add support for configuring root authorized_keys file

2022-09-15 14:30:12 +02:00 · 2022-09-15 14:30:12 +02:00 · 289592cbf6
parent 3c9aa8f581
commit 289592cbf6
2 changed files with 21 additions and 4 deletions
--- a/README.md
+++ b/README.md
@ -9,15 +9,24 @@

 # Usage

+## Environment variables
+
+| Key | Format | Description |
+| --- | --- | --- |
+| `ROOT_AUTHORIZED_KEYS` | `/path/to/file` | Path to file that contains the public SSH keys that can be used for root user authentication. This file will be copied to `/root/.ssh/authorized_keys` |
+
+## docker run
+
 ```
 $ docker run -it \
    --name jumpbox \
-    -v $(pwd)/authorized_keys:/root/.ssh/authorized_keys \
+    -v $(pwd)/jumpbox:/var/lib/jumpbox \
+    -e "ROOT_AUTHORIZED_KEYS=/var/lib/jumpbox/authorized_keys"
    -p 1022:22 \
    pommib/jumpbox:latest
 ```

-# docker-compose
+## docker-compose

 ```
 version: "3"
@ -29,5 +38,7 @@ services:
    ports:
      - "1022:22/tcp"
    volumes:
-      - '${PWD}/authorized_keys:/root/.ssh/authorized_keys'
+      - '${PWD}/jumpbox:/var/lib/jumpbox'
+    environment:
+      ROOT_AUTHORIZED_KEYS: /var/lib/jumpbox/authorized_keys
 ```
--- a/start.sh
+++ b/start.sh
@ -2,6 +2,12 @@

 mkdir -p /run/sshd

-chown root: /root/.ssh/authorized_keys
+if [ -n "$ROOT_AUTHORIZED_KEYS" ]; then
+    if [ -f "$ROOT_AUTHORIZED_KEYS" ]; then
+        mkdir -p /root/.ssh
+        cp "$ROOT_AUTHORIZED_KEYS" /root/.ssh/authorized_keys
+        chmod 600 /root/.ssh/authorized_keys
+    fi
+fi

 exec /usr/sbin/sshd -D -e