update entrypoint script with functions

Dockerfile

@@ -10,6 +10,8 @@ ENV TZ=""
 RUN mkdir "/.ssh"
 VOLUME ["/backups"]
 VOLUME ["/logs"]
+VOLUME ["/sshkeys/host"]
+
 COPY motd.txt /etc/motd
 COPY entrypoint.sh /
 

build.sh

@@ -13,7 +13,7 @@ run_docker_container() {
     -e TZ="Europe/Vienna" \
     -v "$PWD"/crontab.txt:/crontab.txt \
     -v "$PWD"/maintain_repo.sh:/maintain_repo.sh \
-    -v "$PWD"/sshkeys:/sshkeys \
+    -v "$PWD"/sshkeys/clients:/sshkeys/clients \
     -v "$PWD"/backups:/backups \
     "$DOCKER_IMAGE_NAME":"$GIT_BRANCH"
 }

entrypoint.sh

@@ -1,89 +1,152 @@
-#!/bin/sh
+#!/bin/bash
-DOCKER_IMAGE_VERSION="1.0.7"
+DOCKER_IMAGE_VERSION="1.0.8"
-
+BORG_VERSION=$(borg -V)
-sepurator() {
+SSH_FOLDERS=( /sshkeys/clients /sshkeys/host )
+##############################################################################################################################
+# Funktionen
+##############################################################################################################################
+function sepurator {
   echo "==============================================================================="
 }
 
-sepurator
+function print_container_info {
-BORG_VERSION=$(borg -V)
+  sepurator
-echo "* BorgServer powered by $BORG_VERSION"
+  echo "* BorgServer powered by $BORG_VERSION"
-echo "* Image Hostname: $HOSTNAME"
+  echo "* Image Hostname: $HOSTNAME"
-echo "* Image Version: $DOCKER_IMAGE_VERSION"
+  echo "* Image Version: $DOCKER_IMAGE_VERSION"
-sepurator
+}
 
-# Make authorized_keys file
+function print_user_info {
-touch "/.ssh/authorized_keys"
+  sepurator
+  echo "* USER: $USER ID: $UID"
+  echo "* GROUP: $USER GID: $GID"
+}
 
-# Add User
+function add_borg_user {
-sh -c "echo '$USER ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers"
+  if ! id "borg" &>/dev/null; then
+    sh -c "echo '$USER ALL=(ALL) NOPASSWD: ALL' >> /etc/sudoers"
+    adduser \
+    --disabled-password \
+    --gecos "" \
+    --home "/" \
+    --uid "$UID" \
+    "$USER"
+    echo "$USER:*" | chpasswd 2>> /dev/null
+    addgroup -g "$GID" "$USER"  2>> /dev/null
+  fi
+}
 
-adduser \
+function make_and_import_ssh_keys {
-  --disabled-password \
+  local create_folders="0"
-  --gecos "" \
+  touch "/.ssh/authorized_keys"
-  --home "/" \
-  --uid "$UID" \
-  "$USER"
-echo "$USER:*" | chpasswd 2>> /logs/user.log
-addgroup -g "$GID" "$USER"  2>> /logs/user.log
 
-echo "* USER: $USER ID: $UID"
+  for key in ${SSH_FOLDERS[@]}; do
-echo "* GROUP: $USER GID: $GID"
+    if [ ! -d "${key}" ]; then
-sepurator
+      mkdir -p "${key}"
+      echo "Created ${key}"
+      create_folders="1"
+    fi
+  done
 
-mkdir -p /sshkeys/clients
+  chown -R "$USER":"$USER" "/sshkeys"
-mkdir -p /sshkeys/host
-chown -R "$USER":"$USER" "/sshkeys"
 
-echo "* IMPORT SSH KEYS"
+  if [ $create_folders == "1" ]; then
-echo ""
+    sepurator
-# Add SSH Keys to authorized_keys
+  fi
-FILES=$(ls -1 /sshkeys/clients)
-for key in $FILES; do
-  echo "-  Adding SSH-Key $key"
-  cat "/sshkeys/clients/$key" >> "/.ssh/authorized_keys"
-done
-echo "" >> "/.ssh/authorized_keys"
-sepurator
 
-# Change Ownership of SSH-Keys
+  echo "* IMPORT SSH KEYS"
-chown -R "$USER":"$USER" "/.ssh"
+  echo ""
-chmod 700 "/.ssh"
-chmod 600 "/.ssh/authorized_keys"
 
