initial import

rootfs/app/entrypoint.sh

@@ -0,0 +1,35 @@
+#!/bin/sh
+
+USERNAME=${USERNAME:-borgstore}
+PUID=${PUID:-1000}
+GROUPNAME=${GROUPNAME:-borgstore}
+PGID=${PGID:-1000}
+DATADIR=/data
+SSH_PUBKEY=${SSH_PUBKEY:-}
+
+addgroup -g "${PGID}" "${GROUPNAME}"
+adduser -DH -h "${DATADIR}" -G "${GROUPNAME}" -u "${PUID}" "${USERNAME}"
+
+RANDOMPWD=$(tr -dc A-Za-z0-9 </dev/urandom | head -c 13)
+printf '%s\n%s' "${RANDOMPWD}" "${RANDOMPWD}" | passwd "${USERNAME}"
+
+chown "${PUID}:${GROUPNAME}" "${DATADIR}" -R
+find "${DATADIR}" -type d -exec chmod 0755 {} \;
+find "${DATADIR}" -type f -exec chmod 0644 {} \;
+
+echo "AllowUsers ${USERNAME}" > /etc/ssh/sshd_config.d/user.conf
+
+mkdir -p /ssh "${DATADIR}"
+for keytype in ecdsa rsa ed25519 ; do
+  if [ ! -r "/ssh/ssh_host_${keytype}_key" ] ; then
+    /usr/bin/ssh-keygen -t "${keytype}" -f "/ssh/ssh_host_${keytype}_key" -N ""
+  fi
+  chmod 0600 "/ssh/ssh_host_${keytype}_key"
+  chmod 0644 "/ssh/ssh_host_${keytype}_key.pub"
+done
+
+if [ ! -r /ssh/authorized_keys ]; then
+  echo "${SSH_PUBKEY}" > /ssh/authorized_keys
+fi
+
+/usr/sbin/sshd -eD