-
-
Save ramcq/a6440f19ee8e1b8d56be3542193f8a23 to your computer and use it in GitHub Desktop.
sshd+tmux+weechat in docker
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| LOCALE=en_GB.UTF-8 | |
| SSH_KEY="ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA151ak/oQeooHn7TGqzELD+X84eoakFznQEFdz5YlqP8n2PC7KxK07oQ5N9ZDOE3nxqKSLvdG5UkzKSGVBDh7E6TnulHDK4Qu8+M2J/+IqHx1WQrMVrM47avHjpfTQuL8ON44pOPn2weQsvZPPK7DEM4FUlmjIWdvBwN3axNZhY0= robot101@theta" | |
| TZ=Europe/London |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '3' | |
| volumes: | |
| ssh: | |
| weechat: | |
| services: | |
| weechat: | |
| build: . | |
| container_name: weechat | |
| hostname: weechat | |
| restart: on-failure | |
| environment: | |
| - LOCALE=${LOCALE} | |
| - SSH_KEY=${SSH_KEY} | |
| - TZ=${TZ} | |
| cap_add: | |
| - AUDIT_WRITE | |
| ports: | |
| - '2222:22' | |
| - '60000-60010:60000-60010/udp' | |
| volumes: | |
| - 'ssh:/etc/ssh' | |
| - 'weechat:/home/weechat/.weechat' | |
| networks: | |
| nginx-proxy: | |
| networks: | |
| nginx-proxy: | |
| external: true |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM debian:bookworm | |
| RUN set -ex; \ | |
| export DEBIAN_FRONTEND=noninteractive; \ | |
| apt-get update; \ | |
| apt-get upgrade -y; \ | |
| touch /etc/locale.gen; \ | |
| apt-get install --no-install-recommends -y \ | |
| locales \ | |
| mosh \ | |
| openssh-server \ | |
| tmux \ | |
| weechat-curses \ | |
| weechat-matrix \ | |
| weechat-plugins \ | |
| weechat-python \ | |
| weechat-scripts; \ | |
| \ | |
| apt-get clean; \ | |
| rm -rf /var/lib/apt/lists | |
| ADD run.sh /run.sh | |
| RUN set -ex; \ | |
| \ | |
| rm -f /etc/ssh/ssh_host*; \ | |
| mv /etc/ssh /etc/ssh~; \ | |
| \ | |
| adduser \ | |
| --disabled-password \ | |
| --gecos "WeeChat User" \ | |
| weechat; \ | |
| \ | |
| chmod +x /run.sh | |
| VOLUME ["/etc/ssh", "/home/weechat/.weechat"] | |
| EXPOSE 22 60000-60010/udp | |
| CMD ["/run.sh"] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # loosely inspired by https://github.com/krlmlr/debian-ssh/ | |
| set -e | |
| if [ -z "${SSH_KEY}" ]; then | |
| echo "=> Please pass your public key in the SSH_KEY environment variable" | |
| exit 1 | |
| fi | |
| if [ -n "${LOCALE}" ]; then | |
| CHARSET="${LOCALE#*.}" | |
| echo "${LOCALE} ${CHARSET}" >/etc/locale.gen | |
| locale-gen | |
| fi | |
| WEEHOME=/home/weechat | |
| mkdir -p ${WEEHOME}/.ssh | |
| chmod 700 ${WEEHOME}/.ssh | |
| echo "${SSH_KEY}" > ${WEEHOME}/.ssh/authorized_keys | |
| chmod 600 ${WEEHOME}/.ssh/authorized_keys | |
| chown weechat:weechat ${WEEHOME}/.ssh ${WEEHOME}/.ssh/authorized_keys ${WEEHOME}/.weechat | |
| su -c "tmux new -d -s weechat weechat" weechat | |
| cp -a /etc/ssh~/* /etc/ssh | |
| DEBIAN_FRONTEND=noninteractive dpkg-reconfigure openssh-server | |
| mkdir -p /run/sshd | |
| exec /usr/sbin/sshd -De |
Author
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@andrunko OMG thank you. 🤦 🤦 🤦
I saw -d in https://bugzilla.redhat.com/show_bug.cgi?id=1923728 when figuring out the need for CAP_AUDIT, and thought "sure debugging why not"... haha.