42 lines
1.3 KiB
Docker
42 lines
1.3 KiB
Docker
FROM debian:stable
|
|
MAINTAINER busti <oss@busti.cool>
|
|
|
|
ENV DEBIAN_FRONTEND noninteractive
|
|
|
|
RUN apt-get update && apt install -y --no-install-recommends \
|
|
openssh-server \
|
|
sssd \
|
|
sssd-ldap \
|
|
libnss-sss \
|
|
libpam-sss \
|
|
libpam-modules \
|
|
gettext \
|
|
supervisor \
|
|
&& apt-get autoclean \
|
|
&& apt-get autoremove \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
RUN mkdir /var/run/sshd
|
|
RUN passwd --lock root
|
|
RUN sed -i 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' /etc/pam.d/sshd
|
|
RUN sed -i 's/#*PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
|
|
RUN echo "AuthorizedKeysCommand /usr/bin/sss_ssh_authorizedkeys" >> /etc/ssh/sshd_config
|
|
RUN echo "AuthorizedKeysCommandUser nobody" >> /etc/ssh/sshd_config
|
|
RUN echo "session optional pam_mkhomedir.so" >> /etc/pam.d/common_session
|
|
|
|
RUN echo "proc /proc proc defaults,hidepid=2 0 0" >> /etc/fstab
|
|
|
|
WORKDIR /home
|
|
|
|
EXPOSE 22
|
|
|
|
COPY sssd.conf /etc/sssd/sssd.conf.env
|
|
COPY nsswitch.conf /etc/nsswitch.conf
|
|
COPY common-session /etc/pam.d/common-session
|
|
COPY skel /etc/skel
|
|
|
|
COPY supervisord.conf /etc/supervisord.conf
|
|
COPY sssd.sv.conf /etc/supervisor/conf.d/sssd.sv.conf
|
|
COPY sshd.sv.conf /etc/supervisor/conf.d/sshd.sv.conf
|
|
|
|
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"]
|