0
# License: GPLv3+
# Repository: https://github.com/sickcodes/Docker-OSX
#
# This Dockerfile is a pre-installed naked installation of Docker-OSX!
#
# Default username: user
# Default password: alpine
#
# Take screenshots in the Arch container and display in terminal: scrotcat
# readme:
# timezone: UTC/GMT
#
# Future versions will navigate the installation process, inside the Dockerfile.
#
#
# Build:
#
# docker build -t docker-osx:auto -f Dockerfile.auto .
#
# Run:
#
# docker run -it --device /dev/kvm -p 50922:10022 -v ${PWD}/mac_hdd_ng_auto.img:/image docker-osx-auto:latest
#
# SSH:
# From inside the container:
# ssh -i ~/.ssh/id_docker_osx [email protected] -p 10022
#
# From outside the container:
# ssh localhost [email protected] -p 50922
# docker exec -it containerid ssh -i ~/.ssh/id_docker_osx [email protected] -p 10022

FROM sickcodes/docker-osx:latest

MAINTAINER 'https://twitter.com/sickcodes' <https://sick.codes>

USER root

WORKDIR /root

# OPTIONAL: Arch Linux server mirrors for super fast builds
# set RANKMIRRORS to any value other that nothing, e.g. -e RANKMIRRORS=true
ARG RANKMIRRORS
ARG MIRROR_COUNTRY=US
ARG MIRROR_COUNT=10
RUN if [[ "${RANKMIRRORS}" ]]; then { pacman -Sy wget --noconfirm || pacman -Syu wget --noconfirm ; } \
; wget -O ./rankmirrors "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/rankmirrors" \
; wget -O- "https://www.archlinux.org/mirrorlist/?country=${MIRROR_COUNTRY:-US}&protocol=https&use_mirror_status=on" \
| sed -e 's/^#Server/Server/' -e '/^#/d' \
| head -n "$((${MIRROR_COUNT:-10}+1))" \
| bash ./rankmirrors --verbose --max-time 5 - > /etc/pacman.d/mirrorlist \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirrors.evowise.com/archlinux/$repo/os/$arch' \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch' \
&& cat /etc/pacman.d/mirrorlist ; fi

RUN pacman -Syu xorg-server-xvfb xterm xorg-xhost xorg-xrandr xdotool sshpass scrot base-devel --noconfirm

RUN git clone https://github.com/stolk/imcat.git \
&& cd imcat \
&& make \
&& sudo cp imcat /usr/bin/imcat \
&& touch /usr/bin/scrotcat \
&& tee -a /usr/bin/scrotcat <<< '/usr/bin/imcat <(scrot -o /dev/stdout)' \
&& chmod +x /usr/bin/scrotcat

USER arch

RUN mkdir -p ~/.ssh \
&& touch ~/.ssh/authorized_keys \
&& touch ~/.ssh/config \
&& chmod 700 ~/.ssh \
&& chmod 600 ~/.ssh/config \
&& chmod 600 ~/.ssh/authorized_keys \
&& tee -a ~/.ssh/config <<< 'Host *' \
&& tee -a ~/.ssh/config <<< ' StrictHostKeyChecking no' \
&& tee -a ~/.ssh/config <<< ' UserKnownHostsFile=/dev/null'

WORKDIR /home/arch/OSX-KVM

ARG COMPLETE

# Feel free to take a copy of this image and then host it internally
ARG IMAGE_URL='https://images2.sick.codes/mac_hdd_ng_auto.img'

# use the COMPLETE arg, for a complete image, ready to boot.
# otherwise use your own image: -v "$PWD/disk.img":/image
RUN if [[ "${COMPLETE}" ]]; then \
echo "Downloading 20GB+ image... Press Ctrl+C to abort." \
; wget --no-dns-cache \
--no-check-certificate \
--output-document=/home/arch/OSX-KVM/mac_hdd_ng.img \
"${IMAGE_URL}" \
; fi

