From 88126ebabad600d454b3cc2b0ea977fa14046a61 Mon Sep 17 00:00:00 2001
From: Sam <sam.saffron@gmail.com>
Date: Fri, 21 Mar 2014 14:55:48 +1100
Subject: [PATCH] ssh key is now automatic no need to configure it

---
 README.md                   | 16 +---------------
 launcher                    | 29 +++++++++++++++++++++++++++++
 samples/data.yml            |  4 ----
 samples/redis.yml           |  4 ----
 samples/standalone.yml      |  4 ----
 samples/web_only.yml        |  3 ---
 templates/sshd.template.yml |  1 +
 7 files changed, 31 insertions(+), 30 deletions(-)

diff --git a/README.md b/README.md
index 8dd3b84..97b5791 100644
--- a/README.md
+++ b/README.md
@@ -149,21 +149,7 @@ For a Discourse instance to function properly Email must be set up. Use the `SMT
 
 ### Troubleshooting
 
-We strongly recommend you have ssh access to your running containers, this allows you very easily take a sneak peek at internals. The simplest way to gain access is:
-
-1. Run a terminal as root
-1. `ssh-keygen -b 2048 -t rsa -N "" -C "root's unprotected key" -f ~root/.ssh/id_rsa`
-1. Paste the contents of `~root/.ssh/id_rsa.pub` into your templates (see placeholder `YOUR_SSH_KEY` in samples)
-1. Bootstrap and run your container
-1. `./launcher ssh my_container`
-
-Or, if you're running as a regular user:
-
-1. Run a terminal
-1. `ssh-keygen -b 2048 -t rsa -N "" -C "my unprotected key" -f ~/.ssh/id_rsa`
-1. Paste the contents of `~/.ssh/id_rsa.pub` into your templates (see placeholder `YOUR_SSH_KEY` in samples)
-1. Bootstrap and run your container
-1. `./launcher ssh my_container`
+You can ssh into your container using `./launcher ssh my_container`, we will automatically set up ssh access during bootstrap.
 
 ### Security
 
diff --git a/launcher b/launcher
index 21598af..3e65448 100755
--- a/launcher
+++ b/launcher
@@ -62,6 +62,30 @@ prereqs() {
 
 prereqs
 
+get_ssh_pub_key() {
+  if tty -s
+  then
+    if [[ ! -e ~/.ssh/id_rsa.pub ]] ; then
+      echo You have no SSH key associated to this profile
+      echo "(This will allow you ssh access into your container)"
+      read -p "Generate SSH key at ~/.ssh/id_rsa.pub? (y/N) " -n 1 -r
+      if [[ $REPLY =~ ^[Yy]$ ]]
+      then
+        echo
+        echo Generating SSH key
+        (mkdir -p ~/.ssh && cd ~/.ssh && ssh-keygen -f id_rsa -t rsa -N '')
+      else
+        echo
+        echo WARNING: You may not be able to log in to your container.
+        echo
+      fi
+    fi
+  fi
+
+  ssh_pub_key=`cat ~/.ssh/id_rsa.pub`
+}
+
+
 install_docker() {
 
   echo "Docker is not installed, make sure you are running on the 3.8 kernel"
@@ -151,6 +175,9 @@ fi
 
 case "$command" in
   bootstrap)
+
+      get_ssh_pub_key
+
       # Is the image available?
       # If not, pull it here so the user is aware what's happening.
       docker history $image >/dev/null 2>&1 || docker pull $image
@@ -179,6 +206,8 @@ case "$command" in
 
       echo $run_command
 
+      env=("${env[@]}" "-e" "SSH_PUB_KEY=\"$ssh_pub_key\"")
+
       (exec echo "$input" | docker run "${env[@]}" -e DOCKER_HOST_IP=$docker_ip --cidfile $cidbootstrap -i -a stdin -a stdout -a stderr $volumes $image \
          /bin/bash -c "$run_command") \
          || (docker rm `cat $cidbootstrap` && rm $cidbootstrap)
diff --git a/samples/data.yml b/samples/data.yml
index 92a11f0..ebcdf34 100644
--- a/samples/data.yml
+++ b/samples/data.yml
@@ -11,10 +11,6 @@ expose:
   - "6379:6379"
   - "2221:22"
 
-# ssh key for logging in to container
-params:
-  ssh_key: ""
-
 # amend SOME_SECRET to a password for the discourse user
 hooks:
   after_postgres:
diff --git a/samples/redis.yml b/samples/redis.yml
index 562bc1a..76105ae 100644
--- a/samples/redis.yml
+++ b/samples/redis.yml
@@ -6,10 +6,6 @@ expose:
   - "6379:6379"
   - "2221:22"
 
-hooks:
-#  after_sshd:
-    # - exec: ssh-import-id some-user
-
 volumes:
   - volume:
         host: /var/docker/shared
diff --git a/samples/standalone.yml b/samples/standalone.yml
index f9d5f03..2dae4e7 100644
--- a/samples/standalone.yml
+++ b/samples/standalone.yml
@@ -11,10 +11,6 @@ expose:
   - "2222:22"
 
 params:
-  # ssh key so you can log in, a tip, try using the key for root in ~root/.ssh or generate one
-  # using ssh-keygen. This should be a string containing the key contents. For more information
-  # see Troubleshooting in README
-  ssh_key: YOUR_SSH_KEY
   # git revision to run
   version: HEAD
 
diff --git a/samples/web_only.yml b/samples/web_only.yml
index 61f7998..08fafcb 100644
--- a/samples/web_only.yml
+++ b/samples/web_only.yml
@@ -10,9 +10,6 @@ expose:
   - "2222:22"
 
 params:
-
-# your ssh key can go here, or you can use ssh-import-id
-  ssh_key: ""
   version: HEAD
 
 # developer emails allow you to fast track account creation on the site
diff --git a/templates/sshd.template.yml b/templates/sshd.template.yml
index ac48523..c4ca4f6 100644
--- a/templates/sshd.template.yml
+++ b/templates/sshd.template.yml
@@ -23,4 +23,5 @@ run:
         - mkdir -p /var/run/sshd
         - mkdir -p /root/.ssh
         - echo "$ssh_key" >> /root/.ssh/authorized_keys
+        - echo "$$ENV_SSH_PUB_KEY" >> /root/.ssh/authorized_keys
         - chmod 640 /root/.ssh/authorized_keys
-- 
2.25.1