wip

Dockerfile

@@ -8,5 +8,25 @@ RUN apt-get update && \
             && \
     rm -rf /var/lib/apt/lists/*
 
-ENTRYPOINT ["/bin/bash"]
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+            openssh-server \
+            sudo \
+            && \
+    rm -rf /var/lib/apt/lists/* && \
+    echo "postgres   ALL = (ALL) NOPASSWD:ALL" >> /etc/sudoers && \
+    echo "X11Forwarding no" >> /etc/ssh/sshd_config && \
+    echo "PasswordAuthentication no" >> /etc/ssh/sshd_config && \
+    echo "StrictHostKeyChecking no" >> /etc/ssh/ssh_config && \
+    mkdir -p /var/lib/postgresql/.ssh && \
+    chmod 700 /var/lib/postgresql/.ssh && \
+    chown postgres: /var/lib/postgresql/.ssh && \
+    chmod g-w,o-w /var/lib/postgresql
+
+COPY --chmod=600 --chown=postgres authorized_keys id_ed25519 /var/lib/postgresql/.ssh/
+
+COPY --chmod=755 entrypoint.sh /usr/local/bin/
+
+ENTRYPOINT ["entrypoint.sh"]
+
 

authorized_keys

@@ -0,0 +1 @@
+ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILfsb4w8ZYhu/A1HFR/e59WpbKxejE8DkbdCpj6y/mbO postgres docker swarm

entrypoint.sh

@@ -0,0 +1,11 @@
+#!/usr/bin/env bash
+
+set -Eeo pipefail
+
+sudo service ssh start
+
+while true
+do
+  echo "$(date)"
+  sleep 3600
+done

id_ed25519

@@ -0,0 +1,7 @@
+-----BEGIN OPENSSH PRIVATE KEY-----
+b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW
+QyNTUxOQAAACC37G+MPGWIbvwNRxUf3ufVqWysXoxPA5G3QqY+sv5mzgAAAJgP2LF4D9ix
+eAAAAAtzc2gtZWQyNTUxOQAAACC37G+MPGWIbvwNRxUf3ufVqWysXoxPA5G3QqY+sv5mzg
+AAAEBhVUtZmAbot+VXJpY/IueHrCQeTDgClUTCepMJa1mqZbfsb4w8ZYhu/A1HFR/e59Wp
+bKxejE8DkbdCpj6y/mbOAAAAFXBvc3RncmVzIGRvY2tlciBzd2FybQ==
+-----END OPENSSH PRIVATE KEY-----