Dockerfile.ssh

FROM golang:alpine as builder

RUN go env -w CGO_ENABLED=0

WORKDIR /build

COPY go.mod go.sum ./

RUN go mod download

COPY . .

RUN go build -trimpath -ldflags '-extldflags "-static -fpic" -s -w' -o rpc ./cmd/sshDev

FROM alpine:latest

RUN apk update && \
    apk upgrade --no-cache && \
    apk add --no-cache tzdata openssh-server && \
    cp /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \
    echo 'Asia/Shanghai' >/etc/timezone && \
    rm -rf /var/cache/apk/* && \
    sed -i 's/.*PermitRootLogin.*/PermitRootLogin no/' /etc/ssh/sshd_config && \
    sed -i 's/.*PubkeyAuthentication.*/PubkeyAuthentication yes/' /etc/ssh/sshd_config && \
    sed -i 's/.*PasswordAuthentication.*/PasswordAuthentication no/' /etc/ssh/sshd_config && \
    sed -i 's/.*PermitEmptyPasswords.*/PermitEmptyPasswords no/' /etc/ssh/sshd_config && \
    sed -i 's/.*KbdInteractiveAuthentication.*/KbdInteractiveAuthentication no/' /etc/ssh/sshd_config && \
    sed -i 's/.*X11Forwarding.*/X11Forwarding no/' /etc/ssh/sshd_config && \
    sed -i 's/.*AllowTcpForwarding.*/AllowTcpForwarding yes/' /etc/ssh/sshd_config && \
    sed -i 's/.*GatewayPorts.*/GatewayPorts yes/' /etc/ssh/sshd_config && \
    ssh-keygen -A

COPY --from=builder /build/rpc /usr/bin/rpc

RUN chmod 700 /usr/bin/rpc && \
    chown root /usr/bin/rpc && \
    addgroup -g 1001 -S common

WORKDIR /data

ENTRYPOINT [ "/usr/bin/rpc" ]