From 9305e79243e1ec65693ff0e47843984b192a7454 Mon Sep 17 00:00:00 2001 From: Peter Reichart Date: Mon, 19 Jun 2023 10:07:12 +0200 Subject: [PATCH] initial upload --- README.md | 3 - build/aprsc/Dockerfile | 25 ++++++++ config/default/aprsc | 27 +++++++++ config/etc/aprsc.conf | 123 +++++++++++++++++++++++++++++++++++++++ config/etc/gai.conf | 65 +++++++++++++++++++++ config/etc/hosts | 7 +++ config/etc/nsswitch.conf | 20 +++++++ config/etc/resolv.conf | 2 + docker-compose.yml | 15 +++++ 9 files changed, 284 insertions(+), 3 deletions(-) delete mode 100644 README.md create mode 100644 build/aprsc/Dockerfile create mode 100644 config/default/aprsc create mode 100644 config/etc/aprsc.conf create mode 100644 config/etc/gai.conf create mode 100644 config/etc/hosts create mode 100644 config/etc/nsswitch.conf create mode 100644 config/etc/resolv.conf create mode 100644 docker-compose.yml diff --git a/README.md b/README.md deleted file mode 100644 index 4d2f5e3..0000000 --- a/README.md +++ /dev/null @@ -1,3 +0,0 @@ -# aprsc-docker - -APRSC Server als Docker-Container für Rasperry OS 64Bit \ No newline at end of file diff --git a/build/aprsc/Dockerfile b/build/aprsc/Dockerfile new file mode 100644 index 0000000..ce984cc --- /dev/null +++ b/build/aprsc/Dockerfile @@ -0,0 +1,25 @@ +FROM debian:bullseye-slim + +RUN apt-get update && \ + apt-get install -y build-essential \ + debhelper \ + libc6 \ + zlib1g \ + adduser \ + libcap2-bin \ + libwww-perl \ + libjson-xs-perl \ + libevent-dev \ + libevent-2.1-7 \ + libssl-dev libcap-dev libz-dev libsctp-dev \ + git \ + lsb-release + +RUN git clone https://github.com/hessu/aprsc && \ + cd aprsc/src && \ + ./configure && \ + make make-deb && \ + cd .. && \ + apt-get install ./*.deb + +CMD service aprsc start && tail -F /opt/aprsc/logs/aprsc.log diff --git a/config/default/aprsc b/config/default/aprsc new file mode 100644 index 0000000..fecf767 --- /dev/null +++ b/config/default/aprsc @@ -0,0 +1,27 @@ +# +# STARTAPRSC: start aprsc on boot. Should be set to "yes" once you have +# configured aprsc. +# +STARTAPRSC="yes" + +# +# Additional options that are passed to the Daemon. +# Description of used options (don't change these unless +# you're sure what you're doing): +# -u aprsc: switch to user 'aprsc' as soon as possible +# -t /opt/aprsc: chroot to the given directory +# -f: fork to a daemon +# -e info: log at level info +# -o file: log to file +# -r logs: log files are placed in /opt/aprsc/logs +# -c etc/aprsc.conf: configuration file location +# +# Since the daemon chroots to /opt/aprsc, all paths are relative to +# that directory and the daemon cannot access any files outside +# the chroot. +# +# aprsc can log to syslog too, but that'd require bringing the +# syslog socket within the chroot. +# + +DAEMON_OPTS="-u aprsc -t /opt/aprsc -f -e info -o file -r logs -c etc/aprsc.conf" diff --git a/config/etc/aprsc.conf b/config/etc/aprsc.conf new file mode 100644 index 0000000..e2ee189 --- /dev/null +++ b/config/etc/aprsc.conf @@ -0,0 +1,123 @@ +# Configuration for aprsc, an APRS-IS server for core servers + +# Your unique server ID +ServerId N0CALL +# Passcode for the server ID +PassCode +# Who is running this server? +MyAdmin "Admin Name, MYCALL" +# The email address where the admin can be reached +MyEmail jane@doe.tld + +### Directories ######### +# Data directory (for persistent state files - currently none) +RunDir data + +# If logging to a file (-o file), enable built-in log rotation. +# LogRotate +# "LogRotate 10 5" keeps 5 old files of 10 megabytes each. +LogRotate 1000 1 + +### Intervals and timers ######### +# Interval specification format examples: +# 600 (600 seconds), or 600s, 5m, 2h, 1h30m, 1d3h15m24s, etc... + +# When no data is received from an upstream server in N seconds, switch to +# another server. +UpstreamTimeout 15s + +# When no data is received from a downstream server in N seconds, disconnect +ClientTimeout 48h + +### TCP listener ########## +# Listen tcp
