sshBasedApi/Dockerfile at master · aitorpazos/sshBasedApi · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
FROM debian:bookworm-slim

LABEL maintainer="Aitor Pazos <mail@aitorpazos.es>"
LABEL org.opencontainers.image.source="https://github.com/aitorpazos/sshBasedApi"
LABEL org.opencontainers.image.description="SSH-based API server — Unix users as API methods"

RUN apt-get update \
    && apt-get install -y --no-install-recommends \
        openssh-server \
        vim-nox \
    && rm -rf /var/lib/apt/lists/* \
    && mkdir --mode 700 /var/run/sshd \
    && echo "sftp:x:0:0:root:/root:/bin/bash" >> /etc/passwd

COPY sshd_config /etc/ssh/sshd_config
COPY sshWrapper.sh /root/
COPY commands /root/commands/
COPY addApiMethod /usr/local/bin/

RUN chmod 644 /etc/ssh/sshd_config \
    && chmod 550 -R /root/commands \
    && chmod 550 /root/sshWrapper.sh \
    && chmod 550 /usr/local/bin/addApiMethod \
    && rm -f /etc/ssh/*_key* \
    && ssh-keygen -A \
    && mkdir -p /etc/ssh/keys \
    && groupadd -g 666 -r sshapi

ONBUILD COPY id_rsa.pub /root/.ssh/authorized_keys
ONBUILD RUN chmod 700 /root/.ssh \
    && chmod 600 /root/.ssh/authorized_keys

EXPOSE 22

HEALTHCHECK --interval=30s --timeout=5s --retries=3 \
    CMD pgrep sshd > /dev/null || exit 1

CMD ["/root/sshWrapper.sh"]