From 769a7f6f93ccd0985c674d932f7f64faf40e5531 Mon Sep 17 00:00:00 2001 From: Facundo Acevedo Date: Sat, 1 Jan 2022 23:25:52 -0300 Subject: [PATCH 1/4] Add pre-commit configuration file --- .pre-commit-config.yaml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 .pre-commit-config.yaml diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml new file mode 100644 index 0000000..f074867 --- /dev/null +++ b/.pre-commit-config.yaml @@ -0,0 +1,23 @@ +--- +repos: + - repo: https://github.com/pre-commit/pre-commit-hooks + rev: v3.2.0 + hooks: + - id: trailing-whitespace + - id: end-of-file-fixer + - id: check-yaml + - id: check-added-large-files + - id: check-case-conflict + - id: check-executables-have-shebangs + - id: check-json + - id: pretty-format-json + - id: detect-private-key + - repo: https://github.com/hadolint/hadolint + rev: v2.8.0 + hooks: + - id: hadolint + - repo: https://github.com/gruntwork-io/pre-commit + rev: v0.1.16 + hooks: + - id: shellcheck + exclude: ^(files/manifests/|templates/) From 610b77f976947255519a8494686ea33ff3c8abb9 Mon Sep 17 00:00:00 2001 From: Facundo Acevedo Date: Sat, 1 Jan 2022 23:28:47 -0300 Subject: [PATCH 2/4] Fix permissions --- .dockerignore | 0 .gitignore | 0 Dockerfile | 0 README.md | 0 4 files changed, 0 insertions(+), 0 deletions(-) mode change 100755 => 100644 .dockerignore mode change 100755 => 100644 .gitignore mode change 100755 => 100644 Dockerfile mode change 100755 => 100644 README.md diff --git a/.dockerignore b/.dockerignore old mode 100755 new mode 100644 diff --git a/.gitignore b/.gitignore old mode 100755 new mode 100644 diff --git a/Dockerfile b/Dockerfile old mode 100755 new mode 100644 diff --git a/README.md b/README.md old mode 100755 new mode 100644 From 845bca9e18719100fc8f043d5a3765107294afc3 Mon Sep 17 00:00:00 2001 From: Facundo Acevedo Date: Sat, 1 Jan 2022 23:30:33 -0300 Subject: [PATCH 3/4] Add newline --- .github/dependabot.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 3eb2e87..5737055 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -7,4 +7,4 @@ updates: directory: "/" schedule: # Check for updates to GitHub Actions every weekday - interval: "daily" \ No newline at end of file + interval: "daily" From 63f6ffc5d0bbe679482ae9c1e8b6e225892982b3 Mon Sep 17 00:00:00 2001 From: Facundo Acevedo Date: Sat, 1 Jan 2022 23:49:25 -0300 Subject: [PATCH 4/4] Pin alpine version to 3 Update deprecated maintainer syntax Pin packages to last version Eneble user in the same RUN that creates it --- Dockerfile | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/Dockerfile b/Dockerfile index 2896170..fd380f1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,17 +1,21 @@ -FROM alpine:latest -MAINTAINER b3vis +FROM alpine:3 +LABEL maintainer="b3vis" + #Install Borg & SSH -RUN apk add openssh sshfs borgbackup supervisor +RUN apk add --no-cache openssh=8.8_p1-r1 sshfs=3.7.2-r0 borgbackup=1.1.17-r2 supervisor=4.2.2-r2 RUN adduser -D -u 1000 borg && \ - mkdir /backups && \ + passwd -u borg && \ + mkdir -m 0700 /backups && \ chown borg.borg /backups && \ sed -i \ -e 's/^#PasswordAuthentication yes$/PasswordAuthentication no/g' \ -e 's/^PermitRootLogin without-password$/PermitRootLogin no/g' \ /etc/ssh/sshd_config + COPY supervisord.conf /etc/supervisord.conf COPY service.sh /usr/local/bin/service.sh -RUN passwd -u borg + EXPOSE 22 VOLUME /etc/ssh + CMD ["/usr/bin/supervisord"]