Update compose to use static ssh keys

david · david · commit 4c4683a49b6e · 2020-09-12T12:34:10.000+01:00
This way rebuilding the docker container doesn't destroy its identity.
By copying the keys when the container starts, they won't be exposed through backing them into the image.
diff --git a/bin/update-compose b/bin/update-compose
@@ -0,0 +1,4 @@
+#!/bin/bash
+
+docker pull debian:testing
+docker-compose up -d --force-recreate --build
diff --git a/cheesycompose/Dockerfile b/cheesycompose/Dockerfile
@@ -38,4 +38,4 @@ VOLUME [ "/sys/fs/cgroup" ]
 
 STOPSIGNAL SIGRTMIN+3
 
-CMD ["/lib/systemd/systemd"]
+CMD ["sh", "-e", "-c", "cp -av /srv/cheesy.at/secrets/ssh/* /etc/ssh/; echo starting systemd; exec /lib/systemd/systemd"]

Original file line number	Diff line number	Diff line change
`@@ -38,4 +38,4 @@ VOLUME [ "/sys/fs/cgroup" ]`
`38`	`38`
`39`	`39`	`STOPSIGNAL SIGRTMIN+3`
`40`	`40`
`41`		`-CMD ["/lib/systemd/systemd"]`
	`41`	`+CMD ["sh", "-e", "-c", "cp -av /srv/cheesy.at/secrets/ssh/* /etc/ssh/; echo starting systemd; exec /lib/systemd/systemd"]`