feat: split setup to setup.sh and only run once

This supports `docker-compose stop` + `docker-compose up`.

Dockerfile

@@ -19,6 +19,7 @@ RUN set -eux && \
     /usr/sbin/update-locale 'LANG=en_US.UTF-8'
 
 ADD start.sh /
+ADD setup.sh /
 
 EXPOSE 22/tcp
 

setup.sh

@@ -0,0 +1,85 @@
+#!/bin/sh
+set -ex
+
+if [ -n "$ROOT_AUTHORIZED_KEYS" ]; then
+    if [ -f "$ROOT_AUTHORIZED_KEYS" ]; then
+        mkdir -p /root/.ssh
+        cp "$ROOT_AUTHORIZED_KEYS" /root/.ssh/authorized_keys
+        chmod 600 /root/.ssh/authorized_keys
+    fi
+fi
+
+if [ -z "$BASE_DIR" ]; then
+    BASE_DIR="/home"
+fi
+
+if [ ! -d "$BASE_DIR" ]; then
+    echo "BASE_DIR $BASE_DIR does not exist, creating..."
+    mkdir -p $BASE_DIR
+fi
+
+# GROUPADD="group1:1000;group2:1001;group3:1002"
+i=""
+while [ "$GROUPADD" != "$i" ] ;do
+    i=${GROUPADD%%;*}
+    GROUPADD="${GROUPADD#$i;}"
+
+    GROUP_NAME=${i%%:*}
+    GROUP_GID="${i#$GROUP_NAME:}"
+
+    groupadd --gid "$GROUP_GID" "$GROUP_NAME"
+done
+
+# USERADD="user1:1000:1000:/bin/bash;user2:1001:1000:/bin/sh;user3:1002:1002:/bin/sh"
+i=""
+j=""
+while [ "$USERADD" != "$i" ] ;do
+    i=${USERADD%%;*}
+    USERADD="${USERADD#$i;}"
+
+    USER_NAME=${i%%:*}
+    j="${i#$USER_NAME:}"
+    USER_UID="${j%%:*}"
+    j="${j#$USER_UID:}"
+    USER_GID="${j%%:*}"
+    j="${j#$USER_GID:}"
+    USER_SHELL=$j
+
+    useradd --home-dir "$BASE_DIR/$USER_NAME" --shell "$USER_SHELL" --uid "$USER_UID" --gid "$USER_GID" "$USER_NAME"
+done
+
+# HOSTKEYS="/var/lib/jumpbox/ssh_host_ed25519_key;/var/lib/jumpbox/ssh_host_rsa_key"
+i=""
+if [ -n "$HOSTKEYS" ]; then
+    while [ "$HOSTKEYS" != "$i" ]; do
+        i=${HOSTKEYS%%;*}
+        HOSTKEYS="${HOSTKEYS#$i;}"
+
+        if [ ! -e "$i" ]; then
+            echo "Could not read $i, file is missing"
+            continue
+        else
+            echo "Configuring HostKey $i"
+        fi
+
+        FILENAME=$(basename "$i")
+        if [ ! -e "/etc/ssh/$FILENAME" ]; then
+            install -m 0600 "$i" "/etc/ssh/$FILENAME"
+            ssh-keygen -y -f "$i" > "/etc/ssh/$FILENAME.pub"
+            ssh-keygen -l -f "/etc/ssh/$FILENAME.pub"
+        fi
+
+        if ! grep "^HostKey /etc/ssh/$FILENAME" /etc/ssh/sshd_config; then
+            echo "HostKey /etc/ssh/$FILENAME" >> /etc/ssh/sshd_config
+        fi
+    done
+fi
+
+if [ -z "$(find /etc/ssh/ -maxdepth 1 -name 'ssh_host_*_key' -print -quit)" ]; then
+    echo "Creating SSH2 ED25519 key; this may take some time ..."
+    ssh-keygen -q -f /etc/ssh/ssh_host_ed25519_key -N '' -t ed25519
+    ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub
+    echo "HostKey /etc/ssh/ssh_host_ed25519_key" >> /etc/ssh/sshd_config
+fi
+
+touch /var/tmp/jumpbox.done

