freeswitch/docker/master/Dockerfile

# vim:set ft=dockerfile:
ARG DEBIAN_VERSION=bookworm
FROM debian:${DEBIAN_VERSION}

# ARGs are cleared after every FROM
# see: https://docs.docker.com/engine/reference/builder/#understand-how-arg-and-from-interact
ARG DEBIAN_VERSION
ARG TOKEN

# By default, install the full set of FreeSWITCH packages.  Specify an alternative with:
#   --build-arg="FS_META_PACKAGE=freeswitch-meta-vanilla"
# alternatives include:
#   freeswitch-meta-bare
#   freeswitch-meta-vanilla
#   freeswitch-meta-sorbet
#   freeswitch-meta-all-dbg
ARG FS_META_PACKAGE=freeswitch-meta-all

# Source Dockerfile:
# https://github.com/docker-library/postgres/blob/master/9.4/Dockerfile

# explicitly set user/group IDs
ARG FREESWITCH_UID=499
ARG FREESWITCH_GID=499
RUN groupadd -r freeswitch --gid=${FREESWITCH_GID} && useradd -r -g freeswitch --uid=${FREESWITCH_UID} freeswitch

# make the "en_US.UTF-8" locale so freeswitch will be utf-8 enabled by default
RUN apt-get update -qq \
    && apt-get install -y --no-install-recommends ca-certificates gnupg2 gosu locales wget \
    && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
ENV LANG en_US.utf8

# https://freeswitch.org/confluence/display/FREESWITCH/Debian
# https://developer.signalwire.com/freeswitch/FreeSWITCH-Explained/Installation/Linux/Debian_67240088/

RUN wget --no-verbose --http-user=signalwire --http-password=${TOKEN} \
      -O /usr/share/keyrings/signalwire-freeswitch-repo.gpg \
      https://freeswitch.signalwire.com/repo/deb/debian-release/signalwire-freeswitch-repo.gpg \
    && echo "machine freeswitch.signalwire.com login signalwire password ${TOKEN}" > /etc/apt/auth.conf \
    && echo "deb [signed-by=/usr/share/keyrings/signalwire-freeswitch-repo.gpg] https://freeswitch.signalwire.com/repo/deb/debian-release/ ${DEBIAN_VERSION} main" > /etc/apt/sources.list.d/freeswitch.list \
    && apt-get -qq update \
    && apt-get install -y ${FS_META_PACKAGE} \
    && apt-get purge -y --auto-remove \
    && apt-get clean && rm -rf /var/lib/apt/lists/*

COPY docker-entrypoint.sh /
# Add anything else here

## Ports
# Document ports used by this container
### 8021 fs_cli, 5060 5061 5080 5081 sip and sips, 5066 ws, 7443 wss, 8081 8082 verto, 16384-32768, 64535-65535 rtp
EXPOSE 8021/tcp
EXPOSE 5060/tcp 5060/udp 5080/tcp 5080/udp
EXPOSE 5061/tcp 5061/udp 5081/tcp 5081/udp
EXPOSE 5066/tcp
EXPOSE 7443/tcp
EXPOSE 8081/tcp 8082/tcp
EXPOSE 64535-65535/udp
EXPOSE 16384-32768/udp

# Volumes
## Freeswitch Configuration
VOLUME ["/etc/freeswitch"]
## Tmp so we can get core dumps out
VOLUME ["/tmp"]

# Limits Configuration
COPY    build/freeswitch.limits.conf /etc/security/limits.d/

# Healthcheck to make sure the service is running
SHELL       ["/bin/bash", "-c"]
HEALTHCHECK --interval=15s --timeout=5s \
    CMD  fs_cli -x status | grep -q ^UP || exit 1

