{"id":16623675,"url":"https://github.com/jandelgado/lede-dockerbuilder","last_synced_at":"2026-03-05T11:32:28.279Z","repository":{"id":23316582,"uuid":"91029321","full_name":"jandelgado/lede-dockerbuilder","owner":"jandelgado","description":"A (container based) LEDE/OpenWrt image builder.","archived":false,"fork":false,"pushed_at":"2025-02-09T19:12:02.000Z","size":135,"stargazers_count":64,"open_issues_count":0,"forks_count":22,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-05-20T00:07:15.351Z","etag":null,"topics":["container","docker","image-builder","lede","lede-image","nerdctl","nix-shell","openwrt","podman"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jandelgado.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-05-11T22:40:24.000Z","updated_at":"2025-03-17T10:38:14.000Z","dependencies_parsed_at":"2025-01-10T13:35:05.742Z","dependency_job_id":"966c3c60-2868-4af9-8eeb-cf0420218142","html_url":"https://github.com/jandelgado/lede-dockerbuilder","commit_stats":{"total_commits":70,"total_committers":3,"mean_commits":"23.333333333333332","dds":0.02857142857142858,"last_synced_commit":"0f25f0c06dbfa65cb78e7013c968734cf1b8cf6a"},"previous_names":[],"tags_count":24,"template":false,"template_full_name":null,"purl":"pkg:github/jandelgado/lede-dockerbuilder","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jandelgado%2Flede-dockerbuilder","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jandelgado%2Flede-dockerbuilder/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jandelgado%2Flede-dockerbuilder/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jandelgado%2Flede-dockerbuilder/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jandelgado","download_url":"https://codeload.github.com/jandelgado/lede-dockerbuilder/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jandelgado%2Flede-dockerbuilder/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30122140,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-05T11:11:57.947Z","status":"ssl_error","status_checked_at":"2026-03-05T11:11:29.001Z","response_time":93,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["container","docker","image-builder","lede","lede-image","nerdctl","nix-shell","openwrt","podman"],"created_at":"2024-10-12T03:24:35.097Z","updated_at":"2026-03-05T11:32:28.256Z","avatar_url":"https://github.com/jandelgado.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Containerized OpenWrt image builder\n\n[![test](https://github.com/jandelgado/lede-dockerbuilder/actions/workflows/test.yml/badge.svg)](https://github.com/jandelgado/lede-dockerbuilder/actions/workflows/test.yml)\n\n\u003c!-- vim-markdown-toc GFM --\u003e\n\n* [What](#what)\n  * [Note](#note)\n* [Why](#why)\n* [How](#how)\n  * [Using docker](#using-docker)\n  * [Using nix-shell](#using-nix-shell)\n  * [Usage](#usage)\n    * [Builder runtime](#builder-runtime)\n  * [Configuration file](#configuration-file)\n  * [File system overlay](#file-system-overlay)\n  * [Example directory structure](#example-directory-structure)\n    * [Debugging](#debugging)\n* [Examples](#examples)\n  * [Building a x86_64 image and running it in qemu](#building-a-x86_64-image-and-running-it-in-qemu)\n* [Building an OpenWrt snapshot release](#building-an-openwrt-snapshot-release)\n* [Author](#author)\n* [License](#license)\n\n\u003c!-- vim-markdown-toc --\u003e\n\n## What\n\nEasily and quickly build [OpenWrt](https://openwrt.org/) custom images (e.g.\nfor your embedded device or a Raspberry PI) using a self-contained docker\ncontainer or a [nix-shell](https://nixos.wiki/wiki/Development_environment_with_nix-shell) and the [OpenWrt image\nbuilder](https://openwrt.org/docs/guide-user/additional-software/imagebuilder).\nOn the builder host, Docker, podman/buildah (for dockerless operation) or nix-shell is the\nonly requirement. Supports latest OpenWrt release (24.10.x).\n\n### Note\n\nThe OpenWrt imagebuilder uses pre-compiled packages to build the final image.\nGo [here](https://github.com/jandelgado/lede-dockercompiler) if you are looking\nfor a docker images to compile OpenWrt completely from source.