Extract ssh.zip to /root/.ssh/zip at startup

2025-12-28 06:12:35 +00:00
parent d22818669f
commit c76afb2380
2 changed files with 34 additions and 3 deletions
--- a/apps/rego-tunnel/build/Dockerfile
+++ b/apps/rego-tunnel/build/Dockerfile
@@ -2,10 +2,10 @@ FROM ubuntu:24.04
 ENV DEBIAN_FRONTEND=noninteractive
-RUN apt-get update && apt-get install -y     qemu-system-x86     qemu-utils     novnc     websockify     openssh-server     supervisor     iproute2     bridge-utils     iptables     net-tools     && rm -rf /var/lib/apt/lists/*
+RUN apt-get update && apt-get install -y qemu-system-x86 qemu-utils novnc websockify openssh-server supervisor iproute2 bridge-utils iptables nano net-tools && rm -rf /var/lib/apt/lists/*
 # Setup SSH
-RUN mkdir /var/run/sshd &&     echo 'root:vmpassword' | chpasswd &&     sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
+RUN mkdir /var/run/sshd && echo 'root:vmpassword' | chpasswd && sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
 WORKDIR /vm
--- a/apps/rego-tunnel/build/start-vm.sh
+++ b/apps/rego-tunnel/build/start-vm.sh
@@ -1,5 +1,36 @@
 #!/bin/bash
 set -euo pipefail
 # If provided, extract ssh.zip to /root/.ssh/zip (not baked into the image)
 SSH_ZIP_PATH="/shared/ssh.zip"
 SSH_ZIP_DEST="/root/.ssh/zip"
 if [ -f "$SSH_ZIP_PATH" ]; then
 	mkdir -p "$SSH_ZIP_DEST"
 	chmod 700 /root/.ssh
 	chmod 700 "$SSH_ZIP_DEST"
 	echo "[rego-tunnel] Extracting $SSH_ZIP_PATH -> $SSH_ZIP_DEST"
 	7z x -y -o"$SSH_ZIP_DEST" "$SSH_ZIP_PATH" >/dev/null
 	find "$SSH_ZIP_DEST" -type d -exec chmod 700 {} \;
 	find "$SSH_ZIP_DEST" -type f -exec chmod 600 {} \;
 else
 	echo "[rego-tunnel] No $SSH_ZIP_PATH found; skipping SSH zip extraction"
 fi
 # Wait for network setup
 sleep 2
-exec qemu-system-x86_64     -enable-kvm     -cpu host     -m ${VM_RAM:-8G}     -smp ${VM_CPUS:-4}     -hda /vm/linux-vm.qcow2     -netdev tap,id=net0,ifname=tap0,script=no,downscript=no     -device virtio-net-pci,netdev=net0,mac=52:54:00:12:34:56     -vnc :0     -vga virtio     -usb     -device usb-tablet
+exec qemu-system-x86_64 \
 	-enable-kvm \
 	-cpu host \
 	-m ${VM_RAM:-8G} \
 	-smp ${VM_CPUS:-4} \
 	-hda /vm/linux-vm.qcow2 \
 	-netdev tap,id=net0,ifname=tap0,script=no,downscript=no \
 	-device virtio-net-pci,netdev=net0,mac=52:54:00:12:34:56 \
 	-vnc :0 \
 	-vga virtio \
 	-usb \
 	-device usb-tablet