RUN mv ./Launch-nopicker.sh ./Launch.sh

VOLUME /image

ENV DISPLAY=:99

ENV IMAGE_PATH=/home/arch/OSX-KVM/mac_hdd_ng.img

ENV TERMS_OF_USE=i_agree

ENV BOILERPLATE="By using this Dockerfile, you hereby agree that you are a security reseacher or developer and agree to use this Dockerfile to make the world a safer place. Examples include: making your apps safer, finding your mobile phone, compiling security products, etc. You understand that Docker-OSX is an Open Source project, which is released to the public under the GNU Pulic License version 3 and above. You acknowledge that the Open Source project is absolutely unaffiliated with any third party, in any form whatsoever. Any trademarks or intelectual property which happen to be mentioned anywhere in or around the project are owned by their respective owners. By using this Dockerfile, you agree to agree to the EULA of each piece of upstream or downstream software. The following code is released for the sole purpose of security research, under the GNU Public License version 3. If you are concerned about the licensing, please note that this project is not AGPL. A copy of the license is available online: https://github.com/sickcodes/Docker-OSX/blob/master/LICENSE. In order to use the following Dockerfile you must read and understand the terms. Once you have read the terms, use the -e TERMS_OF_USE=i_agree or -e TERMS_OF_USE=i_disagree"

CMD echo "${BOILERPLATE}" \
&& [[ "${TERMS_OF_USE}" = i_agree ]] || exit 1 \
; [[ "${DISPLAY}" = ':99' ]] && { nohup Xvfb :99 -screen 0 1920x1080x16 \
& until [[ "$(xrandr --query 2>/dev/null)" ]]; do sleep 0.1 ; done ; } \
; case "$(file --brief /image)" in \
QEMU*) export IMAGE_PATH=/image;; \
directory*) export IMAGE_PATH=/home/arch/OSX-KVM/mac_hdd_ng.img;; \
esac \
; stat "${IMAGE_PATH}" \
; echo "Large image is being copied between layers, please wait a minute..." \
; sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" 2>/dev/null || true \
; ./enable-ssh.sh \
; /usr/bin/ssh-keygen -t rsa -f ~/.ssh/id_docker_osx -q -N "" \
; chmod 600 ~/.ssh/id_docker_osx \
; envsubst < ./Launch.sh | bash \
& echo "Booting Docker-OSX in the background. Please wait..." \
; until [[ "$(sshpass -palpine ssh-copy-id -f -i ~/.ssh/id_docker_osx.pub -p 10022 [email protected])" ]]; do \
scrotcat \
; echo "Waiting to copy SSH key into OSX..." \
; sleep 1 \
; done \
; tee -a ~/.ssh/config <<< 'Host 127.0.0.1' \
; tee -a ~/.ssh/config <<< ' User user' \
; tee -a ~/.ssh/config <<< ' Port 10022' \
; tee -a ~/.ssh/config <<< ' IdentityFile ~/.ssh/id_docker_osx' \
; tee -a ~/.ssh/config <<< ' StrictHostKeyChecking no' \
; tee -a ~/.ssh/config <<< ' UserKnownHostsFile=/dev/null' \
; echo 'Default username: user' \
; echo 'Default password: alpine' \
; echo 'Change it immediately using the command: passwd' \
; ssh -i ~/.ssh/id_docker_osx [email protected] -p 10022

# username: user
# password: alpine
# screenshot: docker exec -it containerid scrotcat
# readme: https://github.com/sickcodes/Docker-OSX
# timezone: UTC/GMT

# Future case option when supplying IMAGE_PATH:
# Zstandard*) zstd -d /image && export IMAGE_PATH=/image;; \
98 changes: 98 additions & 0 deletions Dockerfile.naked
Original file line number Diff line number Diff line change
@@ -0,0 +1,98 @@
#!/usr/bin/docker
# ____ __ ____ ______ __
# / __ \____ _____/ /_____ _____/ __ \/ ___/ |/ /
# / / / / __ \/ ___/ //_/ _ \/ ___/ / / /\__ \| /
# / /_/ / /_/ / /__/ ,< / __/ / / /_/ /___/ / |
# /_____/\____/\___/_/|_|\___/_/ \____//____/_/|_| NAKED/SUPPLY_YOUR_OWN
#
# Title: Mac on Docker (Docker-OSX) [AUTOINSTALL]
# Author: Sick.Codes https://twitter.com/sickcodes
# Version: 3.0
# License: GPLv3+
# Repository: https://github.com/sickcodes/Docker-OSX
#
# This image won't run unless you supply a disk image using:
# -v ${PWD}/mac_hdd_ng.img:/image
#
# Take screenshots in the Arch container and display in terminal: scrotcat
#
# Build:
#
# docker build -t docker-osx:naked -f Dockerfile.naked .
#
# Run headless:
#
# docker run -it --device /dev/kvm -p 50922:10022 -v ${PWD}/mac_hdd_ng.img:/image docker-osx:naked
#
# Run with display:
#
# docker run -it --device /dev/kvm -p 50922:10022 -v ${PWD}/mac_hdd_ng.img:/image -e "DISPLAY=${DISPLAY:-:0.0}" -v /tmp/.X11-unix:/tmp/.X11-unix docker-osx:naked
#

