Merge pull request #16 from jdeathe/master

Release changes ready for centos-6-1.3.0

Dockerfile

@@ -1,31 +1,41 @@
 # =============================================================================
 # jdeathe/centos-ssh
 #
-# CentOS-6 6.6 x86_64 / EPEL Repo. / OpenSSH / Supervisor.
+# CentOS-6 6.6 x86_64 / EPEL/IUS Repos. / OpenSSH / Supervisor.
 # 
 # =============================================================================
 FROM centos:centos6.6
 
 MAINTAINER James Deathe <[email protected]>
 
 # -----------------------------------------------------------------------------
-# Import the Centos-6 RPM GPG key to prevent warnings and Add EPEL Repository
+# Import the RPM GPG keys and install Repositories
 # -----------------------------------------------------------------------------
 RUN rpm --import http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-6 \
 	&& rpm --import http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6 \
-	&& rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
+	&& rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm \
+	&& rpm --import https://dl.iuscommunity.org/pub/ius/IUS-COMMUNITY-GPG-KEY \
+	&& rpm -Uvh https://dl.iuscommunity.org/pub/ius/stable/CentOS/6/x86_64/ius-release-1.0-14.ius.centos6.noarch.rpm
 
 # -----------------------------------------------------------------------------
 # Base Install
 # -----------------------------------------------------------------------------
 RUN yum -y install \
+	vim-minimal-7.2.411-1.8.el6 \
+	sudo-1.8.6p3-15.el6 \
+	openssh-5.3p1-104.el6_6.1 \
+	openssh-server-5.3p1-104.el6_6.1 \
+	openssh-clients-5.3p1-104.el6_6.1 \
+	python-pip-1.3.1-4.el6 \
+	yum-plugin-versionlock-1.1.30-30.el6 \
+	&& yum versionlock add \
 	vim-minimal \
 	sudo \
 	openssh \
 	openssh-server \
 	openssh-clients \
 	python-pip \
-	&& yum -y update bash \
+	yum-plugin-versionlock \
 	&& rm -rf /var/cache/yum/* \
 	&& yum clean all
 
@@ -35,7 +45,7 @@ RUN yum -y install \
 # We require supervisor-stdout to allow output of services started by 
 # supervisord to be easily inspected with "docker logs".
 # -----------------------------------------------------------------------------
-RUN pip install --upgrade 'pip >= 1.4, < 1.5' \
+RUN pip install --upgrade 'pip == 1.4.1' \
 	&& pip install --upgrade supervisor supervisor-stdout \
 	&& mkdir -p /var/log/supervisor/
 

README-short.txt

@@ -1 +1 @@
-CentOS-6 6.6 x86_64 / EPEL Repo. / OpenSSH / Supervisor.
+CentOS-6 6.6 x86_64 / EPEL/IUS Repos / OpenSSH / Supervisor.

README.md

@@ -9,7 +9,7 @@ Includes public key authentication, Automated password generation, supports cust
 
 The [Dockerfile](https://github.com/jdeathe/centos-ssh/blob/centos-6/Dockerfile) can be used to build a base image that is the bases for several other docker images.
 
-Included in the build is the EPEL repository and SSH, vi and are installed along with python-pip, supervisor and supervisor-stdout.
+Included in the build is the EPEL repository, the IUS repository and SSH, vi and are installed along with python-pip, supervisor and supervisor-stdout.
 
 [Supervisor](http://supervisord.org/) is used to start and the sshd daemon when a docker container based on this image is run. To enable simple viewing of stdout for the sshd subprocess, supervisor-stdout is included. This allows you to see output from the supervisord controlled subprocesses with `docker logs <docker-container-name>`.
 
@@ -35,10 +35,10 @@ $ docker run -d \
 Create a "data volume" for configuration, this allows you to share the same configuration between multiple docker containers and, by mounting a host directory into the data volume you can override the default configuration files provided.
 