\n\n## Why\n\n* customized and optimized (size) images with your personal configurations\n* full automatic image creation (could be run in CI)\n* repeatable builds\n* easy configuration, fast build\n\n## How\n\n### Using docker\n\n```text\n$ git clone https://github.com/jandelgado/lede-dockerbuilder.git\n$ cd lede-dockerbuilder\n$ ./builder.sh build-docker-image example-nexx-wt3020.conf\n$ ./builder.sh build example-nexx-wt3020.conf\n```\n\nThe `build-docker-image` command will first build the docker image containing\nthe actual image builder. The resulting docker image is per default tagged with\n`openwrt-imagebuilder:\u003cRelease\u003e-\u003cTarget\u003e-\u003cSubtarget\u003e`.  The `build` command\nwill afterwards run a container, which builds the actual OpenWrt image. The\nfinal OpenWrt image will be available in the `output/` directory.\n\n### Using nix-shell\n\n```\n$ git clone https://github.com/jandelgado/lede-dockerbuilder.git\n$ cd lede-dockerbuilder\n$ ./builder.sh build example-nexx-wt3020.conf --nix\n```\n\nUsing `nix-shell` does not require building a container image or starting a\ncontainer first, therefore it is usually faster.\n\n### Usage\n\n```\nDockerized LEDE/OpenWRT image builder.\n\nUsage: $1 COMMAND CONFIGFILE [OPTIONS]\n  COMMAND is one of:\n    build-docker-image - build the docker image (run once first)\n    profiles           - show available profiles for current configuration\n    build              - start container and build the LEDE/OpenWRT image\n    shell              - start shell in the build dir\n  CONFIGFILE           - configuraton file to use\n\n  OPTIONS:\n  -o OUTPUT_DIR        - output directory (default $OUTPUT_DIR)\n  --docker-opts OPTS   - additional options to pass to docker run\n                         (can occur multiple times)\n  -f ROOTFS_OVERLAY    - rootfs-overlay directory (default $ROOTFS_OVERLAY)\n  --sudo               - call container tool with sudo\n  --podman             - use buildah and podman to build and run container\n  --nerdctl            - use nerdctl to build and run container\n  --docker             - use docker to build and run container (default)\n  --nix                - build using nix-shell\n\n  command line options -o, -f override config file settings.\n\nExample:\n  # build the builder docker image first\n  ./builder.sh build-docker-image example-glinet-gl-ar750.conf\n\n  # now build the OpenWrt image, overriding output and rootfs locations\n  ./builder.sh build example-glinet-gl-ar750.conf -o output -f myrootfs\n\n  # show available profiles for the arch/target/subtarget of the given configuration\n  ./builder.sh profiles example-glinet-gl-ar750.conf\n\n  # pass additional docker options: mount downloads to host directory during build\n  ./builder.sh build example-glinet-gl-ar750.conf --docker-opts \"-v=$(pwd)/dl:/lede/imagebuilder/dl:z\"\n\n  # use nix to build the OpenWrt image, no need to build a container first\n  ./builder.sh build example-x86_64.conf --nix\n\n```\n\n#### Builder runtime\n\n* By default docker will be used to build and run the container.\n* When called with `--podman` option, lede-dockerbuilder will use buildah and\n  podman to build and run the container.\n* When called with `--nerdctl` option, lede-dockerbuilder will use nerdctl to\n  build and run the container.\n* Use the `--sudo` option to run the container command with sudo.\n* Use the `--nix` option to run the build in a [nix-shell](shell.nix) (instead\n  of using a container runtime)\n\nWhen using a container builder like docker, the build container will be newly\ncreated on every build. When using the nix builder, the build environment will\nbe reused, which is ususally faster. By default, the nix build environments are\ninstalled in the `.build` directory, relative to the `builder.sh` script. This\ncan be overriden with the `NIX_BUILD_DIR` environment variable.\n\n### Configuration file\n\nThe configuration file is quiet self-explanatory. The following parameters are\nmandatory (prefixed with `LEDE_` for historical reasons, config works also\nwith OpenWrt):\n\n* `LEDE_TARGET` - Target architecture\n* `LEDE_SUBTARGET` - Sub target architecture\n* `LEDE_RELEASE` - Release to use\n* `LEDE_PROFILE` - Profile to use\n* `LEDE_PACKAGES` - list of packages to include/exclude. Prepend package to be excluded with `-`\n* `LEDE_DISABLED_SERVICES` - list of services to disable on startup in /etc/init.d\n\n`LEDE_TARGET`, `LEDE_SUBTARGET` and `LEDE_RELEASE` are used to construct the\nURL of the image builder binary well as for the construction for the tag of the\ndocker image.