Hugging Face's logo

Spaces:
igor04091968
/
tun-chisel
Paused

App Files Community
igor04091968 commited on
Commit
75ce7c3
·
verified ·
1 Parent(s): 21986f2

Update Dockerfile

Browse files
Files changed (1) hide show
  1. Dockerfile +11 -8
Dockerfile CHANGED
@@ -4,8 +4,14 @@ FROM alpine:latest
4
  # Install packages
5
  RUN apk add --no-cache stunnel openssh iperf3
6
 
7
- # Create SSH directories and generate host keys for the container's sshd
8
- RUN mkdir -p /root/.ssh && chmod 700 /root/.ssh && ssh-keygen -A
 
 
 
 
 
 
9
 
10
  # Copy configs
11
  COPY stunnel.conf /etc/stunnel/stunnel.conf
@@ -15,12 +21,9 @@ COPY sshd_config /etc/ssh/sshd_config
15
  COPY entrypoint.sh /entrypoint.sh
16
  RUN chmod +x /entrypoint.sh
17
 
18
- # Add public keys to authorized_keys
19
- # Note: For a real Hugging Face Space, it's better to manage keys via Space Secrets.
20
- # This is included for reproducibility of the original environment.
21
- RUN echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDIG17gM3oWQd0bw2L+DG0UZZEvAh/gOa2PsqwKRWLptikxruaNBezdE1aaGkU2gqTqCoUERXeUAU7ICjyWC6t88vsNNYlCYhIqUDiEhIrwoCNFLXcT0Nb0I0V3JNHmLo0328E/h22nOYdkrA/n87ngYmhAyhVzm4CBls2LDQjo2v1i8/99cb+B84IpL7a8RspeqFC7Al4UpYAB1Rw7vVfW84wLOb/ZUoDMDmqW1L0jDeSRee6Lz4u4PRmyh/0MCEnj9lD8TCa0JH/xEKLxHA7LflQEMCpnp/pE2yi8qXXJkvV3EAAKd7fVMxWIGI98Qd6OwBTb3e45tHLnooCM1bHIjeuo5mAss7gPRqE8++lOhFsOTG+6VYuJFSWAanB0HPoRCT9BBOqbdUi3rVrVrARmf7KDMkAk0V9oHox9CQMasZDHnq1PhcYFczoImDOgodzYS64llPLo3nqtrjdn7jycWLNdJHIY6qKif+Xgj6fzIEfErBTvJiwK0vFjcS2R8+ptC6Sf2YvxSB+S6R2Lqm9zrYFeM52cvDBGZJFpN6EZw9T5K95GyovCgFgCYWWOpWsxiJVruDcBGHbEJjUxWGRanRFUtq6WOcJ2YIn0+K5l/lMjE2f3PDPPw3bSTYrmE3UrUstnCAWi7hL27rKGcTmwBSSnmYJStGWkR099enw== igor04091968@cs-1030016233626-default' >> /root/.ssh/authorized_keys
22
-
23
- # The private key for vds1 will be mounted or injected as a secret.
24
 
25
  # Expose the port that will be mapped by Hugging Face
26
  EXPOSE 2222
 
4
  # Install packages
5
  RUN apk add --no-cache stunnel openssh iperf3
6
 
7
+ # Create a non-root user with UID 1000
8
+ RUN addgroup -g 1000 user && adduser -u 1000 -G user -h /home/user -s /bin/sh -D user
9
+
10
+ # Create SSH directory for the new user and add authorized keys
11
+ RUN mkdir -p /home/user/.ssh && \
12
+ chmod 700 /home/user/.ssh && \
13
+ echo 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDIG17gM3oWQd0bw2L+DG0UZZEvAh/gOa2PsqwKRWLptikxruaNBezdE1aaGkU2gqTqCoUERXeUAU7ICjyWC6t88vsNNYlCYhIqUDiEhIrwoCNFLXcT0Nb0I0V3JNHmLo0328E/h22nOYdkrA/n87ngYmhAyhVzm4CBls2LDQjo2v1i8/99cb+B84IpL7a8RspeqFC7Al4UpYAB1Rw7vVfW84wLOb/ZUoDMDmqW1L0jDeSRee6Lz4u4PRmyh/0MCEnj9lD8TCa0JH/xEKLxHA7LflQEMCpnp/pE2yi8qXXJkvV3EAAKd7fVMxWIGI98Qd6OwBTb3e45tHLnooCM1bHIjeuo5mAss7gPRqE8++lOhFsOTG+6VYuJFSWAanB0HPoRCT9BBOqbdUi3rVrVrARmf7KDMkAk0V9oHox9CQMasZDHnq1PhcYFczoImDOgodzYS64llPLo3nqtrjdn7jycWLNdJHIY6qKif+Xgj6fzIEfErBTvJiwK0vFjcS2R8+ptC6Sf2YvxSB+S6R2Lqm9zrYFeM52cvDBGZJFpN6EZw9T5K95GyovCgFgCYWWOpWsxiJVruDcBGHbEJjUxWGRanRFUtq6WOcJ2YIn0+K5l/lMjE2f3PDPPw3bSTYrmE3UrUstnCAWi7hL27rKGcTmwBSSnmYJStGWkR099enw== igor04091968@cs-1030016233626-default' >> /home/user/.ssh/authorized_keys && \
14
+ chown -R user:user /home/user/.ssh
15
 
16
  # Copy configs
17
  COPY stunnel.conf /etc/stunnel/stunnel.conf
 
21
  COPY entrypoint.sh /entrypoint.sh
22
  RUN chmod +x /entrypoint.sh
23
 
24
+ # Switch to the new user
25
+ USER user
26
+ WORKDIR /home/user
 
 
 
27
 
28
  # Expose the port that will be mapped by Hugging Face
29
  EXPOSE 2222