infra/codestorage/hg-ssh
2015-08-17
Child:2f4a2a20ad6d
infra/codestorage/hg-ssh/Dockerfile
Initial commit. This hardcodes more than it should and syncs with Google Cloud Storage more than is really necessary, but it A) works and B) is currently on code.secondbit.org, so that should probably be recorded for posterity.
| paddy@0 | 1 FROM ubuntu:14.04 |
| paddy@0 | 2 MAINTAINER Paddy Foran "<paddy@secondbit.org>" |
| paddy@0 | 3 |
| paddy@0 | 4 RUN groupadd -g 2000 committers |
| paddy@0 | 5 RUN mkdir -p /mounted/repos |
| paddy@0 | 6 RUN chown -R root:committers /mounted/repos |
| paddy@0 | 7 RUN chmod 0770 /mounted/repos |
| paddy@0 | 8 VOLUME /mounted |
| paddy@0 | 9 |
| paddy@0 | 10 ADD create_user.sh /usr/local/bin/helpers/create_user.sh |
| paddy@0 | 11 RUN chmod +x /usr/local/bin/helpers/create_user.sh |
| paddy@0 | 12 VOLUME /home |
| paddy@0 | 13 |
| paddy@0 | 14 RUN mkdir /var/run/sshd |
| paddy@0 | 15 |
| paddy@0 | 16 # install required packages |
| paddy@0 | 17 RUN apt-get -y update |
| paddy@0 | 18 RUN apt-get -y install openssh-server python-pip python-dev |
| paddy@0 | 19 RUN pip install Mercurial |
| paddy@0 | 20 |
| paddy@0 | 21 #ADD sshd_config /etc/ssh/sshd_config |
| paddy@0 | 22 RUN sed -ri 's/session required pam_loginuid.so/session optional pam_loginuid.so/g' /etc/pam.d/sshd |
| paddy@0 | 23 RUN sed -ri 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config |
| paddy@0 | 24 RUN sed -ri 's/PermitRootLogin without-password/PermitRootLogin no/g' /etc/ssh/sshd_config |
| paddy@0 | 25 |
| paddy@0 | 26 EXPOSE 22 |
| paddy@0 | 27 |
| paddy@0 | 28 CMD ["/usr/sbin/sshd", "-D"] |