 Make a directory on the docker host for storing container configuration files. This directory needs to contain at least the following files:
-- authorized_keys
-- ssh-bootstrap.conf
-- sshd_config
-- supervisord.conf
+- [ssh/authorized_keys](https://github.com/jdeathe/centos-ssh/blob/centos-6/etc/services-config/ssh/authorized_keys)
+- [ssh/ssh-bootstrap.conf](https://github.com/jdeathe/centos-ssh/blob/centos-6/etc/services-config/ssh/ssh-bootstrap.conf)
+- [ssh/sshd_config](https://github.com/jdeathe/centos-ssh/blob/centos-6/etc/services-config/ssh/sshd_config)
+- [supervisor/supervisord.conf](https://github.com/jdeathe/centos-ssh/blob/centos-6/etc/services-config/supervisor/supervisord.conf)
 
 ```
 $ mkdir -p /etc/services-config/ssh.pool-1
@@ -49,7 +49,8 @@ Create the data volume, mounting our docker host's configuration directory to /e
 ```
 $ docker run \
   --name volume-config.ssh.pool-1.1.1 \
-  -v /etc/services-config/ssh.pool-1:/etc/services-config/ssh \
+  -v /etc/services-config/ssh.pool-1/ssh:/etc/services-config/ssh \
+  -v /etc/services-config/ssh.pool-1/supervisor:/etc/services-config/supervisor \
   busybox:latest \
   /bin/true
 ```
@@ -143,7 +144,7 @@ The following example shows how to copy your file to a remote docker host:
 
