FROM alpine:latest RUN apk add --no-cache --update \ bash \ build-base \ coreutils \ curl \ findutils \ gcc \ libffi-dev \ musl-dev \ net-tools \ openrc \ openssh \ openssh-server \ openssh-sftp-server \ openssl-dev \ py-boto \ py2-pip \ python2-dev \ rsyslog \ sudo \ xz \ && pip install --upgrade pip \ && if ! getent passwd <%= @username %>; then \ adduser -h /home/<%= @username %> -s /bin/bash -D <%= @username %>; \ passwd -d <%= @username %>; \ fi \ && echo "<%= @username %> ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers \ && echo "Defaults !requiretty" >> /etc/sudoers \ && mkdir -p /home/<%= @username %>/.ssh \ && chown -R <%= @username %> /home/<%= @username %>/.ssh \ && chmod 0700 /home/<%= @username %>/.ssh \ && echo '<%= IO.read(@public_key).strip %>' >> /home/<%= @username %>/.ssh/authorized_keys \ && chown <%= @username %> /home/<%= @username %>/.ssh/authorized_keys \ && chmod 0600 /home/<%= @username %>/.ssh/authorized_keys \ && sed -ri 's/^#?PubkeyAuthentication\s+.*/PubkeyAuthentication yes/' /etc/ssh/sshd_config \ && sed -ri 's/^#?PasswordAuthentication\s+.*/PasswordAuthentication no/' /etc/ssh/sshd_config \ && sed -ri 's/^#?ChallengeResponseAuthentication\s+.*/ChallengeResponseAuthentication no/' /etc/ssh/sshd_config \ && sed -ri 's/^#?UsePrivilegeSeparation\s+.*/UsePrivilegeSeparation no/' /etc/ssh/sshd_config \ && echo "UseDNS=no" >> /etc/ssh/sshd_config \ && rc-update add sshd EXPOSE 22