start.sh

@@ -1,88 +1,10 @@
 #!/bin/sh
-
 set -ex
 
 mkdir -p /run/sshd
 
-if [ -n "$ROOT_AUTHORIZED_KEYS" ]; then
+if [ ! -e "/var/tmp/jumpbox.done" ]; then
-    if [ -f "$ROOT_AUTHORIZED_KEYS" ]; then
+    ./setup.sh
-        mkdir -p /root/.ssh
-        cp "$ROOT_AUTHORIZED_KEYS" /root/.ssh/authorized_keys
-        chmod 600 /root/.ssh/authorized_keys
-    fi
-fi
-
-if [ -z "$BASE_DIR" ]; then
-    BASE_DIR="/home"
-fi
-
-if [ ! -d "$BASE_DIR" ]; then
-    echo "BASE_DIR $BASE_DIR does not exist, creating..."
-    mkdir -p $BASE_DIR
-fi
-
-# GROUPADD="group1:1000;group2:1001;group3:1002"
-i=""
-while [ "$GROUPADD" != "$i" ] ;do
-    i=${GROUPADD%%;*}
-    GROUPADD="${GROUPADD#$i;}"
-
-    GROUP_NAME=${i%%:*}
-    GROUP_GID="${i#$GROUP_NAME:}"
-
-    groupadd --gid "$GROUP_GID" "$GROUP_NAME"
-done
-
-# USERADD="user1:1000:1000:/bin/bash;user2:1001:1000:/bin/sh;user3:1002:1002:/bin/sh"
-i=""
-j=""
-while [ "$USERADD" != "$i" ] ;do
-    i=${USERADD%%;*}
-    USERADD="${USERADD#$i;}"
-
-    USER_NAME=${i%%:*}
-    j="${i#$USER_NAME:}"
-    USER_UID="${j%%:*}"
-    j="${j#$USER_UID:}"
-    USER_GID="${j%%:*}"
-    j="${j#$USER_GID:}"
-    USER_SHELL=$j
-
-    useradd --home-dir "$BASE_DIR/$USER_NAME" --shell "$USER_SHELL" --uid "$USER_UID" --gid "$USER_GID" "$USER_NAME"
-done
-
-# HOSTKEYS="/var/lib/jumpbox/ssh_host_ed25519_key;/var/lib/jumpbox/ssh_host_rsa_key"
-i=""
-if [ -n "$HOSTKEYS" ]; then
-    while [ "$HOSTKEYS" != "$i" ]; do
-        i=${HOSTKEYS%%;*}
-        HOSTKEYS="${HOSTKEYS#$i;}"
-
-        if [ ! -e "$i" ]; then
-            echo "Could not read $i, file is missing"
-            continue
-        else
-            echo "Configuring HostKey $i"
-        fi
-
-        FILENAME=$(basename "$i")
-        if [ ! -e "/etc/ssh/$FILENAME" ]; then
-            install -m 0600 "$i" "/etc/ssh/$FILENAME"
-            ssh-keygen -y -f "$i" > "/etc/ssh/$FILENAME.pub"
-            ssh-keygen -l -f "/etc/ssh/$FILENAME.pub"
-        fi
-
-        if ! grep "^HostKey /etc/ssh/$FILENAME" /etc/ssh/sshd_config; then
-            echo "HostKey /etc/ssh/$FILENAME" >> /etc/ssh/sshd_config
-        fi
-    done
-fi
-
-if [ -z "$(find /etc/ssh/ -maxdepth 1 -name 'ssh_host_*_key' -print -quit)" ]; then
-    echo "Creating SSH2 ED25519 key; this may take some time ..."
-    ssh-keygen -q -f /etc/ssh/ssh_host_ed25519_key -N '' -t ed25519
-    ssh-keygen -l -f /etc/ssh/ssh_host_ed25519_key.pub
-    echo "HostKey /etc/ssh/ssh_host_ed25519_key" >> /etc/ssh/sshd_config
 fi
 
 exec /usr/sbin/sshd -D -e