atsign-foundation · JeremyTubongbanua · Jun 28, 2023 · May 24, 2023 · May 24, 2023 · May 24, 2023
diff --git a/Dockerfile b/Dockerfile
@@ -5,32 +5,34 @@ WORKDIR /app
 COPY . .
 RUN \
   set -eux ; \
-  mkdir -p $BINARYDIR ; \
+  mkdir -p ${BINARYDIR} ; \
   dart pub get ; \
   dart pub update ; \
-  dart compile exe bin/sshnpd.dart -o $BINARYDIR/sshnpd
+  dart compile exe bin/sshnpd.dart -o ${BINARYDIR}/sshnpd
 
 # Second stage of build FROM debian-slim
-FROM debian:stable-20230612-slim@sha256:b09f68bffcf9c14f3105f262e92321d05abaf48460d1f43f884325bcd4395b95
-ENV HOMEDIR=/atsign
+FROM debian:stable-20230522-slim@sha256:d828cca5497a2519da9c6d42372066895fa28a69f1e8a46a38ce8f750bd2adf0
+ENV USER=atsign
+ENV HOMEDIR=/${USER}
 ENV BINARYDIR=/usr/local/at
 ENV USER_ID=1024
 ENV GROUP_ID=1024
-COPY --from=buildimage  /app/.startup.sh /atsign/
-RUN  \
+COPY --from=buildimage /app/.startup.sh ${HOMEDIR}/
+RUN \
    set -eux ; \
    apt-get update && apt-get install -y openssh-server sudo iputils-ping iproute2 ncat telnet net-tools nmap iperf3 tmux traceroute vim;\
-   addgroup --gid $GROUP_ID atsign ; \
-   useradd --system --uid $USER_ID --gid $GROUP_ID --shell /bin/bash  --home $HOMEDIR atsign ; \
-   mkdir -p $HOMEDIR/.atsign/keys ; \
-   mkdir -p $HOMEDIR/.ssh ; \
-   touch $HOMEDIR/.ssh/authorized_keys ; \
-   chown -R atsign:atsign $HOMEDIR ; \
-   chmod 600 $HOMEDIR/.ssh/authorized_keys ; \
-   usermod -aG sudo atsign ; \
+   addgroup --gid ${GROUP_ID} ${USER} ; \
+   sysctl -w net.ipv4.ping_group_range="0 1024" ; \
+   useradd --system --uid ${USER_ID} --gid ${GROUP_ID} --shell /bin/bash --home ${HOMEDIR} ${USER} ; \
+   mkdir -p ${HOMEDIR}/.atsign/keys ; \
+   mkdir -p ${HOMEDIR}/.ssh ; \
+   touch ${HOMEDIR}/.ssh/authorized_keys ; \
+   chown -R ${USER}:${USER} ${HOMEDIR} ; \
+   chmod 600 ${HOMEDIR}/.ssh/authorized_keys ; \
+   usermod -aG sudo ${USER} ; \
    mkdir /run/sshd ; \
-   chmod 755 /atsign/.startup.sh
-COPY --from=buildimage --chown=atsign:atsign /usr/local/at/sshnpd /usr/local/at/
-WORKDIR /atsign
+   chmod 755 /${USER}/.startup.sh
+COPY --from=buildimage --chown=${USER}:${USER} /usr/local/at/sshnpd /usr/local/at/
+WORKDIR ${HOMEDIR}
 # USER atsign 
 ENTRYPOINT ["/atsign/.startup.sh"]