From 3c1c0ad41f78d819fe48a2723df8d413ff961d13 Mon Sep 17 00:00:00 2001
From: Pim van den Berg <pim@nethuis.nl>
Date: Sun, 18 Sep 2022 14:38:53 +0200
Subject: [PATCH 01/10] feat: install sudoers + allow sudo access for created
 users

---
 Dockerfile | 1 +
 setup.sh   | 1 +
 2 files changed, 2 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index efd31b1..0d41f20 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -5,6 +5,7 @@ RUN set -eux && \
     DEBIAN_FRONTEND=noninteractive apt-get upgrade -y && \
     DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
         openssh-server \
+        sudo \
         locales \
         curl \
         telnet \
diff --git a/setup.sh b/setup.sh
index 8076088..f909624 100755
--- a/setup.sh
+++ b/setup.sh
@@ -46,6 +46,7 @@ while [ "$USERADD" != "$i" ] ;do
     USER_SHELL=$j
 
     useradd --home-dir "$BASE_DIR/$USER_NAME" --shell "$USER_SHELL" --uid "$USER_UID" --gid "$USER_GID" "$USER_NAME"
+    echo "$USER_NAME ALL=(ALL) NOPASSWD:ALL" > "/etc/sudoers.d/$USER_NAME"
 done
 
 # HOSTKEYS="/var/lib/jumpbox/ssh_host_ed25519_key;/var/lib/jumpbox/ssh_host_rsa_key"

From 67cfd6b9a51932542f8c9c1dadadbb756ca15bd6 Mon Sep 17 00:00:00 2001
From: Pim van den Berg <pim@nethuis.nl>
Date: Sun, 18 Sep 2022 15:30:32 +0200
Subject: [PATCH 02/10] fix: configure MTU for docker:dind service to 1492

https://blog.zespre.com/dind-mtu-size-matters.html
---
 .drone.yml | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/.drone.yml b/.drone.yml
index ca58e25..fbf9aae 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -30,6 +30,11 @@ services:
     volumes:
       - name: dockersock
         path: /var/run
+    command:
+    - dockerd-entrypoint.sh
+    - dockerd
+    - --host=unix:///var/run/docker.sock
+    - --mtu=1492
 
 volumes:
   - name: dockersock
@@ -68,6 +73,11 @@ services:
     volumes:
       - name: dockersock
         path: /var/run
+    command:
+    - dockerd-entrypoint.sh
+    - dockerd
+    - --host=unix:///var/run/docker.sock
+    - --mtu=1492
 
 volumes:
   - name: dockersock

From 82c406ffa352be0f4e7da72bd204abc2f0870f83 Mon Sep 17 00:00:00 2001
From: Pim van den Berg <pim@nethuis.nl>
Date: Sun, 30 Oct 2022 11:52:20 +0000
Subject: [PATCH 03/10] feat: add git, man

---
 Dockerfile | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index 0d41f20..e010cf2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -12,6 +12,8 @@ RUN set -eux && \
         net-tools \
         screen \
         vim \
+        git \
+        man \
     && \
     rm -rf /var/lib/apt/lists/* && \
     rm /etc/ssh/ssh_host_*key* && \

From 0d85cf61ae4c0611564d0435bad2325a037fcdaf Mon Sep 17 00:00:00 2001
From: Pim van den Berg <pim@nethuis.nl>
Date: Sat, 19 Nov 2022 17:10:31 +0100
Subject: [PATCH 04/10] fix(rebuild): the input device is not a TTY

---
 rebuild.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/rebuild.sh b/rebuild.sh
index d2f5dea..748bfe6 100755
--- a/rebuild.sh
+++ b/rebuild.sh
@@ -1,8 +1,10 @@
 #!/bin/sh
 
+set -x
+
 updates_available () {
     docker pull "$1"
-    if test "$(docker run -it --rm "$1" /bin/sh -c 'apt -qqq update && apt -qq list --upgradable')" != ""; then
+    if test "$(docker run --rm "$1" /bin/sh -c 'apt -qqq update && apt -qq list --upgradable')" != ""; then
         return 0
     else
         return 1

From 5fda9a645701ea5b96e80f18a084946f7c6595e4 Mon Sep 17 00:00:00 2001
From: Pim van den Berg <pim@nethuis.nl>
Date: Thu, 16 Feb 2023 14:56:44 +0100
Subject: [PATCH 05/10] feat: install less

---
 Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Dockerfile b/Dockerfile
index e010cf2..f1360a2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -14,6 +14,7 @@ RUN set -eux && \
         vim \
         git \
         man \
+        less \
     && \
     rm -rf /var/lib/apt/lists/* && \
     rm /etc/ssh/ssh_host_*key* && \

