updates for the Debian Dockerfile (#2234)

* default to Debian bookworm

* use DEBIAN_VERSION instead of lsb_release; gosu is in Debian since buster

* update comments for FS_META_PACKAGE and exposed ports

* fix SHELL invocation so 'RUN' works as expected in downstream builds

See:  https://docs.docker.com/engine/reference/builder/#shell

docker/master/Dockerfile

@@ -1,56 +1,61 @@
 # vim:set ft=dockerfile:
-ARG DEBIAN_VERSION=buster
+ARG DEBIAN_VERSION=bookworm
 FROM debian:${DEBIAN_VERSION}
+
+# ARGs are cleared after every FROM
+# see: https://docs.docker.com/engine/reference/builder/#understand-how-arg-and-from-interact
+ARG DEBIAN_VERSION
 ARG TOKEN
 
+# By default, install the full set of FreeSWITCH packages.  Specify an alternative with:
+#   --build-arg="FS_META_PACKAGE=freeswitch-meta-vanilla"
+# alternatives include:
+#   freeswitch-meta-bare
+#   freeswitch-meta-vanilla
+#   freeswitch-meta-sorbet
+#   freeswitch-meta-all-dbg
+ARG FS_META_PACKAGE=freeswitch-meta-all
+
 # Source Dockerfile:
 # https://github.com/docker-library/postgres/blob/master/9.4/Dockerfile
 
 # explicitly set user/group IDs
 RUN groupadd -r freeswitch --gid=999 && useradd -r -g freeswitch --uid=999 freeswitch
 
-# grab gosu for easy step-down from root
-RUN apt-get update && apt-get install -y --no-install-recommends dirmngr gnupg2 ca-certificates wget \
-    && gpg2 --keyserver hkp://keyserver.ubuntu.com --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \
-    && gpg2 --keyserver hkp://keyserver.ubuntu.com --recv-keys 655DA1341B5207915210AFE936B4249FA7B0FB03 \
-    && gpg2 --output /usr/share/keyrings/signalwire-freeswitch-repo.gpg --export 655DA1341B5207915210AFE936B4249FA7B0FB03 \
-    && rm -rf /var/lib/apt/lists/* \
-    && wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/1.2/gosu-$(dpkg --print-architecture)" \
-    && wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/1.2/gosu-$(dpkg --print-architecture).asc" \
-    && gpg --verify /usr/local/bin/gosu.asc \
-    && rm /usr/local/bin/gosu.asc \
-    && chmod +x /usr/local/bin/gosu \
-    && apt-get purge -y --auto-remove ca-certificates wget dirmngr gnupg2
-
 # make the "en_US.UTF-8" locale so freeswitch will be utf-8 enabled by default
-RUN apt-get update && apt-get install -y locales && rm -rf /var/lib/apt/lists/* \
+RUN apt-get update -qq \
+    && apt-get install -y --no-install-recommends ca-certificates gnupg2 gosu locales wget \
     && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8
 ENV LANG en_US.utf8
 
 # https://freeswitch.org/confluence/display/FREESWITCH/Debian
+# https://developer.signalwire.com/freeswitch/FreeSWITCH-Explained/Installation/Linux/Debian_67240088/
 
-RUN apt-get update && apt-get install ca-certificates lsb-release -y --no-install-recommends \
+RUN wget --no-verbose --http-user=signalwire --http-password=${TOKEN} \
+      -O /usr/share/keyrings/signalwire-freeswitch-repo.gpg \
+      https://freeswitch.signalwire.com/repo/deb/debian-release/signalwire-freeswitch-repo.gpg \
     && echo "machine freeswitch.signalwire.com login signalwire password ${TOKEN}" > /etc/apt/auth.conf \
-    && echo "deb [signed-by=/usr/share/keyrings/signalwire-freeswitch-repo.gpg] https://freeswitch.signalwire.com/repo/deb/debian-release/ `lsb_release -sc` main" > /etc/apt/sources.list.d/freeswitch.list \
+    && echo "deb [signed-by=/usr/share/keyrings/signalwire-freeswitch-repo.gpg] https://freeswitch.signalwire.com/repo/deb/debian-release/ ${DEBIAN_VERSION} main" > /etc/apt/sources.list.d/freeswitch.list \
-    && apt-get update && apt-get install -y freeswitch-all \
+    && apt-get -qq update \
-    && apt-get purge -y --auto-remove ca-certificates lsb-release \
+    && apt-get install -y ${FS_META_PACKAGE} \
+    && apt-get purge -y --auto-remove \
     && apt-get clean && rm -rf /var/lib/apt/lists/*
 
 COPY docker-entrypoint.sh /
 # Add anything else here
 
 ## Ports
-# Open the container up to the world.
+# Document ports used by this container
-### 8021 fs_cli, 5060 5061 5080 5081 sip and sips, 64535-65535 rtp
+### 8021 fs_cli, 5060 5061 5080 5081 sip and sips, 5066 ws, 7443 wss, 8081 8082 verto, 16384-32768, 64535-65535 rtp
 EXPOSE 8021/tcp
 EXPOSE 5060/tcp 5060/udp 5080/tcp 5080/udp
 EXPOSE 5061/tcp 5061/udp 5081/tcp 5081/udp
+EXPOSE 5066/tcp
 EXPOSE 7443/tcp
-EXPOSE 5070/udp 5070/tcp
+EXPOSE 8081/tcp 8082/tcp
 EXPOSE 64535-65535/udp
 EXPOSE 16384-32768/udp
 
-
 # Volumes
 ## Freeswitch Configuration
 VOLUME ["/etc/freeswitch"]
@@ -61,11 +66,9 @@ VOLUME ["/tmp"]
 COPY    build/freeswitch.limits.conf /etc/security/limits.d/
 
 # Healthcheck to make sure the service is running
-SHELL       ["/bin/bash"]
+SHELL       ["/bin/bash", "-c"]
 HEALTHCHECK --interval=15s --timeout=5s \
     CMD  fs_cli -x status | grep -q ^UP || exit 1
 
 ENTRYPOINT ["/docker-entrypoint.sh"]
-
-
 CMD ["freeswitch"]