amkartashov/gf-k8s
1
0
Fork 0
mirror of https://github.com/amkartashov/gf-k8s.git synced 2026-01-11 09:59:43 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

SSHct: moved to a dockerfiles repo

Browse source
This commit is contained in:
Andrey Kartashov 2018-11-30 17:29:04 +07:00
parent f6facf6d05
commit 956461f5a0
5 changed files with 1 additions and 100 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
SSHct/Dockerfile
View file

@ -1,28 +0,0 @@
FROM debian:9
VOLUME /home
EXPOSE 22
ENTRYPOINT ["/bin/entrypoint"]
ENV CTUSER me
ENV CTUSERID 1000
ENV CTUSERPWD 123qweASD
ENV CTTIMEZONE Asia/Novosibirsk
ENV CTLOCALE ru_RU.UTF-8
ENV PUBKEY none
RUN apt-get update -y && \
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends \
openssh-server bash tmux curl sudo less vim gnupg ca-certificates \
dialog locales man bash-completion wget apt-file telnet \
dnsutils git pwgen python bc unzip graphviz whois mysql-client golang-1.8
ADD sshd_config /etc/ssh/sshd_config
ADD entrypoint.sh /bin/entrypoint
RUN chmod +x /bin/entrypoint
ADD init.sh /bin/init.sh
RUN chmod +x /bin/init.sh
RUN mkdir /var/run/sshd
RUN echo '%sudo ALL=(ALL:ALL) NOPASSWD: ALL' >> /etc/sudoers

33
SSHct/entrypoint.sh
View file

@ -1,33 +0,0 @@
#!/bin/sh
echo $CTTIMEZONE > /etc/timezone
ln -sf /usr/share/zoneinfo/$CTTIMEZONE /etc/localtime
dpkg-reconfigure -f noninteractive tzdata
sed -i -e "s/# en_US.UTF-8 UTF-8/en_US.UTF-8 UTF-8/" /etc/locale.gen
sed -i -e "s/# $CTLOCALE UTF-8/$CTLOCALE UTF-8/" /etc/locale.gen
dpkg-reconfigure --frontend=noninteractive locales
update-locale LANG=$CTLOCALE
echo "AllowUsers $CTUSER" >> /etc/ssh/sshd_config
useradd --uid $CTUSERID --user-group --shell /bin/bash $CTUSER
if [ -f /home/.$CTUSER.shadow -a \
"$(stat --dereference --printf='%u %g %a' /home/.$CTUSER.shadow)" == "0 0 640" ]; then
echo $CTUSER:"$(cat /home/.$CTUSER.shadow)" | chpasswd -e
else
echo $CTUSER:"$CTUSERPWD" | chpasswd
fi
passwd -u $CTUSER
usermod -a -G sudo $CTUSER
# Add pubkey
if [ "$PUBKEY" != "none" ]; then
echo "$PUBKEY" >> /home/$CTUSER/.ssh/authorized_keys
chmod 600 /home/$CTUSER/.ssh/authorized_keys
fi
# Run init script in background
tmux new-session -d -s init '/bin/init.sh'
# start ssh daemon
exec /usr/sbin/sshd -Def /etc/ssh/sshd_config

28
SSHct/init.sh
View file

@ -1,28 +0,0 @@
#!/bin/sh
exec >>/home/.init.log 2>&1
echo ====================== INIT START
date
# Install additional packages
echo ====== Installing additional packages
if [ -f /home/.packages ]; then
cat /home/.packages | xargs --max-args=1 apt-get install -y
fi
# Run custom scripts /home/.scripts/*.sh
if [ -d /home/.scripts ]; then
find /home/.scripts -name '*.sh' | while read s; do
if [ -x "$s" ]; then # if script is executable
echo ====== $(date)
echo Running $s
$s <&- # run it with closed stdin, so it does not consume `find` output
else
echo ====== $(date)
echo Skipping non-executable $s
fi
done
fi
echo ====================== INIT END

10
SSHct/sshd_config
View file

@ -1,10 +0,0 @@
Protocol 2
Port 22
PubkeyAuthentication yes
PasswordAuthentication no
AllowTcpForwarding yes
X11Forwarding yes
PrintMotd no
IgnoreUserKnownHosts yes
PermitRootLogin no
PermitEmptyPasswords no

2
sshct.yaml
View file

@ -27,7 +27,7 @@ spec:
# type: # type:
containers: containers:
- name: sshct - name: sshct
image: gorilych/sshct image: gorilych/sshct:v1.0.1
imagePullPolicy: IfNotPresent imagePullPolicy: IfNotPresent
env: env:
- name: CTUSERPWD - name: CTUSERPWD