From 7f8cedad6f9a642aaa29f7b61e6bdf0e1670a6ef Mon Sep 17 00:00:00 2001 From: Adrian Amaglio Date: Tue, 18 Jan 2022 19:02:41 +0100 Subject: [PATCH] init --- Dockerfile | 22 +++++++++++++++ docker-compose.yml | 9 ++++++ entrypoint.sh | 70 ++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 101 insertions(+) create mode 100644 Dockerfile create mode 100644 docker-compose.yml create mode 100755 entrypoint.sh diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..201a021 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,22 @@ +FROM debian:10 + +WORKDIR /app + +RUN addgroup eleve + +RUN apt-get update && apt-get install -y \ + ssh \ + && rm -rf /var/lib/apt/lists/* + + +ENV TZ=Europe/Paris + +#CMD ["sh", "-c", "echo lol"] + +# SSH server +RUN mkdir /run/sshd +CMD ["/usr/sbin/sshd", "-E", "/dev/stderr", "-D"] + +# Entrypoint +COPY ./entrypoint.sh ./entrypoint.sh +ENTRYPOINT ["./entrypoint.sh"] diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..ddcc5eb --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,9 @@ +version: '3' +services: + app: + build: . + volumes: + - ./config:/app/config + - ./home_eleves:/home + network_mode: "host" + restart: "unless-stopped" diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100755 index 0000000..17c22ab --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,70 @@ +#!/bin/sh + +HOME_BASE="/home" +USERS_LIST="/app/config/users.txt" +PASSWD_LIST="/app/config/passwords.txt" +CUSTOM_SCRIPT="/app/config/init.sh" + +separator="=" # Must be ascii for cut +forbidden_chars=". / : # = \ " + +# Check we got user list +if [ ! -f "$USERS_LIST" ] && [ ! -f "$PASSWD_LIST" ] ; then + echo "Les fichiers des utilisateurs ou des passwords n’ont pas étés trouvées." + exit 1 +fi + +for c in $forbidden_chars ; do + if [ -n "$(cat "$USERS_LIST" | grep -F $c)" ] ; then + echo "Le fichier « $USERS_LIST » ne doit pas contenir le caractère « $c » !" + exit 1 + fi +done + +echo "-------------------------------------------------------------" +echo " Create users (and passwords if needed) as in $USERS_LIST" +# Generate passwords if not done yet +genPassowrd () { + tr -dc A-Za-z0-9 > $PASSWD_LIST +done + +for line in $(cat $PASSWD_LIST) ; do + name="$(echo "$line" | cut -d "$separator" -f 1)" + pass="$(echo "$line" | cut -d "$separator" -f 2)" + echo $name $pass + if [ -z "$name" ] || [ -z "$pass" ] ; then echo "Malformed line skipped: '$line'" ; continue ; fi + home="$HOME_BASE/$name" + mkdir -p "$home" + chmod 700 "$home" + useradd --home-dir "$home" --no-user-group -G eleve --shell /bin/bash "$name" + ret="$?" + if [ "$ret" -ne 0 ] && [ "$ret" -ne 9 ] ; then + echo "Can’t create user '$name'. Error '$ret'." + continue + fi + echo "$pass\n$pass" | passwd "$name" >/dev/null 2>/dev/null + chown "$name":eleve "$home" +done + + +echo "-------------------------------------------------------------" +echo " Allow SSH as root" +if [ -z "$(grep '^PermitRootLogin yes' /etc/ssh/sshd_config)" ] ; then + echo "PermitRootLogin yes" >> /etc/ssh/sshd_config +fi + +echo "-------------------------------------------------------------" +echo " Setting root password" +echo "root\nroot" | passwd 2>/dev/null >/dev/null + + +echo "-------------------------------------------------------------" +echo " Running main process" +exec "$@"