Merge pull request #1 from kaweezle:featue/base-image

🎉 Initial import

.github/workflows/base.yml

@@ -0,0 +1,76 @@
+# cSpell: disable
+name: Publish docker image on docker hub
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - "master"
+    tags:
+      - "v*"
+  pull_request:
+    branches:
+      - "master"
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+        with:
+          driver-opts: |
+            image=moby/buildkit:master
+      - name: Docker Login
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ github.repository_owner }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - name: Docker meta
+        id: meta
+        uses: docker/metadata-action@v4
+        with:
+          images: ghcr.io/${{ github.repository }}-base
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Build and push
+        uses: docker/build-push-action@v3
+        with:
+          context: ./base
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+
+      - name: Export as root fs
+        uses: docker/build-push-action@v3
+        with:
+          context: ./base
+          push: false
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
+          outputs: type=tar,dest=alpine-boxes-base.tar
+
+      - name: Compress root filesystem and compute checksum
+        run: |
+          gzip alpine-boxes-base.tar
+          sha256sum alpine-boxes-base.tar.gz >> SHA256SUMS
+      - name: Upload root fs artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: rootfs
+          path: |
+            alpine-boxes-base.tar.gz
+            SHA256SUMS
+      - name: release
+        if: contains(github.ref, 'refs/tags/v') && !github.event.release.prerelease
+        uses: softprops/action-gh-release@v1
+        with:
+          files: |
+            alpine-boxes-base.tar.gz
+            SHA256SUMS
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

README.md

@@ -1,2 +1,55 @@
 # alpine-boxes
-Alpine Linux based container images and root filesystems
+
+[![stability-experimental](https://img.shields.io/badge/stability-experimental-orange.svg)](https://github.com/mkenney/software-guides/blob/master/STABILITY-BADGES.md#experimental)
+
+This repository contains the files and build tools to build Alpine Linux based
+OCI images, WSL and LXC root file systems and VM images.
+
+The base build system used is [docker buildx](https://docs.docker.com/build/).
+It offers several advantages over other systems (see
+[alternatives](#alternatives)):
+
+- Layers cache
+- Simple _recipe based_
+- Multi-architecture (not used right now)
+- Inheritance (`FROM ...`)
+- Easy efficient online storage (registry)
+
+## Why Alpine Linux ?
+
+- Small
+- Used as a base container image for many standard container images.
+- Good community.
+- Contrary to Systemd based systems, Alpine is based on OpenRC that plays well
+  in WSL distributions (see
+  [OpenRC Gentoo Documentation](https://wiki.gentoo.org/wiki/OpenRC)).
+
+## Making root file systems from docker images
+
+docker buildx has
+[several output types](https://docs.docker.com/engine/reference/commandline/buildx_build/#output)
+and one of them is `tar`, which is convenient to produce a root filesystem
+suitable for import into WSL or LXC.
+
+## Making VM images from docker images
+
+An _almost_ bootable docker image can easily been derived from an existing
+docker image (see
+[this Dockerfile](https://github.com/linka-cloud/d2vm/blob/main/templates/alpine.Dockerfile)).
+Then it's just a matter to dump the image filesystem in a locally mounted image
+file and install a bootloader.
+
+## Alternatives
+
+- [Packer](https://www.packer.io/)
+- [Ansible](https://www.ansible.com/)
+- [distobuilder](https://github.com/lxc/distrobuilder)
+- [alpine-make-vm-image](https://github.com/alpinelinux/alpine-make-vm-image)
+- Makefile
+- Shell scripts
+
+## See also
+
+- [d2vm](https://github.com/linka-cloud/d2vm)
+- [docker-to-linux](https://github.com/iximiuz/docker-to-linux)
+- [alpine-openstack-vm](https://github.com/antoinemartin/alpine-openstack-vm)

base/Dockerfile

@@ -0,0 +1,52 @@
+# syntax=docker/dockerfile:1.3-labs
+FROM alpine:3.17
+
+
+# Add the dependencies
+RUN echo "http://dl-cdn.alpinelinux.org/alpine/edge/testing/" >> /etc/apk/repositories && \
+    apk update --quiet && \
+    apk add --no-progress --no-cache openrc zsh git curl doas && \
+    rm -rf `find /var/cache/apk/ -type f`
+
+# Change root shell
+RUN sed -ie '/^root:/ s#:/bin/.*$#:/bin/zsh#' /etc/passwd
+
+# Add Oh-my-zsh
+RUN git clone --quiet --depth 1 https://github.com/ohmyzsh/ohmyzsh.git /usr/share/oh-my-zsh && \
+    sed -i -e 's#^export ZSH=.*#export ZSH=/usr/share/oh-my-zsh#g' /usr/share/oh-my-zsh/templates/zshrc.zsh-template && \
+    git clone --quiet --depth=1 https://github.com/romkatv/powerlevel10k.git /usr/share/oh-my-zsh/custom/themes/powerlevel10k && \
+    git clone --quiet --depth=1  https://github.com/zsh-users/zsh-autosuggestions "/usr/share/oh-my-zsh/custom/plugins/zsh-autosuggestions" && \
+    sed -ie '/^plugins=/ s#.*#plugins=(git zsh-autosuggestions)#' /usr/share/oh-my-zsh/templates/zshrc.zsh-template && \
+    sed -ie '/^ZSH_THEME=/ s#.*#ZSH_THEME="powerlevel10k/powerlevel10k"#' /usr/share/oh-my-zsh/templates/zshrc.zsh-template && \
+    echo '[[ ! -f ~/.p10k.zsh ]] || source ~/.p10k.zsh' >> /usr/share/oh-my-zsh/templates/zshrc.zsh-template
+
+# OpenRC stuff
+RUN mkdir -p /lib/rc/init.d && \
+    ln -s /lib/rc/init.d /run/openrc && \
+    touch /lib/rc/init.d/softlevel
+
+ADD rc.conf /etc/rc.conf
+
+# Configure root user
+USER root
+RUN install -m 700 -o root -g root /usr/share/oh-my-zsh/templates/zshrc.zsh-template /root/.zshrc && \
+    install --directory -o root -g root -m 0700 /root/.ssh
+
+COPY --chown=root:root ./p10k.zsh /root/.p10k.zsh
+
+
+# Add user alpine
+RUN adduser -s /bin/zsh -g alpine -D alpine && \
+    addgroup alpine wheel && \
+    echo "permit nopass keepenv :wheel" >> /etc/doas.d/doas.conf
+
+# Configure user alpine
+USER alpine
+
+RUN install -m 700 -o alpine -g alpine /usr/share/oh-my-zsh/templates/zshrc.zsh-template /home/alpine/.zshrc && \
+    install --directory -o alpine -g alpine -m 0700 /home/alpine/.ssh 
+
+COPY --chown=alpine:alpine ./p10k.zsh /home/alpine/.p10k.zsh
+
+# Run shell by default. Allows using the docker image
+CMD /bin/zsh