Initial commit

2025-11-19 23:54:03 +01:00 · 2025-11-19 23:54:03 +01:00 · 21ae5738c3
commit 21ae5738c3
4 changed files with 100 additions and 0 deletions
--- a/.forgejo/workflows/main.yml
+++ b/.forgejo/workflows/main.yml
@ -0,0 +1,24 @@
+name: Build a dev image
+
+on:
+  push:
+    branches: [ main ]
+  workflow_dispatch: {}
+  schedule:
+  - cron: "15 5 * * *"
+
+jobs:
+  build:
+    runs-on: [dev, amd64]
+    env:
+      IMAGE: gitea.ceperka.net/cx/borg-server
+      TAG: dev
+    steps:
+      - uses: actions/checkout@v4
+      - name: docker login
+        run: |
+          docker login gitea.ceperka.net -u "${{ secrets.REGISTRY_DEV_USERNAME }}" -p "${{ secrets.REGISTRY_DEV_PASSWORD }}"
+      - name: Build
+        run: task build IMAGE=$IMAGE TAG=$TAG
+      - name: Push
+        run: task push IMAGE=$IMAGE TAG=$TAG
--- a/17
+++ b/17
@ -0,0 +1,17 @@
+FROM alpine:3.22
+
+RUN apk add --no-cache borgbackup openssh
+
+COPY entrypoint.sh /entrypoint.sh
+
+RUN addgroup borg && \
+    adduser -D -h /srv -G borg borg && \
+    chmod +x /entrypoint.sh && \
+    sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes/' /etc/ssh/sshd_config
+
+VOLUME /srv
+EXPOSE 22
+
+ENTRYPOINT ["/entrypoint.sh"]
+
+CMD ["borg", "--help"]
--- a/Taskfile.yml
+++ b/Taskfile.yml
@ -0,0 +1,18 @@
+# https://taskfile.dev
+
+version: '3'
+
+vars:
+  IMAGE: gitea.ceperka.net/cx/borg-server
+  TAG: dev
+
+tasks:
+  build:
+    cmds:
+    - docker build -t {{ .IMAGE }}:{{ .TAG }} .
+  tag-latest:
+    cmds:
+    - docker tag {{ .IMAGE }}:{{ .TAG }} {{ .IMAGE }}:latest
+  push:
+    cmds:
+    - docker push {{ .IMAGE }}:{{ .TAG }}
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -0,0 +1,41 @@
+#!/bin/sh
+
+set -e
+
+if [ -z "$SSH_PASSWORD" -a -z "$SSH_PRIVATE_KEY" ]; then
+  echo "No SSH_PASSWORD or SSH_PRIVATE_KEY provided. Exiting."
+  exit 1
+fi
+
+echo "Setting up SSH configuration..."
+
+mkdir -p /srv/.ssh
+chmod 700 /srv/.ssh
+
+if [ -n "$SSH_PASSWORD" ]; then
+  echo "Setting up SSH password authentication..."
+  echo "borg:$SSH_PASSWORD" | chpasswd
+fi
+
+if [ -n "$SSH_PRIVATE_KEY" ]; then
+  echo "Setting up SSH private key authentication..."
+  echo "$SSH_PRIVATE_KEY" > /srv/.ssh/authorized_keys
+fi
+
+if [ -e /srv/.ssh-host-keys/ssh_host_ecdsa_key ]; then
+    for key in ssh_host_ecdsa_key ssh_host_rsa_key ssh_host_ed25519_key; do
+        if [ -e /srv/.ssh-host-keys/$key ]; then
+            cp /srv/.ssh-host-keys/$key /etc/ssh/
+            cp /srv/.ssh-host-keys/${key}.pub /etc/ssh/
+            chmod 600 /etc/ssh/$key
+            chmod 644 /etc/ssh/${key}.pub
+        fi
+    done
+fi
+
+if [ ! -e /etc/ssh/ssh_host_ecdsa_key ] ; then
+  ssh-keygen -A
+
+fi
+
+/usr/sbin/sshd -D -e