diff --git a/Dockerfile b/Dockerfile index 693c56f..6c155bc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,13 +1,20 @@ FROM archlinux:latest +COPY ["./startup.sh","/"] + RUN echo 'Server = https://mirrors.tuna.tsinghua.edu.cn/archlinux/$repo/os/$arch' | \ cat - /etc/pacman.d/mirrorlist > /tmp/mirrorlist && \ mv /tmp/mirrorlist /etc/pacman.d/mirrorlist &&\ pacman -Syy --noconfirm &&\ pacman -Syu --noconfirm &&\ - pacman -Syu --noconfirm gdb gcc cmake make xmake vim clang glances htop which git + pacman -Syu --noconfirm gdb gcc cmake make xmake vim clang glances htop which git openssh &&\ + chmod +x /startup.sh + +COPY ["./sshd_config","/etc/ssh/"] LABEL "org.opencontainers.image.authors"="Santiago Torres-Arias (@SantiagoTorres), Christian Rebischke (@shibumi), Justin Kromlinger (@hashworks), ZengZiYu (@Zengtudor)" ENV "TZ"="Asia/Shanghai" EXPOSE 22 + +ENTRYPOINT ["/startup.sh"] diff --git a/README.md b/README.md index 73db5d4..edc0f32 100644 --- a/README.md +++ b/README.md @@ -1,13 +1,21 @@ # cpp-dev-env-docker >这是一个docker容器构建文件可以让你使用archlinux镜像构建出最新的C++开发环境。 - >适用于中国的网络环境镜像优化,使用了清华大学联合镜像库,设置了时区为北京时间。 +>有以下软件g++,gcc,gdb,clang,git,cmake,make,glances,which,htop,xmake,openssh +>你可以通过导出22端口连接容器 ->有以下软件g++,gcc,gdb,clang,git,cmake,make,glances,which,htop,xmake >This is a docker container build file that allows you to build the latest C++ development environment using archlinux images. - >It is suitable for China's network environment image optimization, using Tsinghua University joint image library, set the time zone to Beijing time. +>Have the following g + + software, GCC, GDB, clang, git, cmake, make glances, which, htop, xmake , openssh +>You can use port 22 to connect the container. ->Have the following g + + software, GCC, GDB, clang, git, cmake, make glances, which, htop, xmake \ No newline at end of file +``` +# /etc/ssh/sshd_config +... +PermitRootLogin yes +... +PasswordAuthentication yes +... +``` \ No newline at end of file diff --git a/sshd_config b/sshd_config new file mode 100644 index 0000000..a3f4939 --- /dev/null +++ b/sshd_config @@ -0,0 +1,117 @@ +# Include drop-in configurations +Include /etc/ssh/sshd_config.d/*.conf + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/local/sbin:/usr/local/bin:/usr/bin + +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options override the +# default value. + +#Port 22 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_ecdsa_key +#HostKey /etc/ssh/ssh_host_ed25519_key + +# Ciphers and keying +#RekeyLimit default none + +# Logging +#SyslogFacility AUTH +#LogLevel INFO + +# Authentication: + +#LoginGraceTime 2m +PermitRootLogin yes +#StrictModes yes +#MaxAuthTries 6 +#MaxSessions 10 + +#PubkeyAuthentication yes + +# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 +# but this is overridden so installations will only check .ssh/authorized_keys +AuthorizedKeysFile .ssh/authorized_keys + +#AuthorizedPrincipalsFile none + +#AuthorizedKeysCommand none +#AuthorizedKeysCommandUser nobody + +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# HostbasedAuthentication +#IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes + +# To disable tunneled clear text passwords, change to no here! +PasswordAuthentication yes +#PermitEmptyPasswords no + +# Change to no to disable s/key passwords +#KbdInteractiveAuthentication yes + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no + +# GSSAPI options +#GSSAPIAuthentication no +#GSSAPICleanupCredentials yes + +# Set this to 'yes' to enable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the KbdInteractiveAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via KbdInteractiveAuthentication may bypass +# the setting of "PermitRootLogin prohibit-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and KbdInteractiveAuthentication to 'no'. +#UsePAM no + +#AllowAgentForwarding yes +#AllowTcpForwarding yes +#GatewayPorts no +#X11Forwarding no +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PermitTTY yes +#PrintMotd yes +#PrintLastLog yes +#TCPKeepAlive yes +#PermitUserEnvironment no +#Compression delayed +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#UseDNS no +#PidFile /run/sshd.pid +#MaxStartups 10:30:100 +#PermitTunnel no +#ChrootDirectory none +#VersionAddendum none + +# no default banner path +#Banner none + +# override default of no subsystems +Subsystem sftp /usr/lib/ssh/sftp-server + +# Example of overriding settings on a per-user basis +#Match User anoncvs +# X11Forwarding no +# AllowTcpForwarding no +# PermitTTY no +# ForceCommand cvs server diff --git a/startup.sh b/startup.sh new file mode 100644 index 0000000..6e80742 --- /dev/null +++ b/startup.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +# 检查 /etc/ssh 目录下是否已有主机密钥 +if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then + echo "No SSH host key found, generating keys..." + ssh-keygen -A # 生成所有类型的主机密钥 +else + echo "SSH host key already exists, skipping key generation." +fi + +# 启动 SSH 守护进程 +/usr/sbin/sshd + +# 保持容器运行(进入交互式 bash) +exec /bin/bash