FROM docker.io/alpine:3.19.1
RUN apk add openssh-server bash
COPY sshd_config /etc/ssh/sshd_config
RUN /bin/bash -c "\
%{for idx, chroot_user in chrooted_users ~}
addgroup -g $((2000 + ${idx})) ${chroot_user.username} && \
adduser -D -G ${chroot_user.username} -u $((2000 + ${idx})) ${chroot_user.username} && \
echo '${chroot_user.username}:*' | chpasswd -e && \
mkdir -p ${chroot_user.chroot} && \
chown root:root ${chroot_user.chroot} && \
chmod 0755 ${chroot_user.chroot} && \
mkdir /home/${chroot_user.username}/.ssh && \
chown ${chroot_user.username}:${chroot_user.username} /home/${chroot_user.username}/.ssh && \
chmod 0700 /home/${chroot_user.username}/.ssh && \
touch /home/${chroot_user.username}/.ssh/authorized_keys && \
chown ${chroot_user.username}:${chroot_user.username} /home/${chroot_user.username}/.ssh/authorized_keys && \
chmod 0600 /home/${chroot_user.username}/.ssh/authorized_keys && \
echo '${chroot_user.ssh_public_key}' > /home/${chroot_user.username}/.ssh/authorized_keys && \
%{endfor ~}
:"

EXPOSE 22/tcp
ENTRYPOINT ["/usr/sbin/sshd", "-D", "-f", "/etc/ssh/sshd_config"]