From c58f97d2c822bc3da03fa154dc1d66a07ced5548 Mon Sep 17 00:00:00 2001
From: Pim van den Berg <pim@nethuis.nl>
Date: Thu, 9 Mar 2023 14:01:58 +0100
Subject: [PATCH 06/10] feat: install bind9-dnsutils

---
 Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Dockerfile b/Dockerfile
index f1360a2..82aa084 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -15,6 +15,7 @@ RUN set -eux && \
         git \
         man \
         less \
+        bind9-dnsutils \
     && \
     rm -rf /var/lib/apt/lists/* && \
     rm /etc/ssh/ssh_host_*key* && \

From 0b8f55ca0594ba0fcdf9210e96531c720a30974a Mon Sep 17 00:00:00 2001
From: Pim van den Berg <pim.van.den.berg@mendix.com>
Date: Wed, 2 Aug 2023 10:55:33 +0200
Subject: [PATCH 07/10] feat: install unzip

---
 Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Dockerfile b/Dockerfile
index 82aa084..43963f3 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -16,6 +16,7 @@ RUN set -eux && \
         man \
         less \
         bind9-dnsutils \
+        unzip \
     && \
     rm -rf /var/lib/apt/lists/* && \
     rm /etc/ssh/ssh_host_*key* && \

From 20f5c653ac2ef7f938996c6612cf37774ce04d08 Mon Sep 17 00:00:00 2001
From: Pim van den Berg <pim@nethuis.nl>
Date: Fri, 31 Jan 2025 18:35:03 +0100
Subject: [PATCH 08/10] feat: install rsync

---
 Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Dockerfile b/Dockerfile
index 43963f3..28491e1 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -17,6 +17,7 @@ RUN set -eux && \
         less \
         bind9-dnsutils \
         unzip \
+        rsync \
     && \
     rm -rf /var/lib/apt/lists/* && \
     rm /etc/ssh/ssh_host_*key* && \

From 1bb7df672ee178cd0d9c6d808a87803e314ce6db Mon Sep 17 00:00:00 2001
From: Pim van den Berg <pim@nethuis.nl>
Date: Wed, 6 Aug 2025 14:24:24 +0200
Subject: [PATCH 09/10] feat: upgrade to debian trixie

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 28491e1..9d66449 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM debian:bookworm-slim
+FROM debian:trixie-slim
 
 RUN set -eux && \
     apt-get update && \

From 13e499a7f6e0e4a80dd2c0c36ac715856fdd8c05 Mon Sep 17 00:00:00 2001
From: Pim van den Berg <pim@nethuis.nl>
Date: Wed, 6 Aug 2025 15:10:48 +0200
Subject: [PATCH 10/10] docs: fix `docker run` cmd + add how to quickly login

---
 README.md | 23 +++++++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 0d571bb..fb62521 100644
--- a/README.md
+++ b/README.md
@@ -26,10 +26,10 @@
 $ docker run -it \
     --name jumpbox \
     -v $(pwd)/jumpbox:/var/lib/jumpbox \
-    -e "ROOT_AUTHORIZED_KEYS=/var/lib/jumpbox/authorized_keys"
-    -e "HOSTKEYS=/var/lib/jumpbox/ssh_host_ed25519_key;/var/lib/jumpbox/ssh_host_rsa_key"
-    -e "USERADD=jumpbox:1000:1000:/bin/bash"
-    -e "GROUPADD=jumpbox:1000"
+    -e "ROOT_AUTHORIZED_KEYS=/var/lib/jumpbox/authorized_keys" \
+    -e "HOSTKEYS=/var/lib/jumpbox/ssh_host_ed25519_key;/var/lib/jumpbox/ssh_host_rsa_key" \
+    -e "USERADD=jumpbox:1000:1000:/bin/bash" \
+    -e "GROUPADD=jumpbox:1000" \
     -p 1022:22 \
     pommib/jumpbox:latest
 ```
@@ -53,3 +53,18 @@ services:
       USERADD: jumpbox:1000:1000:/bin/bash
       GROUPADD: jumpbox:1000
 ```
+
+## Login as root
+
+```
+$ ssh -l root 127.0.0.1 -p 1022
+```
+
+## Login as jumpbox
+
+To login as user jumpbox, make sure `/home/jumpbox` is a mounted volume
+containing `.ssh/authorized_keys` containing your public key.
+
+```
+$ ssh -l jumpbox 127.0.0.1 -p 1022
+```