Provides a Dokku Plugin for injecting SSH deployment keys as well as injecting hostkeys to the container
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
.editorconfig
.travis.yml Upgrade plugin for usage with 0.4.x Dec 12, 2016
LICENSE.txt Upgrade plugin for usage with 0.4.x Dec 12, 2016
Makefile Upgrade plugin for usage with 0.4.x Dec 12, 2016
README.md Upgrade plugin for usage with 0.4.x Dec 12, 2016
commands Simple fix to make deploymentkeys:delete work Dec 12, 2016
install Upgrade plugin for usage with 0.4.x Dec 12, 2016
plugin.toml
pre-build
pre-build-buildpack Add missing symlink Nov 18, 2015

README.md

SSH Deployment Keys Plugin for Dokku Build Status

Provides a Dokku Plugin for injecting SSH deployment keys to the container.

This is useful if you hide your sourcecode in private repositories at VCS providers such as GitHub or Bitbucket.

requirements

  • dokku 0.4.0+
  • docker 1.8.x

Optionally, if you need host keys to be added, install the host-keys plugin as well.

installation

# on 0.3.x
cd /var/lib/dokku/plugins
git clone https://github.com/cedricziel/dokku-deployment-keys.git deployment-keys
dokku plugins-install

# on 0.4.x
dokku plugin:install https://github.com/cedricziel/dokku-deployment-keys.git deployment-keys

How does it work?

On installation, this plugin generates a pair of SSH Keys (rsa, 2048b) and will echo the resulting public key. You can add this public key to your VCS Provider-which often allow read-only SSH keys to be added to a project for CI.

The exact command used for the key generation is ssh-keygen -q -t rsa -b 2048 -f "$shared_key_folder/id_rsa" -N ""

The generated key at this point is a shared one, which means it is valid for any app on your Dokku host.

After generation, every subsequent container being built will get the shared key injected if it doesnt have its own pair.

FAQ

Q: Can I replace it with an existing keypair?

A: Of course. But its a matter of lazyness. Every user-host combination should have its own keys so they can be revoked easily. Place existing ones in $DOKKU_ROOT/.deployment-keys/shared/.ssh. Be careful with the permissions.chmod 600` is mandatory for some ssh-executables and this is for a good reason!