ENTRYPOINT ["/docker-entrypoint.sh"]
CMD ["freeswitch"]
FS-10090: [Build-System] Add Docker files for master and release #resolve 2017-03-04 00:25:07 +00:00			`# vim:set ft=dockerfile:`
updates for the Debian Dockerfile (#2234) * default to Debian bookworm * use DEBIAN_VERSION instead of lsb_release; gosu is in Debian since buster * update comments for FS_META_PACKAGE and exposed ports * fix SHELL invocation so 'RUN' works as expected in downstream builds See: https://docs.docker.com/engine/reference/builder/#shell 2023-09-09 16:38:50 +00:00			`ARG DEBIAN_VERSION=bookworm`
[Docker] Correct keyserver and key id in the Dockerfile 2022-03-20 21:34:47 +00:00			`FROM debian:${DEBIAN_VERSION}`
updates for the Debian Dockerfile (#2234) * default to Debian bookworm * use DEBIAN_VERSION instead of lsb_release; gosu is in Debian since buster * update comments for FS_META_PACKAGE and exposed ports * fix SHELL invocation so 'RUN' works as expected in downstream builds See: https://docs.docker.com/engine/reference/builder/#shell 2023-09-09 16:38:50 +00:00
			`# ARGs are cleared after every FROM`
			`# see: https://docs.docker.com/engine/reference/builder/#understand-how-arg-and-from-interact`
			`ARG DEBIAN_VERSION`
[Docker] Correct keyserver and key id in the Dockerfile 2022-03-20 21:34:47 +00:00			`ARG TOKEN`
FS-10090: [Build-System] Add Docker files for master and release #resolve 2017-03-04 00:25:07 +00:00
updates for the Debian Dockerfile (#2234) * default to Debian bookworm * use DEBIAN_VERSION instead of lsb_release; gosu is in Debian since buster * update comments for FS_META_PACKAGE and exposed ports * fix SHELL invocation so 'RUN' works as expected in downstream builds See: https://docs.docker.com/engine/reference/builder/#shell 2023-09-09 16:38:50 +00:00			`# By default, install the full set of FreeSWITCH packages. Specify an alternative with:`
			`# --build-arg="FS_META_PACKAGE=freeswitch-meta-vanilla"`
			`# alternatives include:`
			`# freeswitch-meta-bare`
			`# freeswitch-meta-vanilla`
			`# freeswitch-meta-sorbet`
			`# freeswitch-meta-all-dbg`
			`ARG FS_META_PACKAGE=freeswitch-meta-all`

FS-10090: [Build-System] Add Docker files for master and release #resolve 2017-03-04 00:25:07 +00:00			`# Source Dockerfile:`
			`# https://github.com/docker-library/postgres/blob/master/9.4/Dockerfile`

			`# explicitly set user/group IDs`
[Docker] Change default freeswitch UID and GID to 499 in docker/master/Dockerfile On several installs on recent Debian and Ubuntu systems, I have noticed that GID 999 is already allocated on the system running the container, making it a minor hassle to share a common freeswitch UID and GID between the Docker host and the container. The conflicting group id varies, but is typically either one of the systemd groups or polkitd, which are dynamically created when those packages are installed. The behavior stems from the range of system GIDs being between 100-999 ([see Debian Policy 9.2.2](https://www.debian.org/doc/debian-policy/ch-opersys.html#uid-and-gid-classes)) and the fact that system installation dynamically allocates from this range. I didn't track down exactly why these daemons are allocating from the top of the range, since the default behavior of `adduser` and `addgroup` ([link](https://salsa.debian.org/debian/adduser/-/blob/6c04aa701a2ca09efbff9094ab07e7dae14554fc/adduser#L1255-1269)) is to search from the bottom of the range, and the manpage for `groupadd` says that it's default is also to use the smallest id, but perhaps it was to avoid (other) conflicts. The approach taken in this PR is to default to 499, more in the middle of the range, which should reduce the chance of conflicting with an existing system UID and GID. The values are also now exposed as ARGs and so can be explicitly set during the build with `--build-arg="FREESWITCH_UID=xxx"` and `--build-arg="FREESWITCH_GID=yyy"` if desired. 2024-01-05 15:42:58 +00:00			`ARG FREESWITCH_UID=499`
			`ARG FREESWITCH_GID=499`
			`RUN groupadd -r freeswitch --gid=${FREESWITCH_GID} && useradd -r -g freeswitch --uid=${FREESWITCH_UID} freeswitch`
FS-10090: [Build-System] Add Docker files for master and release #resolve 2017-03-04 00:25:07 +00:00
			`# make the "en_US.UTF-8" locale so freeswitch will be utf-8 enabled by default`
updates for the Debian Dockerfile (#2234) * default to Debian bookworm * use DEBIAN_VERSION instead of lsb_release; gosu is in Debian since buster * update comments for FS_META_PACKAGE and exposed ports * fix SHELL invocation so 'RUN' works as expected in downstream builds See: https://docs.docker.com/engine/reference/builder/#shell 2023-09-09 16:38:50 +00:00			`RUN apt-get update -qq \`
			`&& apt-get install -y --no-install-recommends ca-certificates gnupg2 gosu locales wget \`
FS-10090: [Build-System] Add Docker files for master and release #resolve 2017-03-04 00:25:07 +00:00			`&& localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8`
			`ENV LANG en_US.utf8`

