Fix ssh server key generation, update readme
This commit is contained in:
parent
eb8483ea7f
commit
ff2893b03b
|
@ -8,7 +8,11 @@ RUN useradd --create-home nexus && \
|
||||||
apt-get install -y nginx-light fcgiwrap supervisor openssh-server cron && \
|
apt-get install -y nginx-light fcgiwrap supervisor openssh-server cron && \
|
||||||
mkdir /start.d /nexus /var/run/sshd && \
|
mkdir /start.d /nexus /var/run/sshd && \
|
||||||
chown nexus /nexus && \
|
chown nexus /nexus && \
|
||||||
cp /usr/share/doc/fcgiwrap/examples/nginx.conf /etc/nginx/fcgiwrap.conf
|
cp /usr/share/doc/fcgiwrap/examples/nginx.conf /etc/nginx/fcgiwrap.conf && \
|
||||||
|
rm /etc/ssh/ssh_host_* && \
|
||||||
|
mkdir /etc/ssh/keys && \
|
||||||
|
sed -i -E 's/HostKey \/etc\/ssh\//HostKey \/etc\/ssh\/keys\//' /etc/ssh/sshd_config && \
|
||||||
|
rm -rf /var/lib/apt/lists/*
|
||||||
|
|
||||||
# Supervisor confs
|
# Supervisor confs
|
||||||
ADD supervisor.conf /etc/supervisor/conf.d/supervisor.conf
|
ADD supervisor.conf /etc/supervisor/conf.d/supervisor.conf
|
||||||
|
|
|
@ -15,7 +15,7 @@ Nexus offers a couple services:
|
||||||
|
|
||||||
### SSHD
|
### SSHD
|
||||||
|
|
||||||
For shell related activities, an sshd daemonr runs on the standard port. Username and password, by default, is `nexus`.
|
For shell related activities, an sshd daemon runs on the standard port. Username and password, by default, is `nexus`.
|
||||||
|
|
||||||
### Nginx
|
### Nginx
|
||||||
|
|
||||||
|
@ -29,6 +29,13 @@ Standard CGI scripts can be placed in `/nexus/cgi-bin/`. Some sample scripts exi
|
||||||
|
|
||||||
Cron is present in the container.
|
Cron is present in the container.
|
||||||
|
|
||||||
|
## Protips
|
||||||
|
|
||||||
|
* Drop executable scripts into `/startup.d/` for effortless startup tasks
|
||||||
|
* Persistance? You want to mount these files/dirs outside the container:
|
||||||
|
* `/nexus/` - webroot and recommended data store
|
||||||
|
* `/etc/ssh/keys/` - sshd key file directory
|
||||||
|
|
||||||
## TODO
|
## TODO
|
||||||
|
|
||||||
* Allow ssh password to be set by passing an env var
|
* Allow ssh password to be set by passing an env var
|
||||||
|
|
8
gen-ssh
8
gen-ssh
|
@ -2,6 +2,12 @@
|
||||||
|
|
||||||
# Regenerate ssh key per container
|
# Regenerate ssh key per container
|
||||||
|
|
||||||
dpkg-reconfigure openssh-server
|
if [ ! -f "/etc/ssh/ssh_host_rsa_key" ]; then
|
||||||
|
# Regen keys
|
||||||
|
ssh-keygen -A
|
||||||
|
|
||||||
|
# Move keys to keys dir
|
||||||
|
mv /etc/ssh/ssh_host_* /etc/ssh/keys/
|
||||||
|
fi
|
||||||
|
|
||||||
rm /start.d/gen-ssh
|
rm /start.d/gen-ssh
|
||||||
|
|
Loading…
Reference in New Issue