HGKeeper

1c9f750990ce

We need ca-certificates at runtime so just do a single stage image

# The actual image with fail2ban

FROM debian:buster-slim

RUN set -ex && \

apt-get update && \

apt-get install --no-install-recommends -y ca-certificates fail2ban wget && \

apt-get clean && \

rm -rf /var/lib/apt/lists && \

rm -f /etc/fail2ban/jail.d/* && \

mkdir -p /var/run/fail2ban

ENV DOCTL_VERSION=1.18.0

RUN set -ex && \

cd /tmp && \

wget https://github.com/digitalocean/doctl/releases/download/v${DOCTL_VERSION}/doctl-${DOCTL_VERSION}-linux-amd64.tar.gz -O doctl.tar.gz && \

wget https://github.com/digitalocean/doctl/releases/download/v${DOCTL_VERSION}/doctl-${DOCTL_VERSION}-linux-amd64.sha256 -O doctl.sha256 && \

tar zxf doctl.tar.gz && \

sha256sum -c doctl.sha256 && \

chmod +x doctl && \

mv doctl /usr/local/bin && \

rm doctl.tar.gz doctl.sha256

CMD ["/usr/bin/fail2ban-server", "-f", "--logtarget", "stdout"]