22 lines
743 B
Docker
22 lines
743 B
Docker
# Small base with package manager; Debian is straightforward
|
|
FROM debian:bookworm-slim
|
|
|
|
# Install OpenSSH client and basic tools
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
openssh-client ca-certificates curl \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
# Wrapper: copy key to an SSH location with 0600 perms, then exec ssh with args
|
|
RUN printf '%s\n' \
|
|
'#!/bin/sh' \
|
|
'set -eu' \
|
|
'mkdir -p /root/.ssh' \
|
|
'# If a key is mounted, install it with strict permissions' \
|
|
'if [ -f /mnt/keys/tunnel_ed25519 ]; then' \
|
|
' install -m 600 /mnt/keys/tunnel_ed25519 /root/.ssh/id_ed25519' \
|
|
'fi' \
|
|
'exec ssh "$@"' \
|
|
> /usr/local/bin/run-ssh && chmod +x /usr/local/bin/run-ssh
|
|
|
|
ENTRYPOINT ["/usr/local/bin/run-ssh"]
|