diff --git a/Dockerfile b/Dockerfile index aa0c003..cc91356 100644 --- a/Dockerfile +++ b/Dockerfile @@ -6,7 +6,7 @@ RUN apt-get update # Install supervisor for managing services -RUN apt-get install -q -y supervisor cron openssh-server pwgen reprepro screen vim-tiny +RUN apt-get install -q -y supervisor cron openssh-server pwgen reprepro screen vim-tiny sudo RUN service supervisor stop ADD configs/supervisord.conf /etc/supervisor/conf.d/supervisord.conf @@ -20,13 +20,21 @@ RUN sed -i 's/\(session *required *pam_loginuid.so\)/#\1/' /etc/pam.d/cron # Install ssh ADD configs/supervisor-ssh.conf /etc/supervisor/conf.d/ssh.conf RUN mkdir /var/run/sshd +RUN service ssh start ; sleep 1 +RUN service ssh stop + +# Setup root & sudo access +RUN echo "root:docker" | chpasswd +RUN echo %sudo ALL=NOPASSWD: ALL >> /etc/sudoers + ENV DEBIAN_FRONTEND newt ADD scripts/start.sh /start.sh RUN chmod 755 /start.sh -VOLUME /data +VOLUME ["/docker/keys", "/docker/incoming"] + EXPOSE 80 EXPOSE 22 CMD ["/bin/bash", "/start.sh"] diff --git a/Makefile b/Makefile index 0fe2d0d..8c2ebd2 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,16 @@ +DEBUG=0 + +ifeq ($(DEBUG),0) +RUNCMD= +else +RUNCMD=-i /bin/bash +endif build: docker build -t glenux/debian-repo . run: - docker run -i -t glenux/debian-repo /bin/bash + ID=$$(docker run -v $$(pwd)/keys:/docker/keys -d -t glenux/debian-repo $(RUNCMD)); \ + (docker inspect $$ID |sed -n -e 's/.*"IPAddress": "\(.*\)".*/\1/p'); \ + docker logs -f $$ID diff --git a/scripts/start.sh b/scripts/start.sh index 31ff963..4af970a 100644 --- a/scripts/start.sh +++ b/scripts/start.sh @@ -3,14 +3,27 @@ # Many thanks to John Fink for the # inspiration and to his great work on docker-wordpress' +# reset root password + # let's create a user to SSH into SSH_USERPASS=`pwgen -c -n -1 8` mkdir /home/user -useradd -G sudo -d /home/user user +useradd -G sudo -d /home/user -s /bin/bash user chown user /home/user echo "user:$SSH_USERPASS" | chpasswd echo "ssh user password: $SSH_USERPASS" +# pre-fill with SSH keys +echo "Pre-loading SSH keys from /docker/keys" +mkdir -p /home/user/.ssh +rm -f /home/user/.ssh/authorized_keys +for key in /docker/keys/*.pub ; do + echo "- adding key $key" + cat $key >> /home/user/.ssh/authorized_keys +done +chown -R user /home/user/.ssh + +# load cron CRONFILE=`mktemp` cat > $CRONFILE <> /home/user/pif.log