.gitea/workflows/main.yml

@@ -15,8 +15,8 @@ jobs:
       - uses: actions/checkout@v4
       - name: docker login
         run: |
-          docker login gitea.ceperka.net -u "${{ secrets.REGISTRY_DEV_USERNAME }}" -p "${{ secrets.REGISTRY_DEV_PASSWORD }}"
+          docker login gitea.ceperka.net -u "${{ secrets.REPO_USERNAME }}" -p "${{ secrets.REPO_PASSWORD }}"
       - name: Build
-        run: task build IMAGE=$IMAGE TAG=$TAG
+        run: task build REPO=$IMAGE VERSION=$TAG
       - name: Push
-        run: task push IMAGE=$IMAGE TAG=$TAG
+        run: task push REPO=$IMAGE VERSION=$TAG

.gitea/workflows/release.yml

@@ -30,12 +30,12 @@ jobs:
 
       - name: docker login
         run: |
-          docker login harbor.rosti.cz -u "${{ secrets.REGISTRY_PROD_USERNAME }}" -p "${{ secrets.REGISTRY_PROD_PASSWORD }}"
+          docker login harbor.rosti.cz -u "${{ secrets.HARBOR_REPO_USERNAME }}" -p "${{ secrets.HARBOR_REPO_PASSWORD }}"
       - name: Build
-        run: task build IMAGE=$IMAGE TAG=${{ env.TAG_NAME }}
+        run: task build REPO=$IMAGE VERSION=${{ env.TAG_NAME }}
       - name: Tag latest
-        run: task tag-latest IMAGE=$IMAGE TAG=${{ env.TAG_NAME }}
+        run: docker tag $IMAGE:${{ env.TAG_NAME }} $IMAGE:latest
       - name: Push
-        run: task push IMAGE=$IMAGE TAG=${{ env.TAG_NAME }}
+        run: task push REPO=$IMAGE VERSION=${{ env.TAG_NAME }}
       - name: Push latest
-        run: task push IMAGE=$IMAGE TAG=latest
+        run: task push REPO=$IMAGE VERSION=latest

Dockerfile

@@ -2,8 +2,7 @@ FROM alpine:3.22
 
 RUN apk update && apk upgrade && apk add --no-cache \
     git \
-    docker-cli \
+    docker \
-    docker-cli-compose \
     bash \
     fish \
     zsh \
@@ -30,15 +29,9 @@ COPY service.ssh.sh /app/
 COPY service.ttyd.sh /app/
 RUN chmod +x /app/entrypoint.sh /app/service.ssh.sh /app/service.ttyd.sh
 
-COPY motd.txt /etc/motd
-
 RUN mkdir -p /srv/stack
 WORKDIR /srv/stack
 
-# Set environment variable for Docker Compose project name
-# This is needed because inside ttyd docker compose defaults to hostname + directory for the project name
-ENV COMPOSE_PROJECT_NAME=stack
-
 EXPOSE 22 1234
 
 ENTRYPOINT ["/app/entrypoint.sh"]

Taskfile.yml

@@ -10,9 +10,6 @@ tasks:
   build:
     cmds:
     - docker build -t {{ .IMAGE }}:{{ .TAG }} .
-  tag-latest:
-    cmds:
-    - docker tag {{ .IMAGE }}:{{ .TAG }} {{ .IMAGE }}:latest
   push:
     cmds:
     - docker push {{ .IMAGE }}:{{ .TAG }}

entrypoint.sh

@@ -22,22 +22,6 @@ if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
     ssh-keygen -A
 fi
 
-if [ -f /etc/ssh/sshd_config -a `cat /etc/ssh/sshd_config | wc -l` = 1 ]; then
-    echo "sshd_config is not complete, regenerating..."
-    rm -f /etc/ssh/sshd_config
-fi
-
-if [ ! -f /etc/ssh/sshd_config ]; then
-    echo "Include /etc/ssh/sshd_config.d/*.conf" > /etc/ssh/sshd_config
-    echo "PermitRootLogin yes" >> /etc/ssh/sshd_config
-    echo "AuthorizedKeysFile .ssh/authorized_keys" >> /etc/ssh/sshd_config
-    echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config
-    echo "AllowTcpForwarding no" >> /etc/ssh/sshd_config
-    echo "GatewayPorts no" >> /etc/ssh/sshd_config
-    echo "X11Forwarding no" >> /etc/ssh/sshd_config
-    echo "Subsystem sftp internal-sftp" >> /etc/ssh/sshd_config
-fi
-
 # Array to store child PIDs
 declare -a CHILD_PIDS=()
 

service.ssh.sh

@@ -1,18 +1,3 @@
 #!/bin/sh
 
-if [ ! -e /etc/ssh/sshd_config ]; then
+exec /usr/sbin/sshd -D
-    mkdir -p /etc/ssh/sshd_config.d
-    echo "Include /etc/ssh/sshd_config.d/*.conf
-PermitRootLogin yes
-AuthorizedKeysFile .ssh/authorized_keys
-PasswordAuthentication yes
-AllowTcpForwarding yes
-GatewayPorts no
-X11Forwarding no
-Subsystem sftp internal-sftp" > /etc/ssh/sshd_config
-fi
-
-# Cloud image generates this file which prevents sshd from accepting passwords
-rm -f /etc/ssh/sshd_config.d/50-cloud-init.conf
-
-exec /usr/sbin/sshd -E /var/log/sshd.log -D