-# Generate SSH-Keys
+  FILES=$(ls -1 /sshkeys/clients)
-if [ ! -f "/sshkeys/host/ssh_host_rsa_key" ]; then
+  for key in $FILES; do
-  ssh-keygen -t rsa -b 4096 -f "/sshkeys/host/ssh_host_rsa_key" -N ""
+    echo "-  Adding SSH-Key $key"
-fi
+    cat "/sshkeys/clients/$key" > "/.ssh/authorized_keys"
-if [ ! -f "/sshkeys/host/ssh_host_ecdsa_key" ]; then
+  done
-  ssh-keygen -t ecdsa -b 521 -f "/sshkeys/host/ssh_host_ecdsa_key" -N ""
+  echo "" >> "/.ssh/authorized_keys"
-fi
-if [ ! -f "/sshkeys/host/ssh_host_ed25519_key" ]; then
-  ssh-keygen -t ed25519 -b 521 -f "/sshkeys/host/ssh_host_ed25519_key" -N ""
-fi
 
-chown -R "$USER":"$USER" "/sshkeys/host"
+  chown -R "$USER":"$USER" "/.ssh"
+  chmod 700 "/.ssh"
+  chmod 600 "/.ssh/authorized_keys"
+}
 
-# MAINTENANCE_ENABLE of Borg Repository
+function print_message {
-if [ "$MAINTENANCE_ENABLE" != "false" ]; then
+  echo ""
-  if [ -f "/crontab.txt" ]; then
+  echo "- $1"
-    /usr/bin/crontab "/crontab.txt"
+  echo ""
-    /usr/sbin/crond -b
+}
-    echo "* Crontab loaded successfully"
+
+function generate_host_sshkey {
+  local generated_keys="0"
+  echo "* GENERATE HOST SSH-KEYs"
+  # Generate SSH-Keys
+  if [ ! -f "/sshkeys/host/ssh_host_rsa_key" ]; then
+    print_message "HOST SSH-KEY RSA not found, generating..."
+    ssh-keygen -t rsa -b 4096 -f "/sshkeys/host/ssh_host_rsa_key" -N ""
+    print_message "HOST SSH-KEY RSA Generated"
+    generated_keys="1"
+  fi
+  if [ ! -f "/sshkeys/host/ssh_host_ecdsa_key" ]; then
+    print_message "HOST SSH-KEY ECDSA not found, generating..."
+    ssh-keygen -t ecdsa -b 521 -f "/sshkeys/host/ssh_host_ecdsa_key" -N ""
+    print_message "HOST SSH-KEY ECDSA Generated"
+    generated_keys="1"
+  fi
+  if [ ! -f "/sshkeys/host/ssh_host_ed25519_key" ]; then
+    print_message "HOST SSH-KEY ED25519 not found, generating..."
+    ssh-keygen -t ed25519 -b 521 -f "/sshkeys/host/ssh_host_ed25519_key" -N ""
+    print_message "HOST SSH-KEY ED25519 Generated"
+    generated_keys="1"
+  fi
+
+  if [ "$generated_keys" == "0" ]; then
+    echo ""
+    echo "- HOST SSH-KEYs already exist"
+  fi
+
+  chown -R "$USER":"$USER" "/sshkeys/host"
+}
+
+function maintenance_enable {
+  if [ "$MAINTENANCE_ENABLE" != "false" ]; then
+    echo "* MAINTENANCE MODE - ENABLED"
+    echo ""
+    if [ -f "/crontab.txt" ]; then
+      /usr/bin/crontab "/crontab.txt"
+      /usr/sbin/crond -b
+      echo "* Crontab loaded successfully"
+    else
+      echo "* Can not find /crontab.txt"
+    fi
+    sepurator
+  fi
+}
+
+function set_timezone {
+  if [ "$TZ" != "" ]; then
+    echo "* Setting Timezone to $TZ"
+    echo "TZ=$TZ" > /etc/environment
   else
-    echo "* Can not find /crontab.txt"
+    echo "* Timezone not set - Use UTC Time"
   fi
   sepurator
-fi
+}
+##############################################################################################################################
+# Main Code
+##############################################################################################################################
+add_borg_user
 
-if [ "$TZ" != "" ]; then
+print_container_info
-  echo "* Setting Timezone to $TZ"
+print_user_info
-  echo "TZ=$TZ" > /etc/environment
-else
-  echo "* Timezone not set - Use UTC Time"
-fi
 sepurator
+make_and_import_ssh_keys
+sepurator
+generate_host_sshkey
+sepurator
+
+maintenance_enable
+set_timezone
 
 echo "* Init done! - Starting SSH-Daemon..."
 sepurator
-exec /usr/sbin/sshd -D -e "$@" 2>> /logs/sshd.log
+echo ""
+exec /usr/sbin/sshd -D -e "$@" 2> /logs/sshd.log