1234567891011121314151617181920212223242526272829303132333435363738394041 |
- FROM docker.io/alpine:3.20.2
- # https://www.borgbackup.org/releases/
- # https://git.alpinelinux.org/aports/log/community/borgbackup?h=3.20-stable
- ARG BORGBACKUP_PACKAGE_VERSION=1.2.8-r1
- # https://www.openssh.com/releasenotes.html
- # https://git.alpinelinux.org/aports/log/main/openssh?h=3.20-stable
- ARG OPENSSH_SERVER_PACKAGE_VERSION=9.7_p1-r4
- # https://git.alpinelinux.org/aports/log/community/tini?h=3.20-stable
- ARG TINI_PACKAGE_VERSION=0.19.0-r3
- ARG USER=borg
- ENV SSHD_HOST_KEYS_DIR=/etc/ssh/host_keys
- ENV REPO_PATH=/repository
- RUN apk add --no-cache \
- borgbackup="$BORGBACKUP_PACKAGE_VERSION" \
- openssh-server="$OPENSSH_SERVER_PACKAGE_VERSION" \
- tini=$TINI_PACKAGE_VERSION \
- && adduser -S -s /bin/ash "$USER" \
- && mkdir "$SSHD_HOST_KEYS_DIR" \
- && chown -c "$USER" "$SSHD_HOST_KEYS_DIR" \
- && mkdir "$REPO_PATH" \
- && chown -c "$USER" "$REPO_PATH"
- VOLUME $SSHD_HOST_KEYS_DIR
- VOLUME $REPO_PATH
- COPY sshd_config /etc/ssh/sshd_config
- EXPOSE 2200/tcp
- ENV SSH_CLIENT_PUBLIC_KEYS=
- ENV SSH_CLIENT_PUBLIC_KEYS_APPEND_ONLY=
- COPY entrypoint.sh /
- ENTRYPOINT ["/sbin/tini", "--", "/entrypoint.sh"]
- USER $USER
- CMD ["/usr/sbin/sshd", "-D", "-e"]
- # https://github.com/opencontainers/image-spec/blob/v1.0.1/annotations.md
- ARG REVISION=
- LABEL org.opencontainers.image.title="single-user openssh server restricted to borgbackup backend" \
- org.opencontainers.image.source="https://github.com/fphammerle/docker-borgbackup-sshd" \
- org.opencontainers.image.revision="$REVISION"
|