Go to file
Joshua Piper f63e2c405d Merge pull request #3 from Burnett01/feat/support-key-with-passphrase
feat: Add support for SSH keys with passphrases.
2021-08-02 18:43:25 +01:00
Dockerfile simplify perms handling 2021-08-02 19:14:10 +02:00
LICENSE Create LICENSE 2020-03-18 16:16:38 +00:00
README.md mention new agent-askpass and agent-add behavior 2021-08-02 19:36:36 +02:00
agent-add add ssh pass ability to agent-start 2021-08-02 19:16:39 +02:00
agent-askpass add ssh-askpass(1) program 2021-08-02 19:14:48 +02:00
agent-autostart Add arguments to add and autostart. 2020-01-03 15:41:34 +00:00
agent-start Don't allow agent reloads, if it's running already. 2020-01-02 23:08:35 +00:00
agent-stop That's meant to just be an id. 2020-01-02 22:48:55 +00:00
hosts-add Make sure permissions are set. 2020-01-02 16:00:19 +00:00
hosts-clear Make sure permissions are set. 2020-01-02 16:00:19 +00:00

README.md

rsync docker image.

A simple alpine based docker image for rsync and ssh deployments.

Using this image

This image has two primary uses. Firstly, as a deployment image for GitLab CI runs. Secondly, as a base image for other images.

gitlab-ci.yml

image: drinternet/rsync:1.0.1
...
before_script:
  - source agent-autostart "$CI_PROJECT_ID-$CI_PIPELINE_ID-$_CI_CONCURRENT_ID"
  - hosts-add "$SSH_KNOWN_HOSTS"

after_script:
  - agent-stop "$CI_PROJECT_ID-$CI_PIPELINE_ID-$_CI_CONCURRENT_ID"

Base image in a `Dockerfile

FROM drinternet/rsync:1.0.1
COPY some/file or/whatever

Inbuilt commands.

This base image also includes a few shell scripts, to help with managing SSH agents and known hosts files.

SSH Agent Management

agent-start

This command starts the SSH agent, if it isn't already started (SSH_AGENT_PID set or ssh agent ID file found). It takes one optional argument, for the name of the agent to be started. Defaults to "default". This program needs to be source'd to work correctly. source agent-start "default"

agent-stop

This command stops the SSH agent, if it is started (SSH_AGENT_PID set or ssh agent ID file found). It takes one optional argument, for the name of the agent to be stopped. Defaults to "default". agent-stop "my-agent-name"

agent-add

This command adds a key to the currently running SSH agent. The key is taken from stdin, and the agent used is that in SSH_AGENT_PID.

agent-autostart

This command starts the SSH agent and loads the private key from the "SSH_PRIVATE_KEY" environment var. The command takes one optional argument, for the name of the agent to be started. Defaults to "default". As with agent-start, this command needs to be sourced.

agent-askpass

This command is called by ssh-add when the SSH_ASKPASS variable is set active. The command returns the SSH_PASS to ssh-askpass(1).

This command is ignored by ssh-add if the key does not require a passphrase.

known_hosts management

hosts-clear

This command truncates the known_hosts file and sets its permissions.

hosts-add

This command adds an entry to the known hosts file, and ensures its permissions are correct. It takes one argument, which is the new key to add.

Tags

Most numeric tags are simple version numbers for the various scripts. However, there are some special tags. staging: The latest build from the master branch. *-rc: release candidate builds, nearly ready but might contain small changes. *-beta: beta builds, still need testing but shouldn't change too much. *-alpha: alpha builds, which are likely to change.

Example gitlab-ci.yml

image: drinternet/rsync:1.0.1

stages:
  - deploy

before_script:
  - source agent-autostart "$CI_PROJECT_ID-$CI_PIPELINE_ID-$_CI_CONCURRENT_ID"
  - hosts-add "$SSH_KNOWN_HOSTS"

after_script:
  - agent-stop "$CI_PROJECT_ID-$CI_PIPELINE_ID-$_CI_CONCURRENT_ID"

deploy:
  stage: deploy
  script:
    - rsync -zrSlhaO --chmod=D2775,F664 --delete-after . $FTP_USER@$FTP_HOST:/var/www/deployment/

Using with passphrase protected key

You can supply a passphrase with SSH_PASS to agent-add, agent-start or agent-autostart.

SSH_PASS="THE_PASSPHRASE" agent-add