infra/codestorage/hg-ssh
infra/codestorage/hg-ssh/Dockerfile
Set trust settings to avoid annoying message. Update the hgrc to trust the .hgrc files of everyone in the committers group, because I got tired of seeing the "not trusting file /mounted/repos/blah-blah/.hg/hgrc from untrusted user root, group committers" message every time I pushed.
| paddy@1 | 1 FROM secondbit/hg-repo-sync |
| paddy@1 | 2 MAINTAINER Paddy "<paddy@secondbit.org>" |
| paddy@0 | 3 |
| paddy@0 | 4 ADD create_user.sh /usr/local/bin/helpers/create_user.sh |
| paddy@0 | 5 RUN chmod +x /usr/local/bin/helpers/create_user.sh |
| paddy@1 | 6 ADD run.sh /usr/local/bin/helpers/run-ssh.sh |
| paddy@1 | 7 RUN chmod +x /usr/local/bin/helpers/run-ssh.sh |
| paddy@1 | 8 ADD pullkeys.sh /usr/local/bin/helpers/pullkeys.sh |
| paddy@1 | 9 RUN chmod +x /usr/local/bin/helpers/pullkeys.sh |
| paddy@2 | 10 ADD post-commit-broadcast.sh /usr/local/bin/helpers/broadcast-to-frontends.sh |
| paddy@2 | 11 RUN chmod +x /usr/local/bin/helpers/broadcast-to-frontends.sh |
| paddy@2 | 12 |
| paddy@2 | 13 ADD hgrc /etc/mercurial/hgrc |
| paddy@0 | 14 |
| paddy@0 | 15 RUN mkdir /var/run/sshd |
| paddy@0 | 16 |
| paddy@0 | 17 # install required packages |
| paddy@0 | 18 RUN apt-get -y update |
| paddy@2 | 19 RUN apt-get -y install openssh-server dnsutils |
| paddy@0 | 20 |
| paddy@0 | 21 #ADD sshd_config /etc/ssh/sshd_config |
| paddy@0 | 22 RUN sed -ri 's/session required pam_loginuid.so/session optional pam_loginuid.so/g' /etc/pam.d/sshd |
| paddy@0 | 23 RUN sed -ri 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config |
| paddy@0 | 24 RUN sed -ri 's/PermitRootLogin without-password/PermitRootLogin no/g' /etc/ssh/sshd_config |
| paddy@0 | 25 |
| paddy@0 | 26 EXPOSE 22 |
| paddy@0 | 27 |
| paddy@1 | 28 CMD ["/usr/local/bin/helpers/run-ssh.sh"] |