Skip to content

Commit

Permalink
Implement ssh bootstrapper
Browse files Browse the repository at this point in the history
  • Loading branch information
@ckwalsh
ckwalsh committed Dec 28, 2020
1 parent f9515f0 commit 8740f22
Show file tree
Hide file tree
Showing 2 changed files with 34 additions and 0 deletions.
11 changes: 11 additions & 0 deletions bootstrapper/ssh/Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
FROM smallstep/step-cli:0.15.3

USER root
ENV USER_KEY="/var/run/autocert.step.sm/ssh_user_key"
ENV USER_CA="/var/run/autocert.step.sm/ssh_user_ca.pub"
ENV HOST_KEY="/var/run/autocert.step.sm/ssh_host_key"
ENV HOST_CA="/var/run/autocert.step.sm/ssh_host_ca.pub"

COPY bootstrapper/ssh/bootstrapper.sh /home/step/
RUN chmod +x /home/step/bootstrapper.sh
CMD ["/home/step/bootstrapper.sh"]
23 changes: 23 additions & 0 deletions bootstrapper/ssh/bootstrapper.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
#!/bin/sh

set -e

# Download the root certificate and set permissions
if [ "$STEP_HOST" == "" ];
then
KEY=$USER_KEY
else
KEY=$HOST_KEY
fi

step ca bootstrap -f

step ssh certificate $KEY_ID $KEY --insecure --no-password -f
chmod 644 $KEY $KEY.pub $KEY-cert.pub

unset STEP_TOKEN
unset STEP_HOST

STEP_HOST=false step ssh config --roots > $USER_CA
STEP_HOST=true step ssh config --roots > $HOST_CA
chmod 644 $USER_CA $HOST_CA

0 comments on commit 8740f22

Please sign in to comment.