Dockerfile 1.2 KB

123456789101112131415161718192021222324252627282930313233343536
  1. FROM docker.io/alpine:3.15.0
  2. ARG BORGBACKUP_PACKAGE_VERSION=1.1.17-r1
  3. ARG OPENSSH_SERVER_PACKAGE_VERSION=8.8_p1-r1
  4. ARG TINI_PACKAGE_VERSION=0.19.0-r0
  5. ARG USER=borg
  6. ENV SSHD_HOST_KEYS_DIR=/etc/ssh/host_keys
  7. ENV REPO_PATH=/repository
  8. RUN apk add --no-cache \
  9. borgbackup="$BORGBACKUP_PACKAGE_VERSION" \
  10. openssh-server="$OPENSSH_SERVER_PACKAGE_VERSION" \
  11. tini=$TINI_PACKAGE_VERSION \
  12. && adduser -S -s /bin/ash "$USER" \
  13. && mkdir "$SSHD_HOST_KEYS_DIR" \
  14. && chown -c "$USER" "$SSHD_HOST_KEYS_DIR" \
  15. && mkdir "$REPO_PATH" \
  16. && chown -c "$USER" "$REPO_PATH"
  17. VOLUME $SSHD_HOST_KEYS_DIR
  18. VOLUME $REPO_PATH
  19. COPY sshd_config /etc/ssh/sshd_config
  20. EXPOSE 2200/tcp
  21. ENV SSH_CLIENT_PUBLIC_KEYS=
  22. ENV SSH_CLIENT_PUBLIC_KEYS_APPEND_ONLY=
  23. COPY entrypoint.sh /
  24. ENTRYPOINT ["/sbin/tini", "--", "/entrypoint.sh"]
  25. USER $USER
  26. CMD ["/usr/sbin/sshd", "-D", "-e"]
  27. # https://github.com/opencontainers/image-spec/blob/v1.0.1/annotations.md
  28. ARG REVISION=
  29. LABEL org.opencontainers.image.title="single-user openssh server restricted to borgbackup backend" \
  30. org.opencontainers.image.source="https://github.com/fphammerle/docker-borgbackup-sshd" \
  31. org.opencontainers.image.revision="$REVISION"