From 2eb4aea9d47aa756b86ded7010897a8da3ccceb6 Mon Sep 17 00:00:00 2001 From: Harvester57 Date: Tue, 9 Dec 2025 21:32:38 +0100 Subject: [PATCH 1/7] Implement Dockerfile best practices --- Dockerfile | 31 ++++++++++++++++++------------- 1 file changed, 18 insertions(+), 13 deletions(-) diff --git a/Dockerfile b/Dockerfile index c9fe14f..0d951c2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,15 +1,20 @@ FROM debian:13 -RUN apt-get update -RUN apt-get install -y supervisor iproute2 iptables gettext-base +ARG DEBIAN_FRONTEND=noninteractive + +RUN apt-get update && \ + apt-get install --no-install-recommends -y supervisor iproute2 iptables gettext-base build-essential git ca-certificates && \ + update-ca-certificates && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* -RUN apt-get install -y build-essential git RUN git clone https://github.com/Raraph84/dhclient-orange-patched /tmp/dhclient-orange-patched -RUN cd /tmp/dhclient-orange-patched && ./configure && make && make install -RUN cp /tmp/dhclient-orange-patched/client/scripts/linux /sbin/dhclient-script && chmod +x /sbin/dhclient-script -RUN mkdir -p /var/lib/dhcp /etc/dhclient-enter-hooks.d /etc/dhclient-exit-hooks.d -RUN rm -rf /tmp/dhclient-orange-patched -RUN apt-get remove -y build-essential git && apt-get autoremove -y && apt-get clean +WORKDIR /tmp/dhclient-orange-patched +RUN ./configure && make && make install && \ + cp /tmp/dhclient-orange-patched/client/scripts/linux /sbin/dhclient-script && chmod +x /sbin/dhclient-script && \ + mkdir -p /var/lib/dhcp /etc/dhclient-enter-hooks.d /etc/dhclient-exit-hooks.d && \ + rm -rf /tmp/dhclient-orange-patched && \ + apt-get remove -y build-essential git && apt-get autoremove -y && apt-get clean && rm -rf /var/lib/apt/lists/* COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf COPY init.sh /usr/local/bin/init.sh @@ -20,11 +25,11 @@ COPY dhclient-orange-v6.conf.template /etc/dhcp/dhclient-orange-v6.conf.template COPY no-dns-dhcp-enter-hook.sh /etc/dhclient-enter-hooks.d/no-dns COPY ipv6-dhcp-exit-hook.sh /etc/dhclient-exit-hooks.d/setup-ipv6 -RUN chmod +x /usr/local/bin/init.sh -RUN chmod +x /etc/dhcp/dhclient-orange-generator.sh -RUN chmod +x /usr/local/bin/up-fiber.sh -RUN chmod +x /etc/dhclient-enter-hooks.d/no-dns -RUN chmod +x /etc/dhclient-exit-hooks.d/setup-ipv6 +RUN chmod +x /usr/local/bin/init.sh \ + /etc/dhcp/dhclient-orange-generator.sh \ + /usr/local/bin/up-fiber.sh \ + /etc/dhclient-enter-hooks.d/no-dns \ + /etc/dhclient-exit-hooks.d/setup-ipv6 ENV LAN_INTERFACE=eth0 ENV WAN_INTERFACE=eth1 From 9a2f669cb74a893b2f307016ba4cfd39caf462cd Mon Sep 17 00:00:00 2001 From: Harvester57 Date: Tue, 9 Dec 2025 21:33:15 +0100 Subject: [PATCH 2/7] Switch base image to slim variant --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 0d951c2..b032823 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM debian:13 +FROM debian:13-slim@sha256:e711a7b30ec1261130d0a121050b4ed81d7fb28aeabcf4ea0c7876d4e9f5aca2 ARG DEBIAN_FRONTEND=noninteractive From 6972818147f382fb3b8955ab39647ca0740fd4c8 Mon Sep 17 00:00:00 2001 From: Harvester57 Date: Tue, 9 Dec 2025 21:49:43 +0100 Subject: [PATCH 3/7] Install dev dependencies in a single layer --- Dockerfile | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index b032823..094aa6c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,18 +3,20 @@ FROM debian:13-slim@sha256:e711a7b30ec1261130d0a121050b4ed81d7fb28aeabcf4ea0c787 ARG DEBIAN_FRONTEND=noninteractive RUN apt-get update && \ - apt-get install --no-install-recommends -y supervisor iproute2 iptables gettext-base build-essential git ca-certificates && \ + apt-get install --no-install-recommends -y supervisor iproute2 iptables gettext-base ca-certificates && \ update-ca-certificates && \ apt-get clean && \ rm -rf /var/lib/apt/lists/* -RUN git clone https://github.com/Raraph84/dhclient-orange-patched /tmp/dhclient-orange-patched -WORKDIR /tmp/dhclient-orange-patched -RUN ./configure && make && make install && \ +RUN set -eux; \ + apt-get update && apt-get install -y --no-install-recommends build-essential git && \ + git clone --depth 1 https://github.com/Raraph84/dhclient-orange-patched /tmp/dhclient-orange-patched && \ + cd /tmp/dhclient-orange-patched && \ + ./configure && make && make install && \ cp /tmp/dhclient-orange-patched/client/scripts/linux /sbin/dhclient-script && chmod +x /sbin/dhclient-script && \ mkdir -p /var/lib/dhcp /etc/dhclient-enter-hooks.d /etc/dhclient-exit-hooks.d && \ rm -rf /tmp/dhclient-orange-patched && \ - apt-get remove -y build-essential git && apt-get autoremove -y && apt-get clean && rm -rf /var/lib/apt/lists/* + apt-get purge -y --auto-remove build-essential git && apt-get clean && rm -rf /var/lib/apt/lists/* COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf COPY init.sh /usr/local/bin/init.sh From a0f86c8b91d8e4da4937795499bf6c897e607ac1 Mon Sep 17 00:00:00 2001 From: Florian Stosse Date: Wed, 10 Dec 2025 11:24:11 +0100 Subject: [PATCH 4/7] Multi stage build --- Dockerfile | 31 +++++++++++++++++-------------- 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/Dockerfile b/Dockerfile index 094aa6c..278ebc0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,23 +1,25 @@ -FROM debian:13-slim@sha256:e711a7b30ec1261130d0a121050b4ed81d7fb28aeabcf4ea0c7876d4e9f5aca2 +FROM debian:13@sha256:0d01188e8dd0ac63bf155900fad49279131a876a1ea7fac917c62e87ccb2732d AS builder ARG DEBIAN_FRONTEND=noninteractive RUN apt-get update && \ - apt-get install --no-install-recommends -y supervisor iproute2 iptables gettext-base ca-certificates && \ - update-ca-certificates && \ - apt-get clean && \ - rm -rf /var/lib/apt/lists/* - -RUN set -eux; \ - apt-get update && apt-get install -y --no-install-recommends build-essential git && \ + apt-get install -y --no-install-recommends build-essential git && \ git clone --depth 1 https://github.com/Raraph84/dhclient-orange-patched /tmp/dhclient-orange-patched && \ cd /tmp/dhclient-orange-patched && \ - ./configure && make && make install && \ - cp /tmp/dhclient-orange-patched/client/scripts/linux /sbin/dhclient-script && chmod +x /sbin/dhclient-script && \ - mkdir -p /var/lib/dhcp /etc/dhclient-enter-hooks.d /etc/dhclient-exit-hooks.d && \ - rm -rf /tmp/dhclient-orange-patched && \ - apt-get purge -y --auto-remove build-essential git && apt-get clean && rm -rf /var/lib/apt/lists/* + ./configure && make -j$(( $(nproc) + 1 )) && make install + +FROM debian:13-slim@sha256:e711a7b30ec1261130d0a121050b4ed81d7fb28aeabcf4ea0c7876d4e9f5aca2 + +ARG DEBIAN_FRONTEND=noninteractive + +RUN apt-get update && \ + apt-get install --no-install-recommends -y supervisor iproute2 iptables gettext-base && \ + apt-get clean && \ + rm -rf /var/lib/apt/lists/* && \ + mkdir -p /var/lib/dhcp /etc/dhclient-enter-hooks.d /etc/dhclient-exit-hooks.d +COPY --from=builder /tmp/dhclient-orange-patched/client/scripts/linux /sbin/dhclient-script +COPY --from=builder /usr/local/sbin/dhclient /usr/local/sbin/dhclient COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf COPY init.sh /usr/local/bin/init.sh COPY up-fiber.sh /usr/local/bin/up-fiber.sh @@ -31,7 +33,8 @@ RUN chmod +x /usr/local/bin/init.sh \ /etc/dhcp/dhclient-orange-generator.sh \ /usr/local/bin/up-fiber.sh \ /etc/dhclient-enter-hooks.d/no-dns \ - /etc/dhclient-exit-hooks.d/setup-ipv6 + /etc/dhclient-exit-hooks.d/setup-ipv6 \ + /sbin/dhclient-script ENV LAN_INTERFACE=eth0 ENV WAN_INTERFACE=eth1 From f9cb1dd745da6e764c3c22875e50f45d94d047aa Mon Sep 17 00:00:00 2001 From: Florian Stosse Date: Wed, 10 Dec 2025 11:42:26 +0100 Subject: [PATCH 5/7] Cleanup build stage --- Dockerfile | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 278ebc0..b0bf35e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,10 @@ RUN apt-get update && \ apt-get install -y --no-install-recommends build-essential git && \ git clone --depth 1 https://github.com/Raraph84/dhclient-orange-patched /tmp/dhclient-orange-patched && \ cd /tmp/dhclient-orange-patched && \ - ./configure && make -j$(( $(nproc) + 1 )) && make install + ./configure && make -j$(( $(nproc) + 1 )) && make install && \ + rm -rf /tmp/dhclient-orange-patched && \ + apt-get purge -y --auto-remove build-essential git && \ + rm -rf /var/lib/apt/lists/* FROM debian:13-slim@sha256:e711a7b30ec1261130d0a121050b4ed81d7fb28aeabcf4ea0c7876d4e9f5aca2 From 950826db0b71f2eafc8ab0839e4b0e0d4f638327 Mon Sep 17 00:00:00 2001 From: Harvester57 Date: Thu, 11 Dec 2025 00:34:19 +0100 Subject: [PATCH 6/7] Decrease build time --- Dockerfile | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index b0bf35e..3d6fb17 100644 --- a/Dockerfile +++ b/Dockerfile @@ -3,13 +3,11 @@ FROM debian:13@sha256:0d01188e8dd0ac63bf155900fad49279131a876a1ea7fac917c62e87cc ARG DEBIAN_FRONTEND=noninteractive RUN apt-get update && \ - apt-get install -y --no-install-recommends build-essential git && \ + apt-get install -y --no-install-recommends build-essential git ca-certificates && \ + update-ca-certificates && \ git clone --depth 1 https://github.com/Raraph84/dhclient-orange-patched /tmp/dhclient-orange-patched && \ cd /tmp/dhclient-orange-patched && \ - ./configure && make -j$(( $(nproc) + 1 )) && make install && \ - rm -rf /tmp/dhclient-orange-patched && \ - apt-get purge -y --auto-remove build-essential git && \ - rm -rf /var/lib/apt/lists/* + ./configure && make -j$(( $(nproc) + 1 )) && make install FROM debian:13-slim@sha256:e711a7b30ec1261130d0a121050b4ed81d7fb28aeabcf4ea0c7876d4e9f5aca2 From 2a930f53c8769c82db9dceec67be7ed1225f1f5c Mon Sep 17 00:00:00 2001 From: Harvester57 Date: Sat, 13 Dec 2025 00:09:45 +0100 Subject: [PATCH 7/7] Make dhclient executable --- Dockerfile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 3d6fb17..a3d1843 100644 --- a/Dockerfile +++ b/Dockerfile @@ -35,7 +35,8 @@ RUN chmod +x /usr/local/bin/init.sh \ /usr/local/bin/up-fiber.sh \ /etc/dhclient-enter-hooks.d/no-dns \ /etc/dhclient-exit-hooks.d/setup-ipv6 \ - /sbin/dhclient-script + /sbin/dhclient-script \ + /usr/local/sbin/dhclient ENV LAN_INTERFACE=eth0 ENV WAN_INTERFACE=eth1