Added base and SSh containers.

2eebb901 · Stefano Alberto Russo · df22203d · 2eebb901 · 2eebb901 · 2eebb901
Commit 2eebb901 authored 3 years ago by Stefano Alberto Russo
--- a/SSH/Dockerfile
+++ b/SSH/Dockerfile
+FROM base
+MAINTAINER Stefano Alberto Russo <stefano.russo@inaf.it>
+
+# Switch to root
+USER root
+
+# Install OpenSSH
+RUN apt-get install openssh-server  -y
+
+# Set a fixed password for metauser (will be changed in the entypoint)
+RUN echo "metauser:metapass" | chpasswd
+
+# Set entrypoint command
+COPY files/entrypoint.sh /entrypoint.sh
+RUN chmod 755 /entrypoint.sh
+ENV DEFAULT_ENTRYPOINT_COMMAND="/entrypoint.sh"
+
+# Fix home permissions
+RUN chmod 777 /home
+
+# Set user (mainly for Singularity)
+USER metauser
+
+# Set container name
+ENV CONTAINER_NAME='SSH'
+
+
+
--- a/SSH/build.sh
+++ b/SSH/build.sh
+#!/bin/bash
+
+docker build  . -t ssh
--- a/SSH/files/entrypoint.sh
+++ b/SSH/files/entrypoint.sh
+#/bin/bash
+
+# Set port
+if [ "x$BASE_PORT" == "x" ]; then
+    BASE_PORT=22
+fi
+
+# Set password
+if [ "x$AUTH_PASS" != "x" ]; then
+    echo "[INFO] Setting linux password" # In the Dockerflie remove the -e
+    echo -e "metapass\n$AUTH_PASS\n$AUTH_PASS" | passwd
+fi
+
+# Prepare conf
+mkdir ${HOME}/custom_ssh
+ssh-keygen -f ${HOME}/custom_ssh/ssh_host_rsa_key -N '' -t rsa
+ssh-keygen -f ${HOME}/custom_ssh/ssh_host_dsa_key -N '' -t dsa
+
+cat << EOF > ${HOME}/custom_ssh/sshd_config
+Port $BASE_PORT
+HostKey ${HOME}/custom_ssh/ssh_host_rsa_key
+HostKey ${HOME}/custom_ssh/ssh_host_dsa_key
+AuthorizedKeysFile  .ssh/authorized_keys
+ChallengeResponseAuthentication no
+UsePAM yes
+Subsystem   sftp    /usr/lib/ssh/sftp-server
+PidFile ${HOME}/custom_ssh/sshd.pid
+EOF
+
+# Run
+echo "[INFO] Now running SSH server on port $BASE_PORT and listening."
+/usr/sbin/sshd -D -f ${HOME}/custom_ssh/sshd_config
+EXIT_CODE=$?
+echo "Exit code: $EXIT_CODE"
+if [[ "x$EXIT_CODE" != "x0" ]] && [[ "x$EXIT_CODE" != "x130" ]] ; then
+    echo "This exit code is an error, exiting." 
+    exit $?
+fi
+echo ""
\ No newline at end of file
--- a/SSH/run.sh
+++ b/SSH/run.sh
+#!/bin/bash
+docker run -v$PWD/:/data -p2222:2222 -eAUTH_PASS='testpass' -eBASE_PORT=2222 -it ssh
--- a/base/Dockerfile
+++ b/base/Dockerfile
+FROM ubuntu:18.04
+MAINTAINER Stefano Alberto Russo <stefano.russo@inaf.it>
+
+#----------------------
+# Basics
+#----------------------
+
+# Set non-interactive
+ENV DEBIAN_FRONTEND noninteractive
+
+# Update first of all
+RUN apt-get update
+
+# Utilities
+RUN apt-get install -y nano telnet unzip wget supervisor build-essential python-dev git-core openjdk-8-jre
+
+
+#------------------------
+# "Meta" user
+#------------------------
+
+# Add group. We chose GID 65527 to try avoiding conflicts.
+RUN groupadd -g 65527 metauser
+
+# Add user. We chose UID 65527 to try avoiding conflicts.
