__exec_command was using ${arg:-} which only captured the first element
of the args array, then ran it through "$shell" $pre_exec "$cmdExec"
which effectively discarded everything after $1.
Running `docker run image sh -c 'go build ...'` would:
1. Set arg=("sh" "-c" "go build ...")
2. Set cmdExec="sh" (only first element)
3. Run bash --login -c "sh" (dropping -c and the actual command)
This broke any Makefile GO_DOCKER pattern that relied on passing multi-arg
commands. Simplified to just `exec "$@"` which passes all args through.
- rootfs/usr/local/etc/docker/functions/entrypoint.sh: rewrite __exec_command
rootfs/usr/local/etc/docker/functions/entrypoint.sh
__setup_mta calls __find_replace on /etc/ssmtp/revaliases which returns
1 when the symlink it creates is broken. With set -o pipefail active the
non-zero return kills the entire entrypoint before any command can run.
ssmtp is not installed in this image and email delivery is not a feature
of this image, so the MTA setup failure is irrelevant. Guard the call
with || true so initialization continues regardless.
- rootfs/usr/local/bin/entrypoint.sh: __setup_mta || true (non-fatal)
rootfs/usr/local/bin/entrypoint.sh
The grep -vF line that appends /usr/local/etc/hosts entries had a
duplicate 2>/dev/null redirect after the append operator, which is
a no-op but clutters the script. Synced from template.
- rootfs/usr/local/bin/entrypoint.sh: remove duplicate 2>/dev/null
from grep -vF /etc/hosts append line; bump version to 202606261500-git
rootfs/usr/local/bin/entrypoint.sh
--domainname on the container sets the kernel domainname, which c-ares
uses to infer a search domain even when /etc/resolv.conf has no search
line. This caused c-ares to query github.com.casjay.work AAAA and get
the host's own IPv6 address, routing all outbound HTTPS to the local
nginx instead of the real server.
Adding 'search .' and 'options ndots:0' explicitly disables search
domain inference regardless of the kernel domainname setting.
- rootfs/usr/local/etc/resolv.conf: add search . and options ndots:0
rootfs/usr/local/etc/resolv.conf
Hosts with a search domain cause containers to inherit it. When the
zone has a wildcard AAAA record, public hostnames resolve to the host's
own IPv6 address instead of the real server, breaking all outbound
HTTPS and DNS from inside the container.
The entrypoint already has a hook: if /usr/local/etc/resolv.conf
exists it replaces /etc/resolv.conf at container startup. Ship a
clean resolv.conf with Cloudflare + Google DNS and no search domain
so container DNS is always correct regardless of host configuration.
- rootfs/usr/local/etc/resolv.conf: new file — clean DNS, no search domain
rootfs/usr/local/etc/resolv.conf
Synced from casjay-dotfiles templates. Updated functions now check
for existence before copying template-files directories, skipping
gracefully when they are absent.
- rootfs/usr/local/etc/docker/functions/entrypoint.sh: updated to latest
rootfs/usr/local/etc/docker/functions/entrypoint.sh
18.04 and 20.04 were pointing to old-releases.ubuntu.com for bionic/focal,
which returns 404s (those releases have been removed from old-releases).
24.10 arm64 was using old-releases.ports.ubuntu.com which doesn't exist —
old-releases.ubuntu.com serves all architectures.
26.04 was trying to pull casjaysdev/ubuntu:26.04 as its base, causing a
chicken-and-egg failure since that image hasn't been built yet.
- Dockerfile.18.04: switch amd64 mirror to archive.ubuntu.com/security.ubuntu.com, arm64 to ports.ubuntu.com/ubuntu-ports
- Dockerfile.20.04: same mirror fix as 18.04 for focal
- Dockerfile.24.10: unify arm64 old-releases to old-releases.ubuntu.com/ubuntu (no ports variant exists)
- Dockerfile.26.04: change PULL_URL from casjaysdev/ubuntu to ubuntu to bootstrap from official base image
Dockerfile.18.04
Dockerfile.20.04
Dockerfile.24.10
Dockerfile.26.04
Update the embedded entrypoint copies in rootfs/ to match the
upstream template change. Internal state files renamed to dotfiles
so they're not matched by `/run/*.pid` cleanup globs:
- /run/init.d/entrypoint.pid -> /run/.entrypoint.pid
- /run/no_exit.pid -> /run/.no_exit.pid
- /run/backup.pid -> /run/.backup.pid
- /run/__start_init_scripts.pid -> /run/.start_init_scripts.pid
Per-service PIDs in /run/init.d/ are unchanged.
rootfs/usr/local/bin/copy
rootfs/usr/local/bin/entrypoint.sh
rootfs/usr/local/bin/healthcheck
rootfs/usr/local/bin/symlink
rootfs/usr/local/etc/docker/functions/entrypoint.sh
rootfs/usr/local/share/template-files/config/env/default.sample
rootfs/usr/local/share/template-files/config/env/examples/zz-entrypoint.sh
- Replace sed-based old-releases redirect with architecture-aware mirror selection
- Use official archive.ubuntu.com for amd64/i386 and ports.ubuntu.com for other architectures
- Rewrite sources.list directly with explicit bionic, bionic-updates, bionic-backports, and bionic-security entries
- Ensures correct package sources are used without relying on old-releases fallback
Dockerfile.18.04
jason
