90 lines
2.8 KiB
Markdown
90 lines
2.8 KiB
Markdown
# Custom Alpine Image
|
|
|
|
This repository contains the necessary files to build a customizable Alpine Linux Docker image. The image can be configured at runtime by providing a `sysconfig.toml` file.
|
|
|
|
## How to build the image
|
|
|
|
To build the Docker image, run the following command from the root of this repository:
|
|
|
|
```sh
|
|
docker build -t alpine-customizable .
|
|
```
|
|
|
|
## How to configure the image
|
|
|
|
You can configure the container at runtime by mounting a `sysconfig.toml` file at `/etc/sysconfig.toml`.
|
|
|
|
```sh
|
|
docker run -it --rm -v ./sysconfig.toml:/etc/sysconfig.toml alpine-customizable
|
|
```
|
|
|
|
The `sysconfig.toml` file supports the following sections for configuration:
|
|
|
|
### `[general]`
|
|
|
|
This section is used for general system-wide settings.
|
|
|
|
- `packages`: A list of strings specifying additional Alpine packages to install using `apk add`.
|
|
|
|
*Example:*
|
|
```toml
|
|
[general]
|
|
packages = ["openssh-server", "curl"]
|
|
```
|
|
|
|
### `[users]`
|
|
|
|
This section allows you to define users that will be created on the container. Each user is defined in a sub-section using the format `[users.username]`.
|
|
|
|
The following keys are supported for each user:
|
|
|
|
- `password` (optional): A string to set the user's password.
|
|
- `pubkeys` (optional): A list of public SSH keys (strings) to add to the user's `~/.ssh/authorized_keys` file, enabling key-based authentication.
|
|
|
|
*Example:*
|
|
```toml
|
|
[users.dmitry]
|
|
password = "a-secure-password"
|
|
pubkeys = [
|
|
"ssh-rsa AAAA...",
|
|
"ssh-ed25519 AAAA..."
|
|
]
|
|
```
|
|
|
|
### `[groups]`
|
|
|
|
This section allows you to define groups and manage their members. Each group is defined in a sub-section using the format `[groups.groupname]`.
|
|
|
|
The following keys are supported for each group:
|
|
|
|
- `users`: A list of usernames to be added to this group. These users should typically be defined in the `[users]` section or already exist on the system.
|
|
|
|
*Example:*
|
|
```toml
|
|
[groups.sftp-users]
|
|
users = ["dmitry"]
|
|
```
|
|
|
|
### `[configs]`
|
|
|
|
This section allows you to create arbitrary configuration files on the container's filesystem. Each file is defined in a sub-section where the name is the full, quoted path to the file, e.g., `[configs."/etc/motd"]`.
|
|
|
|
The following keys are supported for each file:
|
|
|
|
- `body` (required): A string (often a multi-line string) containing the content of the file.
|
|
- `permissions` (optional): An integer representing the file permissions in standard Linux octal notation (e.g., `644`, `755`).
|
|
- `owner` (optional): A string in `"user:group"` format to set the file's ownership.
|
|
|
|
*Example:*
|
|
```toml
|
|
[configs."/etc/ssh/sshd_config.d/sftp.conf"]
|
|
body = """
|
|
Match group sftp-users
|
|
ChrootDirectory /chroot
|
|
ForceCommand internal-sftp
|
|
AllowTcpForwarding no
|
|
"""
|
|
permissions = 644
|
|
owner = "root:root"
|
|
```
|