strongSwan: switch base image to debian-slim (#1033)
This commit is contained in:
parent
0ab19122d1
commit
f97239bd97
|
@ -12,10 +12,13 @@
|
|||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
|
||||
FROM alpine:latest
|
||||
FROM debian:bullseye-slim
|
||||
|
||||
RUN set -xe \
|
||||
&& apk add --no-cache strongswan bash sudo
|
||||
ENV STRONGSWAN_VERSION=5.9
|
||||
|
||||
RUN apt-get update \
|
||||
&& DEBIAN_FRONTEND=noninteractive apt-get install -y sudo iptables procps strongswan=${STRONGSWAN_VERSION}* \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
COPY entrypoint.sh /entrypoint.sh
|
||||
RUN chmod 0755 /entrypoint.sh
|
||||
|
|
|
@ -22,7 +22,7 @@ _stop_ipsec() {
|
|||
echo "Shutting down strongSwan/ipsec..."
|
||||
ipsec stop
|
||||
}
|
||||
trap _stop_ipsec SIGTERM
|
||||
trap _stop_ipsec TERM
|
||||
|
||||
# Making the containter to work as a default gateway for LAN_NETWORKS
|
||||
iptables -t nat -A POSTROUTING -s ${LAN_NETWORKS} -o ${VPN_DEVICE} -m policy --dir out --pol ipsec -j ACCEPT
|
||||
|
|
Loading…
Reference in New Issue