Compare commits
1 Commits
077eec64ee
...
ee9b2257da
Author | SHA1 | Date | |
---|---|---|---|
ee9b2257da |
@ -2,6 +2,7 @@
|
|||||||
|
|
||||||
* Debian slim based image
|
* Debian slim based image
|
||||||
* OpenSSH server
|
* OpenSSH server
|
||||||
|
* User/group creation on startup
|
||||||
|
|
||||||
# Supported tags and respective `Dockerfile` links
|
# Supported tags and respective `Dockerfile` links
|
||||||
|
|
||||||
@ -14,6 +15,9 @@
|
|||||||
| Key | Format | Description |
|
| Key | Format | Description |
|
||||||
| --- | --- | --- |
|
| --- | --- | --- |
|
||||||
| `ROOT_AUTHORIZED_KEYS` | `/path/to/file` | Path to file that contains the public SSH keys that can be used for root user authentication. This file will be copied to `/root/.ssh/authorized_keys` |
|
| `ROOT_AUTHORIZED_KEYS` | `/path/to/file` | Path to file that contains the public SSH keys that can be used for root user authentication. This file will be copied to `/root/.ssh/authorized_keys` |
|
||||||
|
| `USERADD` | `{username}:{uid}:{gid};...` | Create user account(s) on startup |
|
||||||
|
| `GROUPADD` | `{groupname}:{gid};...` | Create group account(s) on startup |
|
||||||
|
| `BASE_DIR` | `/home` | Basedir used for user account creation (Default: `/home`) |
|
||||||
|
|
||||||
## docker run
|
## docker run
|
||||||
|
|
||||||
@ -22,6 +26,8 @@ $ docker run -it \
|
|||||||
--name jumpbox \
|
--name jumpbox \
|
||||||
-v $(pwd)/jumpbox:/var/lib/jumpbox \
|
-v $(pwd)/jumpbox:/var/lib/jumpbox \
|
||||||
-e "ROOT_AUTHORIZED_KEYS=/var/lib/jumpbox/authorized_keys"
|
-e "ROOT_AUTHORIZED_KEYS=/var/lib/jumpbox/authorized_keys"
|
||||||
|
-e "USERADD=jumpbox:1000:1000"
|
||||||
|
-e "GROUPADD=jumpbox:1000"
|
||||||
-p 1022:22 \
|
-p 1022:22 \
|
||||||
pommib/jumpbox:latest
|
pommib/jumpbox:latest
|
||||||
```
|
```
|
||||||
@ -41,4 +47,6 @@ services:
|
|||||||
- '${PWD}/jumpbox:/var/lib/jumpbox'
|
- '${PWD}/jumpbox:/var/lib/jumpbox'
|
||||||
environment:
|
environment:
|
||||||
ROOT_AUTHORIZED_KEYS: /var/lib/jumpbox/authorized_keys
|
ROOT_AUTHORIZED_KEYS: /var/lib/jumpbox/authorized_keys
|
||||||
|
USERADD: jumpbox:1000:1000
|
||||||
|
GROUPADD: jumpbox:1000
|
||||||
```
|
```
|
||||||
|
35
start.sh
35
start.sh
@ -1,5 +1,7 @@
|
|||||||
#!/bin/sh
|
#!/bin/sh
|
||||||
|
|
||||||
|
set -ex
|
||||||
|
|
||||||
mkdir -p /run/sshd
|
mkdir -p /run/sshd
|
||||||
|
|
||||||
if [ -n "$ROOT_AUTHORIZED_KEYS" ]; then
|
if [ -n "$ROOT_AUTHORIZED_KEYS" ]; then
|
||||||
@ -10,4 +12,37 @@ if [ -n "$ROOT_AUTHORIZED_KEYS" ]; then
|
|||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
if [ -z "$BASE_DIR" ]; then
|
||||||
|
BASE_DIR="/home"
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ ! -d "$BASE_DIR" ]; then
|
||||||
|
echo "BASE_DIR $BASE_DIR does not exist, creating..."
|
||||||
|
mkdir -p $BASE_DIR
|
||||||
|
fi
|
||||||
|
|
||||||
|
# GROUPADD="group1:1000;group2:1001;group3:1002"
|
||||||
|
while [ "$GROUPADD" != "$i" ] ;do
|
||||||
|
i=${GROUPADD%%;*}
|
||||||
|
GROUPADD="${GROUPADD#$i;}"
|
||||||
|
|
||||||
|
GROUP_NAME=${i%%:*}
|
||||||
|
GROUP_GID="${i#$GROUP_NAME:}"
|
||||||
|
|
||||||
|
groupadd --gid $GROUP_GID $GROUP_NAME
|
||||||
|
done
|
||||||
|
|
||||||
|
# USERADD="user1:1000:1000;user2:1001:1000;user3:1002:1002"
|
||||||
|
while [ "$USERADD" != "$i" ] ;do
|
||||||
|
i=${USERADD%%;*}
|
||||||
|
USERADD="${USERADD#$i;}"
|
||||||
|
|
||||||
|
USER_NAME=${i%%:*}
|
||||||
|
UID_GID="${i#$USER_NAME:}"
|
||||||
|
USER_UID="${UID_GID%%:*}"
|
||||||
|
USER_GID="${UID_GID#$USER_UID:}"
|
||||||
|
|
||||||
|
useradd --home-dir $BASE_DIR/$USER_NAME --uid $USER_UID --gid $USER_GID $USER_NAME
|
||||||
|
done
|
||||||
|
|
||||||
exec /usr/sbin/sshd -D -e
|
exec /usr/sbin/sshd -D -e
|
||||||
|
Loading…
Reference in New Issue
Block a user