Working container

master
meskio 2 years ago
commit de3e290845
Signed by: meskio
GPG Key ID: 52B8F5AC97A2DA86
  1. 17
      Dockerfile
  2. 14
      README.md
  3. 13
      entrypoint.sh
  4. 6
      sshd_config

@ -0,0 +1,17 @@
FROM docker.io/debian
RUN apt-get update && \
apt-get install -y --no-install-recommends \
borgbackup openssh-server && \
apt-get clean
ADD sshd_config /etc/ssh/sshd_config
ADD entrypoint.sh /entrypoint.sh
RUN mkdir /repo && \
mkdir /run/sshd && \
mkdir /root/.ssh && \
chmod 700 /root/.ssh
VOLUME /repo
ENTRYPOINT ["/entrypoint.sh"]

@ -0,0 +1,14 @@
Simple borg+ssh docker image
It will limit the ssh so only `borg serve` command will be allowed.
It will run the ssh daemon on port 2222, expect a folder with the repos in /repo and the ssh public key being passed as the environment variable `KEY`.
For example it can be run with podman:
```
podman run -user user \
-p 2222:2222 \
-e "KEY=ssh-ed25519 <key> user" \
-v '/path/to/repo:/repo' \
borg
```

@ -0,0 +1,13 @@
#!/bin/sh
echo -n "restrict,command=\"borg serve" >> /root/.ssh/authorized_keys
for repo in `ls /repo`
do
echo "allow repo $repo"
echo -n " --restrict-to-repository /repo/$repo" >> /root/.ssh/authorized_keys
done
echo "\" $KEY" >> /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
echo "Start ssh"
/usr/sbin/sshd -D -e

@ -0,0 +1,6 @@
Port 2222
PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM no
PermitRootLogin yes
PubkeyAuthentication yes
Loading…
Cancel
Save