-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
65 lines (46 loc) · 1.63 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
FROM centos/systemd
MAINTAINER Melih Savdert <[email protected]>
# Update the operating system
RUN yum makecache fast \
&& yum -y install epel-release \
&& yum -y update
# Install necessary packages
RUN ["yum", "-y", "install", \
"vim", \
"which", \
"sudo", \
"openssh", \
"openssh-server", \
"openssh-clients", \
"openssl-libs", \
"net-tools", \
"ansible", \
"python-pip"]
# Clean the yum cache
RUN ["yum", "clean", "all"]
# Enable sshd service
RUN systemctl enable sshd
# Add ansible infrastructure owner
RUN ["groupadd", "--force", "ansible"]
RUN useradd --create-home -g ansible ansible
# Give ansible user passwords
RUN echo "ansible:ansible" | chpasswd
# Create SSH shared key directory for the ansible user
RUN ["mkdir", "-p", "-m", "0700", "/home/ansible/.ssh/"]
# Generate SSH shared keys for the ansible user
RUN ssh-keygen -q -C '' -N '' -f /home/ansible/.ssh/id_rsa
# Create the authorized_keys file for the ansible user
RUN cat /home/ansible/.ssh/id_rsa.pub > /home/ansible/.ssh/authorized_keys
# Change ownership of the SSH shared key files for the ansible user
RUN chown -R ansible:ansible /home/ansible/.ssh
# Change permissions of the authorized_keys file for the ansible user
RUN ["chmod", "0640", "/home/ansible/.ssh/authorized_keys"]
# Generate SSH host ECDSA shared keys
RUN ssh-keygen -q -C '' -N '' -t ecdsa -f /etc/ssh/ssh_host_ecdsa_key
RUN echo "ansible ALL=(ALL) NOPASSWD:ALL" | tee -a /etc/sudoers
RUN chown -R ansible:ansible /etc/ansible/
# Set the environment variables
ENV HOME /root
# Working directory
WORKDIR /root
CMD ["/usr/sbin/init"]