+RUN useradd metauser -d /home/metauser -u 65527 -g 65527 -m -s /bin/bash
+
+# Add metuaser user to sudoers
+RUN adduser metauser sudo
+
+# Install suodo
+RUN apt-get install sudo -y
+
+# No pass sudo (for everyone, actually)
+COPY files/sudoers /etc/sudoers
+
+# Prepare for user-space logs
+RUN mkdir /home/metauser/.logs && chown metauser:metauser /home/metauser/.logs
+
+# Rename metauser home folder as a "vanilla" home folder
+RUN mv /home/metauser /metauser_home_vanilla
+
+# Set container name
+ENV CONTAINER_NAME='base'
+
+# Entrypoint
+COPY files/base_entrypoint.sh /
+RUN chmod 755 /base_entrypoint.sh
+ENTRYPOINT ["/base_entrypoint.sh"]
+ENV DEFAULT_ENTRYPOINT_COMMAND="/bin/bash"
+
+# Allow to move the /home_vanilla folder in /home
+RUN chmod 777 /home
+
+# Set user
+USER metauser
+
--- a/base/build.sh
+++ b/base/build.sh
+#!/bin/bash
+
+docker build  . -t base
--- a/base/files/base_entrypoint.sh
+++ b/base/files/base_entrypoint.sh
+#!/bin/bash
+
+ # Exit on any error. More complex thing could be done in future
+# (see https://stackoverflow.com/questions/4381618/exit-a-script-on-error)
+set -e
+
+
+if [ "x$SAFE_MODE" == "xTrue" ]; then
+    echo ""
+    echo "[INFO] Not executing entrypoint as we are in safe mode, just opening a Bash shell."
+    exec /bin/bash
+else
+	echo ""
+	echo "[INFO] Executing entrypoint..."
+	
+
+    #---------------------
+    #   Setup home
+    #---------------------
+
+	if [ -f "/home/metauser/.initialized" ]; then
+	    :
+	else
+		echo "[INFO] Setting up home"
+		mkdir -p /home/metauser
+
+        # Copy over vanilla home contents
+		for x in /metauser_home_vanilla/* /metauser_home_vanilla/.[!.]* /metauser_home_vanilla/..?*; do
+            if [ -e "$x" ]; then cp -a "$x" /home/metauser/; fi
+        done
+		
+	# Mark as initialized
+	    touch /home/metauser/.initialized
+	fi
+	
+    # Manually set home (mainly for Singularity)
+	echo "[INFO] Setting up HOME env var"
+	export HOME=/home/metauser
+	cd /home/metauser
+	
+    #---------------------
+    #   Save env
+    #---------------------
+	echo "[INFO] Dumping env"
+	
+    # Save env vars for later usage (e.g. ssh)
+	
+	env | \
+	while read env_var; do
+	  if [[ $env_var == HOME\=* ]]; then
+	      : # Skip HOME var
+	  elif [[ $env_var == PWD\=* ]]; then
+	      : # Skip PWD var
+	  else
+	      echo "export $env_var" >> /tmp/env.sh
+	  fi
+	done
+	
+    #---------------------
+    #   Prompt
+    #---------------------
+	
+	echo "[INFO] Setting new prompt @$CONTAINER_NAME container"
+	echo 'export PS1="${debian_chroot:+($debian_chroot)}\u@$CONTAINER_NAME@\h:\w\$ "' >> /home/metauser/.bashrc
+	
+	
+    #---------------------
+    #  Entrypoint command
+    #---------------------
+	
+	if [ "$@x" == "x" ]; then
+	    echo -n "[INFO] Executing default entrypoint command: "
+	    echo $DEFAULT_ENTRYPOINT_COMMAND
+	    exec $DEFAULT_ENTRYPOINT_COMMAND
+	else
+	    echo -n "[INFO] Executing entrypoint command: "
+	    echo $@
+	    exec $@
+	fi 
+
+fi
+
--- a/base/files/sudoers
+++ b/base/files/sudoers
+#
+# This file MUST be edited with the 'visudo' command as root.
+#
+# Please consider adding local content in /etc/sudoers.d/ instead of
+# directly modifying this file.
+#
+# See the man page for details on how to write a sudoers file.
+#
+Defaults        env_reset
+Defaults        mail_badpass
+Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+
+# Host alias specification
+
+# User alias specification
+
+# Cmnd alias specification
+
+# User privilege specification
+root    ALL=(ALL:ALL) ALL
+
+# Members of the admin group may gain root privileges
+%admin ALL=(ALL) ALL
+
+# Allow members of group sudo to execute any command
+%sudo   ALL=(ALL:ALL) NOPASSWD:ALL
+
+# See sudoers(5) for more information on "#include" directives:
+
+#includedir /etc/sudoers.d
--- a/base/run.sh
+++ b/base/run.sh
+#!/bin/bash
+docker run -v$PWD/:/data -it base