+# socketname: any name you wish to show up in logs and statistics +# porttype: one of: +# fullfeed - everything, after dupe filtering +# igate - igate / client port with user-specified filters +# udpsubmit - UDP packet submission port (8080) +# dupefeed - duplicate packets dropped by the server +# options: +# filter "m/500" - force a filter for users connected here +# maxclients 100 - limit clients connected on this port +# acl etc/client.acl - match client addresses against ACL +# hidden - don't show the port in the status page +# +# If you wish to provide UDP service for clients, set up a +# second listener on the same address, port and protocol. +# +# The "::" is IPv6 "IN6ADDR_ANY", whereas "0.0.0.0" is same +# with IPv4. +# +# On FreeBSD you need to have separate listeners for IPv4 and +# IPv6. On Linux, just use :: alone - the IPv6 listener will +# catch the IPv4 connections just as well. +# +# Example of normal server ports for Linux, supporting both TCP and UDP, +# IPv4 and IPv6: +# +Listen "Full feed" fullfeed tcp :: 10152 +Listen "" fullfeed udp :: 10152 + +Listen "Client-Defined Filters" igate tcp :: 14580 +Listen "" igate udp :: 14580 + +#Listen "350 km from my position" igate tcp :: 20350 filter "m/350" +#Listen "" igate udp :: 20350 filter "m/350" + +Listen "UDP submit" udpsubmit udp :: 8080 + +### Uplink configuration ######## +# Uplink tcp
+# name: a name of the server or service you're connecting to +# type: one of: +# full - full feed +# ro - read-only, do not transmit anything upstream +# +# If you wish to specify multiple alternative servers, use multiple +# Uplink lines, one for each server. +# +# Normally a single line for the 'rotate' address is fine - it will connect +# to one of the servers in a random fashion and go for another one should +# the first one become unavailable. +# +#Uplink "Core rotate" full tcp rotate.aprs.net 10152 +#Uplink "Core rotate" ro tcp rotate.aprs.net 10152 + +# OPTIONAL: Bind source address before connecting to an uplink +# You can enter two addresses, one for IPv4 and one for IPv6 connections. +# Needed if you have multiple IP addresses on your server and only one +# of them is allowed to connect by the remote server. +#UplinkBind 127.0.0.1 +#UplinkBind ::1 + +### HTTP server ########## +# HTTPStatus port provides a status view to web browsers. +# IPv6+IPv4 support works slightly differently than in Listen: +# :: is "all addresses" for IPv6, 0.0.0.0 for IPv4, but +# :: only works if you actually have a global IPv6 address +# configured on the system. +# The example is for IPv4, change the address to :: if you have +# IPv6. For FreeBSD, or if you wish to support multiple specific +# ports/addresses, use multiple HTTPStatus directives for each. +HTTPStatus 0.0.0.0 14501 +# HTTPUpload port allows position uploads over HTTP +HTTPUpload 0.0.0.0 8080 + +### Environment ############ +# When running this server as super-user, the server can (in many systems) +# increase several resource limits, and do other things that less privileged +# server can not do. +# +# The FileLimit is resource limit on how many simultaneous connections and +# some other internal resources the system can use at the same time. +# If the server is not being run as super-user, this setting has no effect +# in case it is above what normal user can set. +# +FileLimit 10000 + +### Operator attention span qualification run ########### +# After configuring the rest of the settings, remove this bad command +# from the configuration file. It's here only to avoid starting the +# server up accidentally with an invalid configuration. +# OffMagicBadness 42.7 diff --git a/config/etc/gai.conf b/config/etc/gai.conf new file mode 100644 index 0000000..4616ed0 --- /dev/null +++ b/config/etc/gai.conf @@ -0,0 +1,65 @@ +# Configuration for