\n\nYou can find the proper values by browsing the OpenWrt website e.g.\n[here](https://openwrt.org/docs/techref/targets/start)  and\n[here](https://openwrt.org/toh/views/toh_admin_fw-pkg-download).\n\nIn addition the following optional parameters can be set, to further control\noutput and image creation:\n\n* `OUTPUT_DIR` - path where resulting images are stored. Defaults to `output`\n  in the scripts directory (can be overridden by -o parameter). Will be\n  automatically created.\n* `ROOTFS_OVERLAY` - path of the root file system overlay directory. Defaults\n  to `rootfs-overlay` in the scripts directory (can be overridden by -f\n  parameter).\n* `LEDE_BUILDER_URL` - URL of the LEDE/OpenWrt image builder to use, override\n   if you do not wish to use the default builder\n   (`https://downloads.openwrt.org/releases/$LEDE_RELEASE/targets/$LEDE_TARGET/$LEDE_SUBTARGET/openwrt-imagebuilder-$LEDE_RELEASE-$LEDE_TARGET-$LEDE_SUBTARGET.Linux-x86_64.tar.xz`)\n* `REPOSITORIES_CONF` - optional file file to use instead of the default\n  `repositories.conf`. The file will be mounted in the container.\n  Look at the [official documentation](https://openwrt.org/docs/guide-user/additional-software/imagebuilder#add_package_repositories_optional)\n  for more information.\n\nUse the `BASEDIR_CONFIG_FILE` variable to set locations of `OUTPUT_DIR` or\n`ROOTFS_OVERLAY` relative to the configuration files location. This allows\nself-contained projects outside of the lede-dockerbuilder folder. If e.g.\n`ROOTFS_OVERLAY=$BASEDIR_CONFIG_FILE/rootfs-overlay` is set, then the\nrootfs-overlay directory is expected to be in the same directory as the\nconfiguration file.\n\n[Example configuration](example-nexx-wt3020.conf) for my [NEXX\nWT3020](https://openwrt.org/toh/nexx/wt3020) router, where I have an\nencrypted USB disk attached so I can use it as a simple NAS with samba and ftp:\n\n```\n# LEDE profile to use: NEXX WT3020\nLEDE_PROFILE=nexx_wt3020-8m\nLEDE_RELEASE=23.05.0\nLEDE_TARGET=ramips\nLEDE_SUBTARGET=mt7620\n\n# list packages to include in LEDE image. prepend packages to deinstall with \"-\".\n#\n# include all packages to build a mobile NAS supporting disk encryption:\n# ksmbd (samba4 is too large now for the WT3020's 8MB), cryptsetup.\n# see https://github.com/namjaejeon/ksmbd-tools for ksmbd info.\nLEDE_PACKAGES=\"ksmbd-server lsblk block-mount\\\n    kmod-usb-storage-uas kmod-scsi-core ntfs-3g\\\n    kmod-nls-iso8859-1 cryptsetup kmod-crypto-xts\\\n    kmod-mt76 kmod-usb2 kmod-usb-ohci kmod-usb-core kmod-dm kmod-crypto-ecb\\\n    kmod-crypto-misc kmod-crypto-cbc kmod-crypto-crc32c kmod-crypto-hash\\\n    kmod-crypto-user\\\n    -ppp -kmod-ppp -kmod-pppoe -kmod-pppox -ppp-mod-pppoe -opkg\\\n    -ip6tables -odhcp6c -kmod-ipv6 -kmod-ip6tables -odhcpd-ipv6only\"\n\n# optionally override OUTPUT_DIR and ROOTFS_OVERLAY directory location here\n```\n\n### File system overlay\n\nPlace any files and folders that should be copied to the root file system of\nthe resulting image to the directory pointed to by `ROOTFS_OVERLAY` (default:\n`rootfs-overlay/`), which can be overridden by the -f command line option.\n\n### Example directory structure\n\nThe following is an example directoy layout, which I use to create a customized\nOpenWrt image for my [NEXX WT3020](https://openwrt.org/toh/nexx/wt3020)\nrouter (including the generated output).