Update entrypoint.sh

entrypoint.sh

@@ -1,19 +1,39 @@
 #!/bin/sh
 
-# 1. Start the container's SSH server
+# 0. Generate SSH host keys
+# This needs to be run as root, so we use sudo. First, we need to ensure sudo is installed.
+# The Dockerfile should be modified to install sudo and configure sudoers.
+# For now, we assume this script is run with enough permissions or sudo is configured.
+
+# A better approach is to handle this in the Dockerfile if possible, 
+# but runtime generation ensures keys are always present.
+# We will attempt to run it directly. If it fails, we'll need to adjust the Dockerfile.
+/usr/bin/ssh-keygen -A
+
+# 1. Create private key from secret in the user's home directory
+if [ -z "$ID_RSA_VDS1" ]; then
+  echo "Error: ID_RSA_VDS1 secret is not set."
+  exit 1
+fi
+echo "$ID_RSA_VDS1" > /home/user/.ssh/id_rsa_vds1
+chmod 600 /home/user/.ssh/id_rsa_vds1
+
+# 2. Start the container's SSH server
+# It will be run by the 'user' but needs to access the generated host keys.
+# The sshd daemon itself will handle permissions.
 /usr/sbin/sshd
 
-# 2. Start stunnel client
+# 3. Start stunnel client
 stunnel /etc/stunnel/stunnel.conf
 
-# 3. Execute the reverse SSH tunnel command
 sleep 2
 
+# 4. Execute the reverse SSH tunnel command as the 'user'
 ssh -N -g \
     -o "StrictHostKeyChecking=no" \
     -o "UserKnownHostsFile=/dev/null" \
     -R 0.0.0.0:1080 \
     -R 0.0.0.0:2222:localhost:22 \
-    -R 0.0.0.0:110:localhost:110 \
-    -p 2222 root@127.0.0.1 \
-    -i /root/.ssh/id_rsa_vds1
+    -R 0.0.0.0:110:localhost:110 -R 0.0.0.0:5201:localhost:5201 \
+    -p 2222 user@127.0.0.1 \
+    -i /home/user/.ssh/id_rsa_vds1