getaddrinfo(3). +# +# So far only configuration for the destination address sorting is needed. +# RFC 3484 governs the sorting. But the RFC also says that system +# administrators should be able to overwrite the defaults. This can be +# achieved here. +# +# All lines have an initial identifier specifying the option followed by +# up to two values. Information specified in this file replaces the +# default information. Complete absence of data of one kind causes the +# appropriate default information to be used. The supported commands include: +# +# reload +# If set to yes, each getaddrinfo(3) call will check whether this file +# changed and if necessary reload. This option should not really be +# used. There are possible runtime problems. The default is no. +# +# label +# Add another rule to the RFC 3484 label table. See section 2.1 in +# RFC 3484. The default is: +# +#label ::1/128 0 +#label ::/0 1 +#label 2002::/16 2 +#label ::/96 3 +#label ::ffff:0:0/96 4 +#label fec0::/10 5 +#label fc00::/7 6 +#label 2001:0::/32 7 +# +# This default differs from the tables given in RFC 3484 by handling +# (now obsolete) site-local IPv6 addresses and Unique Local Addresses. +# The reason for this difference is that these addresses are never +# NATed while IPv4 site-local addresses most probably are. Given +# the precedence of IPv6 over IPv4 (see below) on machines having only +# site-local IPv4 and IPv6 addresses a lookup for a global address would +# see the IPv6 be preferred. The result is a long delay because the +# site-local IPv6 addresses cannot be used while the IPv4 address is +# (at least for the foreseeable future) NATed. We also treat Teredo +# tunnels special. +# +# precedence +# Add another rule to the RFC 3484 precedence table. See section 2.1 +# and 10.3 in RFC 3484. The default is: +# +#precedence ::1/128 50 +#precedence ::/0 40 +#precedence 2002::/16 30 +#precedence ::/96 20 +#precedence ::ffff:0:0/96 10 +# +# For sites which prefer IPv4 connections change the last line to +# +#precedence ::ffff:0:0/96 100 + +# +# scopev4 +# Add another rule to the RFC 6724 scope table for IPv4 addresses. +# By default the scope IDs described in section 3.2 in RFC 6724 are +# used. Changing these defaults should hardly ever be necessary. +# The defaults are equivalent to: +# +#scopev4 ::ffff:169.254.0.0/112 2 +#scopev4 ::ffff:127.0.0.0/104 2 +#scopev4 ::ffff:0.0.0.0/96 14 diff --git a/config/etc/hosts b/config/etc/hosts new file mode 100644 index 0000000..491fbd3 --- /dev/null +++ b/config/etc/hosts @@ -0,0 +1,7 @@ +127.0.0.1 localhost +::1 localhost ip6-localhost ip6-loopback +fe00::0 ip6-localnet +ff00::0 ip6-mcastprefix +ff02::1 ip6-allnodes +ff02::2 ip6-allrouters +172.23.0.2 f1c65619c58a diff --git a/config/etc/nsswitch.conf b/config/etc/nsswitch.conf new file mode 100644 index 0000000..f20778e --- /dev/null +++ b/config/etc/nsswitch.conf @@ -0,0 +1,20 @@ +# /etc/nsswitch.conf +# +# Example configuration of GNU Name Service Switch functionality. +# If you have the `glibc-doc-reference' and `info' packages installed, try: +# `info libc "Name Service Switch"' for information about this file. + +passwd: files +group: files +shadow: files +gshadow: files + +hosts: files dns +networks: files + +protocols: db files +services: db files +ethers: db files +rpc: db files + +netgroup: nis diff --git a/config/etc/resolv.conf b/config/etc/resolv.conf new file mode 100644 index 0000000..f0bf526 --- /dev/null +++ b/config/etc/resolv.conf @@ -0,0 +1,2 @@ +nameserver 127.0.0.11 +options ndots:0 diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..c6c609c --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,15 @@ +version: '3.8' +services: + aprsc: + build: ./build/aprsc/. + volumes: + - ./config/default:/etc/default:rw + - ./config/etc:/opt/aprsc/etc/:rw + ports: + - 8080:8080 + - 10152:10152 + - 14501:14501 + - 14580:14580 + privileged: + true +