\n\n```\n├── builder.sh\n├── docker\n│   ├── Dockerfile\n│   └── etc\n│        └── entrypoint.sh\n├── example.cfg\n├── example-openwrt.cfg\n├── output\n│   ├── openwrt-xx.yy.z-ramips-mt7620-device-wt3020-8m.manifest\n│   ├── openwrt-xx.yy.z-ramips-mt7620-wt3020-8M-squashfs-factory.bin\n│   ├── openwrt-xx.yy.z-ramips-mt7620-wt3020-8M-squashfs-sysupgrade.bin\n│   └── sha256sums\n├── README.md\n└── rootfs-overlay\n    ├── etc\n    │   ├── config\n    │   │   ├── dhcp\n    │   │   ├── dropbear\n    │   │   ├── firewall\n    │   │   ├── network\n    │   │   ├── samba\n    │   │   ├── system\n    │   │   ├── wireless\n    │   ├── dropbear\n    │   │   └── authorized_keys\n    │   ├── hotplug.d\n    │   │   └── block\n    │   │       └── 10-mount\n    │   ├── passwd\n    │   ├── rc.local\n    │   ├── shadow\n    │   └── vsftpd.conf\n    ├── README.md\n    └── usr\n        └── local\n            └── bin\n                └── fix_sta_ap.sh\n```\n\n#### Debugging\n\nRun `./builder.sh shell CONFIGFILE` to get a shell into the docker container,\ne.g. `./builder.sh shell example.cfg`.\n\n## Examples\n\nThese examples evolved from images I use myself.\n\n* [image with LUCI web GUI for the Raspberry PI 2](example-rpi2.conf).\n  Just ~8MB gziped. I use this image on my home dnsmasq/openvpn 'server'.\n* [image with LUCI web GUI and adblocker for the Raspberry PI 4](example-rpi4.conf)\n* [image for the TP-Link WR1043ND](example-wrt1043nd.conf)\n* [image with samba, vsftpd and encrypted usb disk for\n  NEXX-WT3020](example-nexx-wt3020.conf). Is the predessor of ...\n* [image with samba, vsftpd and encrypted usb disk for\n  GINET-GL-M300N V2](example-glinet-gl-mt300n-v2.conf). Is the predessor of ...\n* [image with samba, vsftpd, adblock and encrypted usb disk for\n  GINET-GL-AR750](example-glinet-gl-ar750.conf). This is my travel router\n  setup where I have an encrypted USB disk connected to the router, accessible\n  through SMB or FTP and have an adblocker running. Useful if you travel much.\n\nTo build an example run `./builder.sh build \u003cconfig-file\u003e`, e.g.\n\n```text\n$ ./builder.sh build example-rpi2.conf\n```\n\nThe resulting image can be found in the `output/` directory. The [OpenWrt\nwiki](https://openwrt.org/docs/guide-user/installation/generic.sysupgrade)\ndescribes how to flash the new image in detail.\n\n### Building a x86_64 image and running it in qemu\n\nThe [example-x86_64.conf](example-x86_64.conf) file can be used to build a\nx86_64 based OpenWrt image which can also be run in qemu, e.g., if you need\na virtual router/firewall.\n\nFirst build the image with `builder.sh build example-x86_64.conf`, then unpack\nthe resulting image with e.g. `gunzip\noutput/openwrt-24.10.0-x86-64-generic-ext4-combined.img.gz`.  Finally the image\ncan be started with qemu (or simply use [run_in_qemu.sh](etc/run_in_qemu.sh))\n\n```text\nqemu-system-x86_64 \\\n    -enable-kvm \\\n    -nographic \\\n    -device ide-hd,drive=d0,bus=ide.0 \\\n    -device virtio-net-pci,netdev=hn0,id=lan \\\n    -netdev user,id=hn0,net=192.168.1.0/24,host=192.168.1.2,hostfwd=tcp::1122-192.168.1.1:22,hostfwd=tcp::8443-192.168.1.1:443\\\n    -device virtio-net-pci,netdev=hn1,id=wan \\\n    -netdev user,id=hn1\\\n    -drive id=d0,if=none,file=\"$IMG\"\n```\n\nQemu will assign the IP address `10.0.2.15/24` to the `WAN` interface (`eth1`)\nand OpenWrt the address `192.168.1.1/24` to the `LAN` (`br-lan` bridge with\n`eth0`) interface.\n\nPort `1122` will be forwarded to the OpenWrt VMs port `22` (ssh), and port\n`8443` will be forwarded to port `443` , allowing to access luci using a\nweb browser from the host under `https://localhost:8443`.\n\nNote: inside Qemu, press `CTRL-a` + `x` to exit.\n\n## Building an OpenWrt snapshot release\n\nTo build a [snapshot](https://downloads.openwrt.org/snapshots) release, set\n`LEDE_RELEASE` to `snapshots` and let `LEDE_BUILDER_URL` point to the image\nbuilder in the snapshot dir, e.g.\n\n```text\nLEDE_RELEASE=snapshots\nLEDE_BUILDER_URL=\"https://downloads.openwrt.org/$LEDE_RELEASE/targets/$LEDE_TARGET/$LEDE_SUBTARGET/openwrt-imagebuilder-$LEDE_TARGET-$LEDE_SUBTARGET.Linux-x86_64.tar.xz\"\n```\n\nSee the [this example](example-x86_64-snapshot.conf) which builds an x86_64\nimage using the snapshot release.\n\n## Author\n\n(C) Copyright 2017-2022 by Jan Delgado\n\n## License\n\nApache License 2.0\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjandelgado%2Flede-dockerbuilder","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjandelgado%2Flede-dockerbuilder","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjandelgado%2Flede-dockerbuilder/lists"}