Pre-load SSH keys.
This commit is contained in:
parent
3800053073
commit
43c85cdf5b
3 changed files with 34 additions and 4 deletions
12
Dockerfile
12
Dockerfile
|
|
@ -6,7 +6,7 @@ RUN apt-get update
|
|||
|
||||
|
||||
# Install supervisor for managing services
|
||||
RUN apt-get install -q -y supervisor cron openssh-server pwgen reprepro screen vim-tiny
|
||||
RUN apt-get install -q -y supervisor cron openssh-server pwgen reprepro screen vim-tiny sudo
|
||||
|
||||
RUN service supervisor stop
|
||||
ADD configs/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
|
||||
|
|
@ -20,13 +20,21 @@ RUN sed -i 's/\(session *required *pam_loginuid.so\)/#\1/' /etc/pam.d/cron
|
|||
# Install ssh
|
||||
ADD configs/supervisor-ssh.conf /etc/supervisor/conf.d/ssh.conf
|
||||
RUN mkdir /var/run/sshd
|
||||
RUN service ssh start ; sleep 1
|
||||
RUN service ssh stop
|
||||
|
||||
# Setup root & sudo access
|
||||
RUN echo "root:docker" | chpasswd
|
||||
RUN echo %sudo ALL=NOPASSWD: ALL >> /etc/sudoers
|
||||
|
||||
|
||||
ENV DEBIAN_FRONTEND newt
|
||||
|
||||
ADD scripts/start.sh /start.sh
|
||||
RUN chmod 755 /start.sh
|
||||
|
||||
VOLUME /data
|
||||
VOLUME ["/docker/keys", "/docker/incoming"]
|
||||
|
||||
EXPOSE 80
|
||||
EXPOSE 22
|
||||
CMD ["/bin/bash", "/start.sh"]
|
||||
|
|
|
|||
11
Makefile
11
Makefile
|
|
@ -1,7 +1,16 @@
|
|||
DEBUG=0
|
||||
|
||||
ifeq ($(DEBUG),0)
|
||||
RUNCMD=
|
||||
else
|
||||
RUNCMD=-i /bin/bash
|
||||
endif
|
||||
|
||||
build:
|
||||
docker build -t glenux/debian-repo .
|
||||
|
||||
run:
|
||||
docker run -i -t glenux/debian-repo /bin/bash
|
||||
ID=$$(docker run -v $$(pwd)/keys:/docker/keys -d -t glenux/debian-repo $(RUNCMD)); \
|
||||
(docker inspect $$ID |sed -n -e 's/.*"IPAddress": "\(.*\)".*/\1/p'); \
|
||||
docker logs -f $$ID
|
||||
|
||||
|
|
|
|||
|
|
@ -3,14 +3,27 @@
|
|||
# Many thanks to John Fink <john.fink@gmail.com> for the
|
||||
# inspiration and to his great work on docker-wordpress'
|
||||
|
||||
# reset root password
|
||||
|
||||
# let's create a user to SSH into
|
||||
SSH_USERPASS=`pwgen -c -n -1 8`
|
||||
mkdir /home/user
|
||||
useradd -G sudo -d /home/user user
|
||||
useradd -G sudo -d /home/user -s /bin/bash user
|
||||
chown user /home/user
|
||||
echo "user:$SSH_USERPASS" | chpasswd
|
||||
echo "ssh user password: $SSH_USERPASS"
|
||||
|
||||
# pre-fill with SSH keys
|
||||
echo "Pre-loading SSH keys from /docker/keys"
|
||||
mkdir -p /home/user/.ssh
|
||||
rm -f /home/user/.ssh/authorized_keys
|
||||
for key in /docker/keys/*.pub ; do
|
||||
echo "- adding key $key"
|
||||
cat $key >> /home/user/.ssh/authorized_keys
|
||||
done
|
||||
chown -R user /home/user/.ssh
|
||||
|
||||
# load cron
|
||||
CRONFILE=`mktemp`
|
||||
cat > $CRONFILE <<EOF
|
||||
* * * * * echo "pif" >> /home/user/pif.log
|
||||
|
|
|
|||
Loading…
Reference in a new issue