 ```
 $ scp ~/.ssh/id_rsa.pub \
-  <docker-host-user>@<docker-host-ip>:/etc/services-config/ssh.pool-1/authorized_keys
+  <docker-host-user>@<docker-host-ip>:/etc/services-config/ssh.pool-1/ssh/authorized_keys
 ```
 
 #### [ssh/ssh-bootstrap.conf](https://github.com/jdeathe/centos-ssh/blob/centos-6/etc/services-config/ssh/ssh-bootstrap.conf)

build.sh

@@ -1,8 +1,8 @@
 #!/usr/bin/env bash
 
 # Change working directory
-DIR_PATH="$( cd "$( echo "${0%/*}" )"; pwd )"
-if [[ $DIR_PATH == */* ]]; then
+DIR_PATH="$( if [ "$( echo "${0%/*}" )" != "$( echo "${0}" )" ] ; then cd "$( echo "${0%/*}" )"; fi; pwd )"
+if [[ $DIR_PATH == */* ]] && [[ $DIR_PATH != "$( pwd )" ]] ; then
 	cd $DIR_PATH
 fi
 

etc/ssh-bootstrap

@@ -28,8 +28,13 @@ if [[ ! -d ${OPTS_SSH_USER_HOME_DIR}/.ssh ]]; then
 	echo "Initialise SSH..."
 
 	# Generate new host keys
-	ssh-keygen -q -N "" -t rsa -f /etc/ssh/ssh_host_rsa_key
-	ssh-keygen -q -N "" -t dsa -f /etc/ssh/ssh_host_dsa_key
+	rm -f /etc/ssh/{ssh_host_rsa_key,ssh_host_rsa_key.pub,ssh_host_dsa_key,ssh_host_dsa_key.pub}
+	ssh-keygen -q -C "" -N "" -t rsa -f /etc/ssh/ssh_host_rsa_key
+	ssh-keygen -q -C "" -N "" -t dsa -f /etc/ssh/ssh_host_dsa_key
+	if [ -x /sbin/restorecon ]; then
+		/sbin/restorecon /etc/ssh/ssh_host_rsa_key.pub
+		/sbin/restorecon /etc/ssh/ssh_host_dsa_key.pub
+	fi
 
 	useradd -u 500 -m -G users,wheel ${OPTS_SSH_USER}
 

run.conf

@@ -8,6 +8,10 @@ SERVICE_UNIT_LOCAL_ID=1
 SERVICE_UNIT_INSTANCE=1
 
 MOUNT_PATH_CONFIG=/etc/services-config
+# Mac hosts need to be in User writable directory
+if [ "$(uname)" == "Darwin" ]; then
+	MOUNT_PATH_CONFIG=~/services-config
+fi
 
 DOCKER_IMAGE_REPOSITORY_NAME=${DOCKER_USER}/${DOCKER_IMAGE_NAME}:${DOCKER_IMAGE_TAG}
 DOCKER_NAME=${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP}.${SERVICE_UNIT_LOCAL_ID}.${SERVICE_UNIT_INSTANCE}

run.sh

@@ -1,7 +1,7 @@
 #!/usr/bin/env bash
 
-DIR_PATH="$( cd "$( echo "${0%/*}" )"; pwd )"
-if [[ $DIR_PATH == */* ]]; then
+DIR_PATH="$( if [ "$( echo "${0%/*}" )" != "$( echo "${0}" )" ] ; then cd "$( echo "${0%/*}" )"; fi; pwd )"
+if [[ $DIR_PATH == */* ]] && [[ $DIR_PATH != "$( pwd )" ]] ; then
 	cd $DIR_PATH
 fi
 
@@ -11,7 +11,7 @@ have_docker_container_name ()
 {
 	NAME=$1
 
-	if [[ -n $(docker ps -a | grep -v -e "${NAME}/.*,.*" | grep -o ${NAME}) ]]; then
+	if [[ -n $(docker ps -a | awk -v pattern="^${NAME}$" '$NF ~ pattern { print $NF; }') ]]; then
 		return 0
 	else
 		return 1
@@ -22,7 +22,7 @@ is_docker_container_name_running ()
 {
 	NAME=$1
 
-	if [[ -n $(docker ps | grep -v -e "${NAME}/.*,.*" | grep -o ${NAME}) ]]; then
+	if [[ -n $(docker ps | awk -v pattern="^${NAME}$" '$NF ~ pattern { print $NF; }') ]]; then
 		return 0
 	else
 		return 1
@@ -46,10 +46,35 @@ remove_docker_container_name ()
 # Configuration volume
 if [ ! "${VOLUME_CONFIG_NAME}" == "$(docker ps -a | grep -v -e \"${VOLUME_CONFIG_NAME}/.*,.*\" | grep -e '[ ]\{1,\}'${VOLUME_CONFIG_NAME} | grep -o ${VOLUME_CONFIG_NAME})" ]; then
 (
+CONTAINER_MOUNT_PATH_CONFIG=${MOUNT_PATH_CONFIG}/${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP}
+
+# The Docker Host needs the target configuration directories
+
+if [ ! -d ${CONTAINER_MOUNT_PATH_CONFIG}/ssh ]; then
+       CMD=$(mkdir -p ${CONTAINER_MOUNT_PATH_CONFIG}/ssh)
+       $CMD || sudo $CMD
+fi
+
+if [[ ! -n $(find ${CONTAINER_MOUNT_PATH_CONFIG}/ssh -maxdepth 1 -type f) ]]; then
+       CMD=$(cp -R etc/services-config/ssh/ ${CONTAINER_MOUNT_PATH_CONFIG}/ssh/)
+       $CMD || sudo $CMD
+fi
+
+if [ ! -d ${CONTAINER_MOUNT_PATH_CONFIG}/supervisor ]; then
+       CMD=$(mkdir -p ${CONTAINER_MOUNT_PATH_CONFIG}/supervisor)
+       $CMD || sudo $CMD
+fi
+
+if [[ ! -n $(find ${CONTAINER_MOUNT_PATH_CONFIG}/supervisor -maxdepth 1 -type f) ]]; then
+       CMD=$(cp -R etc/services-config/supervisor/ ${CONTAINER_MOUNT_PATH_CONFIG}/supervisor/)
+       $CMD || sudo $CMD
+fi
+
 set -x
 docker run \
 	--name ${VOLUME_CONFIG_NAME} \
-	-v ${MOUNT_PATH_CONFIG}/${SERVICE_UNIT_NAME}.${SERVICE_UNIT_SHARED_GROUP}:/etc/services-config/ssh \
+       -v ${CONTAINER_MOUNT_PATH_CONFIG}/ssh:/etc/services-config/ssh \
+       -v ${CONTAINER_MOUNT_PATH_CONFIG}/supervisor:/etc/services-config/supervisor \
 	busybox:latest \
 	/bin/true;
 )
@@ -70,6 +95,6 @@ docker run \
 )
 
 if is_docker_container_name_running ${DOCKER_NAME} ; then
-	docker ps | grep -v -e "${DOCKER_NAME}/.*,.*" | grep ${DOCKER_NAME}
+	docker ps | awk -v pattern="${DOCKER_NAME}$" '$NF ~ pattern { print $0 ; }'
 	echo " ---> Docker container running."
 fi