add ssh variant

Mon-ius · Dec 3, 2024 · e1e897a · e1e897a
1 parent ad53259
commit e1e897a
Show file tree

Hide file tree

Showing 4 changed files with 125 additions and 1 deletion.
diff --git a/.github/workflows/build-ssh.yml b/.github/workflows/build-ssh.yml
@@ -0,0 +1,62 @@
+name: build-ssh
+
+on:
+  workflow_dispatch:
+  workflow_run:
+    workflows: ["build-deps"]
+    types:
+      - completed
+  push:
+    branches:
+      - "master"
+    paths:
+      - ".github/workflows/build-ssh.yml"
+      - "ssh/entrypoint.sh"
+      - "ssh/Dockerfile"
+
+jobs:
+  build-ssh:
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v4
+      -
+        name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      -
+        name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - 
+        name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+      - 
+        name: Convert tags to lowercase
+        run: |
+          dockerhub_tag="${{ secrets.DOCKERHUB_USERNAME }}"
+          ghcr_tag="ghcr.io/${{ github.repository_owner }}"
+          echo "dockerhub_tag=${dockerhub_tag,,}" >> $GITHUB_ENV
+          echo "ghcr_tag=${ghcr_tag,,}" >> $GITHUB_ENV
+      -
+        name: Build and push file
+        uses: docker/build-push-action@v6
+        with:
+          context: "{{defaultContext}}:ssh"
+          file: Dockerfile
+          push: true
+          platforms: linux/amd64, linux/arm64, linux/s390x, linux/riscv64, linux/arm
+          tags: |
+            ${{ env.dockerhub_tag }}/docker-yarn-dev:ssh
+            ${{ env.ghcr_tag }}/docker-yarn-dev:ssh
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -13,7 +13,6 @@ on:
       - ".github/workflows/build.yml"
       - "Dockerfile"
       - "entrypoint.sh"
-      - "deps/Dockerfile"
 
 jobs:
   build:

diff --git a/ssh/Dockerfile b/ssh/Dockerfile
@@ -0,0 +1,30 @@
+FROM monius/docker-yarn-dev:deps
+
+LABEL maintainer="M0nius <[email protected]>" \
+    debian-version="12.8" \
+    org.opencontainers.image.title="Docker-Yarn-Dev" \
+    org.opencontainers.image.description="Modern develop environment, just in box!" \
+    org.opencontainers.image.authors="M0nius <[email protected]>" \
+    org.opencontainers.image.vendor="M0nius Tech" \
+    org.opencontainers.image.version="1.0.0" \
+    org.opencontainers.image.url="https://hub.docker.com/r/monius/docker-yarn-dev" \
+    org.opencontainers.image.source="https://github.com/Mon-ius/Docker-Yarn-Dev" \
+    org.opencontainers.image.base.name="docker.io/monius/docker-yarn-dev"
+
+ENV APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=DontWarn
+ENV DEBIAN_FRONTEND=noninteractive
+ENV TZ="Europe/London"
+ENV PKG="openssh-server tmux vim zsh"
+
+RUN apt-get -qq update \
+    && apt-get -qq dist-upgrade -y \
+    && apt-get -qq install $PKG \
+    && apt-get -qq autoremove --purge \
+    && apt-get -qq autoclean \
+    && rm -rf /var/lib/apt/lists/* \
+    && rm -rf /tmp/*
+
+COPY entrypoint.sh /run/entrypoint.sh
+ENTRYPOINT ["/run/entrypoint.sh"]
+
+CMD ["dev-cli"]
diff --git a/ssh/entrypoint.sh b/ssh/entrypoint.sh
@@ -0,0 +1,33 @@
+#!/bin/sh
+
+set -e
+
+sleep 3
+
+_D_SERVER=example.com
+_D_PORT=62222
+_D_USER=dev
+_D_PUB_KEY='ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEi7rFoMjiucmU4g4pgTi1rTYsqgVi5wOs8KzDc0UZSE'
+
+D_SERVER="${D_SERVER:-$_D_SERVER}"
+D_PORT="${D_PORT:-$_D_PORT}"
+D_USER="${D_USER:-$_D_USER}"
+D_PUB_KEY="${D_PUB_KEY:-$_D_PUB_KEY}"
+
+if [ ! -e "/usr/bin/dev-cli" ]; then
+    echo "$D_USER ALL=(ALL) NOPASSWD:ALL" | sudo tee -a "/etc/sudoers.d/$D_USER"
+    sudo adduser --disabled-password --gecos "" "$D_USER" && echo "$D_USER:$D_PUB_KEY" | sudo chpasswd
+    sudo su "$D_USER" -c "
+        mkdir -p ~/.ssh &&
+        touch ~/.ssh/authorized_keys &&
+        echo $D_PUB_KEY >> ~/.ssh/authorized_keys &&
+        git clone --depth=1 https://github.com/AUTOM77/dotfile ~/.dotfile &&
+        mv ~/.dotfile/.zsh/.*  /home/$D_USER
+        rm -rf ~/.dotfile
+    "
+    sudo chsh -s "$(which zsh)" "${D_USER}"
+
+    echo "ssh -NCf -o GatewayPorts=true -o StrictHostKeyChecking=no -o ExitOnForwardFailure=yes -o ServerAliveInterval=10 -o ServerAliveCountMax=3 -R $D_PORT:127.0.0.1:22 tun@$D_SERVER" > /usr/bin/dev-cli && echo "/usr/sbin/sshd -D" >> /usr/bin/dev-cli chmod +x /usr/bin/dev-cli
+fi
+
+exec "$@"