FROM sickcodes/docker-osx:latest

MAINTAINER 'https://twitter.com/sickcodes' <https://sick.codes>

USER root

WORKDIR /root

RUN rm -f /home/arch/OSX-KVM/mac_hdd_ng.img

# OPTIONAL: Arch Linux server mirrors for super fast builds
# set RANKMIRRORS to any value other that nothing, e.g. -e RANKMIRRORS=true
ARG RANKMIRRORS
ARG MIRROR_COUNTRY=US
ARG MIRROR_COUNT=10
RUN if [[ "${RANKMIRRORS}" ]]; then { pacman -Sy wget --noconfirm || pacman -Syu wget --noconfirm ; } \
; wget -O ./rankmirrors "https://raw.githubusercontent.com/sickcodes/Docker-OSX/master/rankmirrors" \
; wget -O- "https://www.archlinux.org/mirrorlist/?country=${MIRROR_COUNTRY:-US}&protocol=https&use_mirror_status=on" \
| sed -e 's/^#Server/Server/' -e '/^#/d' \
| head -n "$((${MIRROR_COUNT:-10}+1))" \
| bash ./rankmirrors --verbose --max-time 5 - > /etc/pacman.d/mirrorlist \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirrors.evowise.com/archlinux/$repo/os/$arch' \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = http://mirror.rackspace.com/archlinux/$repo/os/$arch' \
&& tee -a /etc/pacman.d/mirrorlist <<< 'Server = https://mirror.rackspace.com/archlinux/$repo/os/$arch' \
&& cat /etc/pacman.d/mirrorlist ; fi

RUN pacman -Syu xorg-server-xvfb xterm xorg-xhost xorg-xrandr xdotool sshpass scrot base-devel --noconfirm

RUN git clone https://github.com/stolk/imcat.git \
&& cd imcat \
&& make \
&& sudo cp imcat /usr/bin/imcat \
&& touch /usr/bin/scrotcat \
&& tee -a /usr/bin/scrotcat <<< '/usr/bin/imcat <(scrot -o /dev/stdout)' \
&& chmod +x /usr/bin/scrotcat

USER arch

RUN mkdir -p ~/.ssh \
&& touch ~/.ssh/authorized_keys \
&& touch ~/.ssh/config \
&& chmod 700 ~/.ssh \
&& chmod 600 ~/.ssh/config \
&& chmod 600 ~/.ssh/authorized_keys \
&& tee -a ~/.ssh/config <<< 'Host *' \
&& tee -a ~/.ssh/config <<< ' StrictHostKeyChecking no' \
&& tee -a ~/.ssh/config <<< ' UserKnownHostsFile=/dev/null'

WORKDIR /home/arch/OSX-KVM

ARG COMPLETE

ARG NOPICKER=true

RUN [[ "${NOPICKER}" = true ]] && mv ./Launch-nopicker.sh ./Launch.sh

VOLUME /image

ENV DISPLAY=:99

ENV IMAGE_PATH=/image

CMD [[ "${DISPLAY}" = ':99' ]] && { nohup Xvfb :99 -screen 0 1920x1080x16 \
& until [[ "$(xrandr --query 2>/dev/null)" ]]; do sleep 0.1 ; done ; } \
; sudo chown "$(id -u)":"$(id -g)" "${IMAGE_PATH}" 2>/dev/null || true \
; ./enable-ssh.sh \
; envsubst < ./Launch.sh | bash
Loading

0 comments on commit a09c565

Please sign in to comment.