[Docker] Correct keyserver and key id in the Dockerfile 2022-03-20 21:34:47 +00:00			`# https://freeswitch.org/confluence/display/FREESWITCH/Debian`
updates for the Debian Dockerfile (#2234) * default to Debian bookworm * use DEBIAN_VERSION instead of lsb_release; gosu is in Debian since buster * update comments for FS_META_PACKAGE and exposed ports * fix SHELL invocation so 'RUN' works as expected in downstream builds See: https://docs.docker.com/engine/reference/builder/#shell 2023-09-09 16:38:50 +00:00			`# https://developer.signalwire.com/freeswitch/FreeSWITCH-Explained/Installation/Linux/Debian_67240088/`
FS-10090: [Build-System] Add Docker files for master and release #resolve 2017-03-04 00:25:07 +00:00
updates for the Debian Dockerfile (#2234) * default to Debian bookworm * use DEBIAN_VERSION instead of lsb_release; gosu is in Debian since buster * update comments for FS_META_PACKAGE and exposed ports * fix SHELL invocation so 'RUN' works as expected in downstream builds See: https://docs.docker.com/engine/reference/builder/#shell 2023-09-09 16:38:50 +00:00			`RUN wget --no-verbose --http-user=signalwire --http-password=${TOKEN} \`
			`-O /usr/share/keyrings/signalwire-freeswitch-repo.gpg \`
			`https://freeswitch.signalwire.com/repo/deb/debian-release/signalwire-freeswitch-repo.gpg \`
[Docker] Correct keyserver and key id in the Dockerfile 2022-03-20 21:34:47 +00:00			`&& echo "machine freeswitch.signalwire.com login signalwire password ${TOKEN}" > /etc/apt/auth.conf \`
updates for the Debian Dockerfile (#2234) * default to Debian bookworm * use DEBIAN_VERSION instead of lsb_release; gosu is in Debian since buster * update comments for FS_META_PACKAGE and exposed ports * fix SHELL invocation so 'RUN' works as expected in downstream builds See: https://docs.docker.com/engine/reference/builder/#shell 2023-09-09 16:38:50 +00:00			`&& echo "deb [signed-by=/usr/share/keyrings/signalwire-freeswitch-repo.gpg] https://freeswitch.signalwire.com/repo/deb/debian-release/ ${DEBIAN_VERSION} main" > /etc/apt/sources.list.d/freeswitch.list \`
			`&& apt-get -qq update \`
			`&& apt-get install -y ${FS_META_PACKAGE} \`
			`&& apt-get purge -y --auto-remove \`
FS-10090: [Build-System] Add Docker files for master and release #resolve 2017-03-04 00:25:07 +00:00			`&& apt-get clean && rm -rf /var/lib/apt/lists/*`

