0k
/
0k-charms
6
3
Fork 2
Code Issues 11 Pull Requests 5 Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
638 Commits
27 Branches
14 Tags
41 MiB
Tree: 1bf4d44396
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '1bf4d44396'
${ noResults }
0k-charms/rsync-backup-target/build/Dockerfile

34 lines
986 B
Raw Normal View History

new: [rsync-backup-target] a key identifier is now required and enforced The key identifier will be used to fence each key in its own folder. Signed-off-by: Valentin Lab <valentin.lab@kalysto.org>
4 years ago
new: [rsync-backup-target] new charm.
8 years ago
new: [rsync-backup-target] add rotated logs for ssh validation and each rsync session Signed-off-by: Valentin Lab <valentin.lab@kalysto.org>
3 years ago
new: [rsync-backup-target] add recover key mechanism This allows to get a one-time credential to have read access on specified backup slot. Signed-off-by: Valentin Lab <valentin.lab@kalysto.org>
3 years ago
new: [rsync-backup-target] add ``ssh-key {enable|disable} IDENT`` admin command
1 month ago
new: [rsync-backup-target] a key identifier is now required and enforced The key identifier will be used to fence each key in its own folder. Signed-off-by: Valentin Lab <valentin.lab@kalysto.org>
4 years ago
new: [rsync-backup-target] new charm.
8 years ago
new: [rsync-backup-target] add rotated logs for ssh validation and each rsync session Signed-off-by: Valentin Lab <valentin.lab@kalysto.org>
3 years ago
new: [rsync-backup-target] a key identifier is now required and enforced The key identifier will be used to fence each key in its own folder. Signed-off-by: Valentin Lab <valentin.lab@kalysto.org>
4 years ago
new: [rsync-backup-target] add rotated logs for ssh validation and each rsync session Signed-off-by: Valentin Lab <valentin.lab@kalysto.org>
3 years ago
new: [rsync-backup-target] new charm.
8 years ago
fix: dev: typo !minor Signed-off-by: Valentin Lab <valentin.lab@kalysto.org>
3 years ago
new: [rsync-backup-target] a key identifier is now required and enforced The key identifier will be used to fence each key in its own folder. Signed-off-by: Valentin Lab <valentin.lab@kalysto.org>
4 years ago
new: [rsync-backup-target] new charm.
8 years ago
new: [rsync-backup-target] a key identifier is now required and enforced The key identifier will be used to fence each key in its own folder. Signed-off-by: Valentin Lab <valentin.lab@kalysto.org>
4 years ago
new: [rsync-backup-target] new charm.
8 years ago
  1. FROM alpine:3.9
  3. MAINTAINER Valentin Lab <valentin.lab@kalysto.org>
  5. ## coreutils is for ``date`` support of ``--rfc-3339=seconds`` argument.
  6. ## findutils is for ``find`` support of ``--newermt`` argument.
  7. ## gawk is for ``awk`` support of unicode strings.
  8. RUN apk add rsync sudo bash openssh-server coreutils findutils gawk
  9. RUN ssh-keygen -A
  11. ## New user/group rsync/rsync with home dir in /var/lib/rsync
  12. RUN mkdir -p /var/lib/rsync /var/log/rsync && \
  13. addgroup -S rsync && \
  14. adduser -S rsync -h /var/lib/rsync -G rsync && \
  15. chown rsync:rsync /var/lib/rsync /var/log/rsync
  17. ## Without this, account is considered locked by SSH
  18. RUN sed -ri 's/^rsync:!:/rsync:*NP*:/g' /etc/shadow
  20. ## Withouth this, force-command will not run
  21. RUN sed -ri 's%^(rsync.*:)[^:]+$%\1/bin/bash%g' /etc/passwd
  23. ## Allow rsync to access /var/mirror
  24. COPY /src /
  26. RUN chmod 440 /etc/sudoers.d/*
  28. RUN mkdir /var/run/sshd
  30. COPY ./entrypoint.sh /entrypoint.sh
  32. EXPOSE 22
  34. ENTRYPOINT [ "/entrypoint.sh" ]