resolve merge conflicts

.travis.yml

@@ -72,9 +72,10 @@ stages:
       apt:
         sources: *default_sources
         packages: *default_packages
+    env: DEPLOY=docker
     before_install: *provisioning
     before_script:
-      - docker build -t travis/algo .
+      - make docker-build
       - ./tests/local-deploy.sh
       - ./tests/update-users.sh
     script: *tests

Dockerfile

@@ -17,10 +17,7 @@ WORKDIR /algo
 COPY requirements.txt .
 RUN apk --no-cache add ${BUILD_PACKAGES} && \
     python -m pip --no-cache-dir install -U pip && \
-    python -m pip --no-cache-dir install virtualenv && \
+    python -m pip --no-cache-dir install -r requirements.txt --no-use-pep51 && \
-    python -m virtualenv env && \
-    source env/bin/activate && \
-    python -m pip --no-cache-dir install -r requirements.txt && \
     apk del ${BUILD_PACKAGES}
 COPY . .
 RUN chmod 0755 /algo/algo-docker.sh

Makefile

@@ -0,0 +1,66 @@
+## docker-build: Build and tag a docker image
+.PHONY: docker-build
+
+IMAGE          := trailofbits/algo
+TAG	  	       := latest
+DOCKERFILE     := Dockerfile
+CONFIGURATIONS := $(shell pwd)
+
+docker-build:
+	docker build \
+	-t $(IMAGE):$(TAG) \
+	-f $(DOCKERFILE) \
+	.
+
+## docker-deploy: Mount config directory and deploy Algo
+.PHONY: docker-deploy
+
+# Set VIRTUAL_ENV for algo.
+docker-deploy:
+	docker run \
+	--cap-drop=all \
+	--rm \
+	-it \
+	-v $(CONFIGURATIONS):/data \
+	$(IMAGE):$(TAG)
+
+## docker-clean: Remove images and containers.
+.PHONY: docker-clean
+
+docker-clean:
+	docker images \
+	$(IMAGE) |\
+	awk '{if (NR>1) print $$3}' |\
+	xargs docker rmi
+
+## docker-all: Build, Deploy, Rinse
+.PHONY: docker-all
+
+## docker-ci-local
+.PHONY: docker-ci-local
+
+DEPLOY_ARGS := 'provider=local server=10.0.8.100 ssh_user=ubuntu endpoint=10.0.8.100 apparmor_enabled=false ondemand_cellular=true ondemand_wifi=true ondemand_wifi_exclude=test local_dns=true ssh_tunneling=true windows=true store_cakey=true install_headers=false tests=true'
+
+docker-ci-local:
+	docker run \
+	-it \
+	-v $(shell pwd)/config.cfg:/algo/config.cfg \
+	-v $(shell echo ${HOME})/.ssh:/root/.ssh \
+	-v $(shell pwd)/configs:/algo/configs \
+	-e "DEPLOY_ARGS=$(DEPLOY_ARGS)" \
+	trailofbits/algo:latest /bin/sh -c "chown -R root: /root/.ssh && chmod -R 600 /root/.ssh && ansible-playbook main.yml -e ${DEPLOY_ARGS} --skip-tags apparmor"
+
+## docker-ci-user-update
+.PHONY: docker-ci-user-update
+
+USER_ARGS := '{ 'server': '10.0.8.100', 'users': ['desktop', 'user1', 'user2'] }'
+
+docker-ci-user-update:
+	docker run \
+	-v $(shell pwd)/config.cfg:/algo/config.cfg \
+	-v $(shell echo ${HOME})/.ssh:/root/.ssh \
+	-v $(shell pwd)/configs:/algo/configs \
+	-e "USER_ARGS=$(USER_ARGS)" \
+	trailofbits/algo:latest /bin/sh -c "ansible-playbook users.yml -e ${USER_ARGS} -t update-users"
+
+all: docker-build docker-deploy docker-clean

docs/deploy-from-docker.md

@@ -50,6 +50,15 @@ $ docker run --cap-drop=all -it \
 
 You can use the Dockerfile provided in this repository as-is, or modify it to suit your needs. Further instructions on building an image can be found in the [Docker engine](https://docs.docker.com/engine/) documents.
 
+## Deploying an Algo Server with a Docker Makefile
+
+A `Makefile` is included as a convenience for Docker users which aims to simplify some of the command syntax. 
+**This has not been tested in a Windows environment.**
+
+1. From the project's root run `make docker-build`. This builds a Docker image labeled `trailofbits/algo:latest`. These values can be changed in the `Makefile` itself.
+2. Run `make docker-deploy`. By default this will use the given copy of `config.cfg` and populate the project's root `~/configs/` directory with your client configuration data. If you would rather use a local directory and `config.cfg` file, then follow steps 2 and 3 before changing the `CONFIGURATIONS` variable in the `Makefile`.
+3. If desired, `make docker-clean` will remove the image.
+
 ## Security Considerations
 
 Using Docker is largely no different from running Algo yourself, with a couple of notable exceptions: we run as root within the container, and you're retrieving your content from Docker Hub.

tests/local-deploy.sh

@@ -6,7 +6,7 @@ DEPLOY_ARGS="provider=local server=10.0.8.100 ssh_user=ubuntu endpoint=10.0.8.10
 
 if [ "${DEPLOY}" == "docker" ]
 then
-  docker run -it -v $(pwd)/config.cfg:/algo/config.cfg -v ~/.ssh:/root/.ssh -v $(pwd)/configs:/algo/configs -e "DEPLOY_ARGS=${DEPLOY_ARGS}" travis/algo /bin/sh -c "chown -R root: /root/.ssh && chmod -R 600 /root/.ssh && source env/bin/activate && ansible-playbook main.yml -e \"${DEPLOY_ARGS}\" --skip-tags apparmor"
+  make docker-ci-local
 else
   ansible-playbook main.yml -e "${DEPLOY_ARGS}" --skip-tags apparmor
 fi

tests/update-users.sh

@@ -6,7 +6,7 @@ USER_ARGS="{ 'server': '10.0.8.100', 'users': ['desktop', 'user1', 'user2'], 'lo
 
 if [ "${DEPLOY}" == "docker" ]
 then
-  docker run -it -v $(pwd)/config.cfg:/algo/config.cfg -v ~/.ssh:/root/.ssh -v $(pwd)/configs:/algo/configs -e "USER_ARGS=${USER_ARGS}" travis/algo /bin/sh -c "chown -R root: /root/.ssh && chmod -R 600 /root/.ssh && source env/bin/activate && ansible-playbook users.yml -e \"${USER_ARGS}\" -t update-users"
+  make docker-ci-user-update
 else
   ansible-playbook users.yml -e "${USER_ARGS}" -t update-users
 fi