From 6bfe83ca00fb6eb82d36f43bca07c17423220eca Mon Sep 17 00:00:00 2001 From: Yi-Ting Shih Date: Tue, 10 Mar 2026 08:59:36 +0800 Subject: [PATCH] Feat: lab0 done --- Dockerfile | 31 ++++++++++++++++++++++ docker-compose.yaml | 8 ++++++ root/.gitignore | 1 + root/etc/apt/sources.list.d/ubuntu.sources | 11 ++++++++ root/etc/wireguard/wg0.conf.example | 8 ++++++ root/home/judge/.ssh/authorized_keys | 1 + 6 files changed, 60 insertions(+) create mode 100644 Dockerfile create mode 100644 docker-compose.yaml create mode 100644 root/.gitignore create mode 100644 root/etc/apt/sources.list.d/ubuntu.sources create mode 100644 root/etc/wireguard/wg0.conf.example create mode 100644 root/home/judge/.ssh/authorized_keys diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..51d079c --- /dev/null +++ b/Dockerfile @@ -0,0 +1,31 @@ +FROM docker.io/library/ubuntu:24.04 + +ENV container=docker \ + DEBIAN_FRONTEND=noninteractive + +COPY ./root / + +RUN apt-get update && \ + apt-get install -y --no-install-recommends \ + sudo systemd findutils \ + iproute2 iputils-ping wireguard wireguard-tools \ + openssh-server #&& \ + # apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* + # as the spec says + +RUN find /etc/systemd/system /lib/systemd/system \ + -path '*.wants/*' \ + -not -name '*journald*' \ + -not -name '*systemd-tmpfiles*' \ + -not -name '*systemd-user-sessions*' \ + -print0 | xargs -0 rm -vf + +RUN systemctl enable \ + wg-quick@wg0.service \ + ssh.socket + +RUN useradd -m judge -s /bin/bash + +VOLUME ["/sys/fs/cgroup"] +ENTRYPOINT ["/lib/systemd/systemd"] +CMD [] diff --git a/docker-compose.yaml b/docker-compose.yaml new file mode 100644 index 0000000..f7b2255 --- /dev/null +++ b/docker-compose.yaml @@ -0,0 +1,8 @@ +--- +services: + run: + build: + context: . + cap_add: + - NET_ADMIN + - NET_RAW diff --git a/root/.gitignore b/root/.gitignore new file mode 100644 index 0000000..251dcec --- /dev/null +++ b/root/.gitignore @@ -0,0 +1 @@ +etc/wireguard/wg0.conf diff --git a/root/etc/apt/sources.list.d/ubuntu.sources b/root/etc/apt/sources.list.d/ubuntu.sources new file mode 100644 index 0000000..33229ec --- /dev/null +++ b/root/etc/apt/sources.list.d/ubuntu.sources @@ -0,0 +1,11 @@ +Types: deb +URIs: http://ubuntu.cs.nycu.edu.tw/ubuntu/ +Suites: noble noble-updates noble-backports +Components: main universe restricted multiverse +Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg + +Types: deb +URIs: http://ubuntu.cs.nycu.edu.tw/ubuntu/ +Suites: noble-security +Components: main universe restricted multiverse +Signed-By: /usr/share/keyrings/ubuntu-archive-keyring.gpg diff --git a/root/etc/wireguard/wg0.conf.example b/root/etc/wireguard/wg0.conf.example new file mode 100644 index 0000000..5565911 --- /dev/null +++ b/root/etc/wireguard/wg0.conf.example @@ -0,0 +1,8 @@ +[Interface] +Address = 192.168.0.17/28 +PrivateKey = +[Peer] +PublicKey = +PresharedKey = +AllowedIPs = 192.168.0.0/16 +Endpoint = 140.113.17.2:5000 diff --git a/root/home/judge/.ssh/authorized_keys b/root/home/judge/.ssh/authorized_keys new file mode 100644 index 0000000..ea901cb --- /dev/null +++ b/root/home/judge/.ssh/authorized_keys @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILti+rM2UdvYTUgBKihp0b/9o2W+KvJVmA2ex0/u8pCV judge@sa-2025