persistent host key support

Author: NilsGolembiewski

.github/workflows/build.yml

@@ -4,11 +4,13 @@ on:
   schedule:
     - cron: "0 0 1 * *" # every month
   push:
+    branches:
+      - master
+      - feature/persistent-host-key-support
     paths-ignore:
       - "*.md"
       - "*.txt"
       - "*.png"
-  pull_request:
 
 env:
   IMAGE_NAME: ghcr.io/techonomydev/atmoz-sftp

Dockerfile

@@ -13,6 +13,9 @@ RUN apt-get update && \
 COPY files/sshd_config /etc/ssh/sshd_config
 COPY files/create-sftp-user /usr/local/bin/
 COPY files/entrypoint /
+COPY files/startup_scripts/load_env_host_key.bash /etc/sftp.d/load_env_host_key.bash
+
+RUN chmod +x /etc/sftp.d/*
 
 EXPOSE 22
 

Dockerfile-port-2222

@@ -13,6 +13,9 @@ RUN apt-get update && \
 COPY files/sshd_config_2222 /etc/ssh/sshd_config
 COPY files/create-sftp-user /usr/local/bin/
 COPY files/entrypoint /
+COPY files/startup_scripts/load_env_host_key.bash /etc/sftp.d/load_env_host_key.bash
+
+RUN chmod +x /etc/sftp.d/*
 
 EXPOSE 2222
 

files/startup_scripts/load_env_host_key.bash

@@ -0,0 +1,21 @@
+#!/bin/bash
+
+if [[ -n "$SSH_HOST_ED25519_KEY_B64" ]]; then
+    echo "Decoding and setting up ED25519 host key..."
+    echo "$SSH_HOST_ED25519_KEY_B64" | base64 -d > /etc/ssh/ssh_host_ed25519_key
+    ssh-keygen -y -f /etc/ssh/ssh_host_ed25519_key > /etc/ssh/ssh_host_ed25519_key.pub
+    chmod 600 /etc/ssh/ssh_host_ed25519_key
+    echo "ED25519 host key setup complete."
+else
+    echo "No ED25519 host key provided."
+fi
+
+if [[ -n "$SSH_HOST_RSA_KEY_B64" ]]; then
+    echo "Decoding and setting up RSA host key..."
+    echo "$SSH_HOST_RSA_KEY_B64" | base64 -d > /etc/ssh/ssh_host_rsa_key
+    ssh-keygen -y -f /etc/ssh/ssh_host_rsa_key > /etc/ssh/ssh_host_rsa_key.pub
+    chmod 600 /etc/ssh/ssh_host_rsa_key
+    echo "RSA host key setup complete."
+else
+    echo "No RSA host key provided."
+fi