FROM ghcr.io/linuxserver/baseimage-ubuntu:arm64v8-jammy # set version label ARG BUILD_DATE ARG VERSION ARG WIREGUARD_RELEASE LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}" LABEL maintainer="aptalca" ENV DEBIAN_FRONTEND="noninteractive" RUN \ echo "**** install dependencies ****" && \ apt-get update && \ apt-get install -y --no-install-recommends \ bc \ build-essential \ curl \ dkms \ git \ gnupg \ ifupdown \ iproute2 \ iptables \ iputils-ping \ jq \ libc6 \ libelf-dev \ net-tools \ netcat \ openresolv \ perl \ pkg-config \ qrencode && \ update-alternatives --set iptables /usr/sbin/iptables-legacy && \ echo "**** install wireguard-tools ****" && \ if [ -z ${WIREGUARD_RELEASE+x} ]; then \ WIREGUARD_RELEASE=$(curl -sX GET "https://api.github.com/repos/WireGuard/wireguard-tools/tags" \ | jq -r .[0].name); \ fi && \ cd /app && \ git clone https://git.zx2c4.com/wireguard-linux-compat && \ git clone https://git.zx2c4.com/wireguard-tools && \ cd wireguard-tools && \ git checkout "${WIREGUARD_RELEASE}" && \ sed -i 's|\[\[ $proto == -4 \]\] && cmd sysctl -q net\.ipv4\.conf\.all\.src_valid_mark=1|[[ $proto == -4 ]] \&\& [[ $(sysctl -n net.ipv4.conf.all.src_valid_mark) != 1 ]] \&\& cmd sysctl -q net.ipv4.conf.all.src_valid_mark=1|' src/wg-quick/linux.bash && \ make -C src -j$(nproc) && \ make -C src install && \ echo "**** install CoreDNS ****" && \ COREDNS_VERSION=$(curl -sX GET "https://api.github.com/repos/coredns/coredns/releases/latest" \ | awk '/tag_name/{print $4;exit}' FS='[""]' | awk '{print substr($1,2); }') && \ curl -o \ /tmp/coredns.tar.gz -L \ "https://github.com/coredns/coredns/releases/download/v${COREDNS_VERSION}/coredns_${COREDNS_VERSION}_linux_arm64.tgz" && \ tar xf \ /tmp/coredns.tar.gz -C \ /app && \ echo "**** clean up ****" && \ rm -rf \ /tmp/* \ /var/lib/apt/lists/* \ /var/tmp/* # add local files COPY /root / # ports and volumes EXPOSE 51820/udp