forked from ethack/docker-vpn
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathDockerfile
33 lines (26 loc) · 1.18 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
FROM alpine:edge
RUN apk update \
&& apk add --no-cache \
--repository http://dl-cdn.alpinelinux.org/alpine/edge/testing/ \
openconnect \
&& apk add --no-cache openvpn openssh \
&& apk add --no-cache --upgrade \
--repository http://dl-cdn.alpinelinux.org/alpine/edge/testing/ \
openssh-keygen
RUN which ssh-keygen
# create the root user's .ssh directory
# modify the ssh server config to allow desired features
# unlock the root account (TODO generate a random root password)
# and finally generate host keys
RUN mkdir /root/.ssh \
&& chmod 0700 /root/.ssh \
&& sed -i 's/^#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config \
&& sed -i 's/^AllowTcpForwarding no/AllowTcpForwarding yes/' /etc/ssh/sshd_config \
&& sed -i 's/^GatewayPorts no/GatewayPorts clientspecified/' /etc/ssh/sshd_config \
&& sed -i 's/^root:!::0:::::/root:::0:::::/' /etc/shadow \
&& ssh-keygen -A
# Note we generate SSH keys in the image to avoid getting conflicts every time we start
# a new container. But this means you have to rebuild the image to get unique host keys.
COPY docker-entrypoint.sh /
ENTRYPOINT ["/docker-entrypoint.sh"]
EXPOSE 22