			`COPY docker-entrypoint.sh /`
			`# Add anything else here`

FS-10106 [Docker] Updates to Docker Configuration Updates for the docker configuration to allow for the following: - Allow for bring in own configuration - Exposes the Ports needed for non-docker networking - Allows for mount /tmp to write out logs, etc to the host machine if configured as so. - Health check of the freeswitch service 2017-03-08 15:20:05 +00:00			`## Ports`
updates for the Debian Dockerfile (#2234) * default to Debian bookworm * use DEBIAN_VERSION instead of lsb_release; gosu is in Debian since buster * update comments for FS_META_PACKAGE and exposed ports * fix SHELL invocation so 'RUN' works as expected in downstream builds See: https://docs.docker.com/engine/reference/builder/#shell 2023-09-09 16:38:50 +00:00			`# Document ports used by this container`
			`### 8021 fs_cli, 5060 5061 5080 5081 sip and sips, 5066 ws, 7443 wss, 8081 8082 verto, 16384-32768, 64535-65535 rtp`
FS-10106 [Docker] Updates to Docker Configuration Updates for the docker configuration to allow for the following: - Allow for bring in own configuration - Exposes the Ports needed for non-docker networking - Allows for mount /tmp to write out logs, etc to the host machine if configured as so. - Health check of the freeswitch service 2017-03-08 15:20:05 +00:00			`EXPOSE 8021/tcp`
			`EXPOSE 5060/tcp 5060/udp 5080/tcp 5080/udp`
			`EXPOSE 5061/tcp 5061/udp 5081/tcp 5081/udp`
updates for the Debian Dockerfile (#2234) * default to Debian bookworm * use DEBIAN_VERSION instead of lsb_release; gosu is in Debian since buster * update comments for FS_META_PACKAGE and exposed ports * fix SHELL invocation so 'RUN' works as expected in downstream builds See: https://docs.docker.com/engine/reference/builder/#shell 2023-09-09 16:38:50 +00:00			`EXPOSE 5066/tcp`
FS-10106 [Docker] Updates to Docker Configuration Updates for the docker configuration to allow for the following: - Allow for bring in own configuration - Exposes the Ports needed for non-docker networking - Allows for mount /tmp to write out logs, etc to the host machine if configured as so. - Health check of the freeswitch service 2017-03-08 15:20:05 +00:00			`EXPOSE 7443/tcp`
updates for the Debian Dockerfile (#2234) * default to Debian bookworm * use DEBIAN_VERSION instead of lsb_release; gosu is in Debian since buster * update comments for FS_META_PACKAGE and exposed ports * fix SHELL invocation so 'RUN' works as expected in downstream builds See: https://docs.docker.com/engine/reference/builder/#shell 2023-09-09 16:38:50 +00:00			`EXPOSE 8081/tcp 8082/tcp`
FS-10106 [Docker] Updates to Docker Configuration Updates for the docker configuration to allow for the following: - Allow for bring in own configuration - Exposes the Ports needed for non-docker networking - Allows for mount /tmp to write out logs, etc to the host machine if configured as so. - Health check of the freeswitch service 2017-03-08 15:20:05 +00:00			`EXPOSE 64535-65535/udp`
			`EXPOSE 16384-32768/udp`

			`# Volumes`
			`## Freeswitch Configuration`
			`VOLUME ["/etc/freeswitch"]`
			`## Tmp so we can get core dumps out`
			`VOLUME ["/tmp"]`

			`# Limits Configuration`
			`COPY build/freeswitch.limits.conf /etc/security/limits.d/`

			`# Healthcheck to make sure the service is running`
updates for the Debian Dockerfile (#2234) * default to Debian bookworm * use DEBIAN_VERSION instead of lsb_release; gosu is in Debian since buster * update comments for FS_META_PACKAGE and exposed ports * fix SHELL invocation so 'RUN' works as expected in downstream builds See: https://docs.docker.com/engine/reference/builder/#shell 2023-09-09 16:38:50 +00:00			`SHELL ["/bin/bash", "-c"]`
FS-10106 [Docker] Updates to Docker Configuration Updates for the docker configuration to allow for the following: - Allow for bring in own configuration - Exposes the Ports needed for non-docker networking - Allows for mount /tmp to write out logs, etc to the host machine if configured as so. - Health check of the freeswitch service 2017-03-08 15:20:05 +00:00			`HEALTHCHECK --interval=15s --timeout=5s \`
			`CMD fs_cli -x status \| grep -q ^UP \|\| exit 1`

FS-10090: [Build-System] Add Docker files for master and release #resolve 2017-03-04 00:25:07 +00:00			`ENTRYPOINT ["/docker-entrypoint.sh"]`
			`CMD ["freeswitch"]`