mirror of
https://github.com/linuxserver/docker-code-server.git
synced 2024-11-26 22:15:41 +01:00
Merge pull request #48 from linuxserver/hash
Allow setting sudo password via hash
This commit is contained in:
commit
da3a74c36b
@ -92,6 +92,7 @@ services:
|
|||||||
- TZ=Europe/London
|
- TZ=Europe/London
|
||||||
- PASSWORD=password #optional
|
- PASSWORD=password #optional
|
||||||
- SUDO_PASSWORD=password #optional
|
- SUDO_PASSWORD=password #optional
|
||||||
|
- SUDO_PASSWORD_HASH= #optional
|
||||||
- PROXY_DOMAIN=code-server.my.domain #optional
|
- PROXY_DOMAIN=code-server.my.domain #optional
|
||||||
volumes:
|
volumes:
|
||||||
- /path/to/appdata/config:/config
|
- /path/to/appdata/config:/config
|
||||||
@ -110,6 +111,7 @@ docker run -d \
|
|||||||
-e TZ=Europe/London \
|
-e TZ=Europe/London \
|
||||||
-e PASSWORD=password `#optional` \
|
-e PASSWORD=password `#optional` \
|
||||||
-e SUDO_PASSWORD=password `#optional` \
|
-e SUDO_PASSWORD=password `#optional` \
|
||||||
|
-e SUDO_PASSWORD_HASH= `#optional` \
|
||||||
-e PROXY_DOMAIN=code-server.my.domain `#optional` \
|
-e PROXY_DOMAIN=code-server.my.domain `#optional` \
|
||||||
-p 8443:8443 \
|
-p 8443:8443 \
|
||||||
-v /path/to/appdata/config:/config \
|
-v /path/to/appdata/config:/config \
|
||||||
@ -130,6 +132,7 @@ Container images are configured using parameters passed at runtime (such as thos
|
|||||||
| `-e TZ=Europe/London` | Specify a timezone to use EG Europe/London |
|
| `-e TZ=Europe/London` | Specify a timezone to use EG Europe/London |
|
||||||
| `-e PASSWORD=password` | Optional web gui password, if not provided, there will be no auth. |
|
| `-e PASSWORD=password` | Optional web gui password, if not provided, there will be no auth. |
|
||||||
| `-e SUDO_PASSWORD=password` | If this optional variable is set, user will have sudo access in the code-server terminal with the specified password. |
|
| `-e SUDO_PASSWORD=password` | If this optional variable is set, user will have sudo access in the code-server terminal with the specified password. |
|
||||||
|
| `-e SUDO_PASSWORD_HASH=` | Optionally set sudo password via hash (takes priority over `SUDO_PASSWORD` var). Format is `$type$salt$hashed`. |
|
||||||
| `-e PROXY_DOMAIN=code-server.my.domain` | If this optional variable is set, this domain will be proxied for subdomain proxying. See [Documentation](https://github.com/cdr/code-server/blob/master/doc/FAQ.md#sub-domains) |
|
| `-e PROXY_DOMAIN=code-server.my.domain` | If this optional variable is set, this domain will be proxied for subdomain proxying. See [Documentation](https://github.com/cdr/code-server/blob/master/doc/FAQ.md#sub-domains) |
|
||||||
| `-v /config` | Contains all relevant configuration files. |
|
| `-v /config` | Contains all relevant configuration files. |
|
||||||
|
|
||||||
@ -247,6 +250,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
|
|||||||
|
|
||||||
## Versions
|
## Versions
|
||||||
|
|
||||||
|
* **23.12.20:** - Allow setting sudo password via hash using env var `SUDO_PASSWORD_HASH`.
|
||||||
* **29.05.20:** - Add --domain-proxy support.
|
* **29.05.20:** - Add --domain-proxy support.
|
||||||
* **21.05.20:** - Shrink images, install via yarn, fix arm32v7 build.
|
* **21.05.20:** - Shrink images, install via yarn, fix arm32v7 build.
|
||||||
* **18.05.20:** - Switch to multi-arch images, install via npm.
|
* **18.05.20:** - Switch to multi-arch images, install via npm.
|
||||||
|
@ -42,13 +42,14 @@ param_ports:
|
|||||||
- { external_port: "8443", internal_port: "8443", port_desc: "web gui" }
|
- { external_port: "8443", internal_port: "8443", port_desc: "web gui" }
|
||||||
param_usage_include_env: true
|
param_usage_include_env: true
|
||||||
param_env_vars:
|
param_env_vars:
|
||||||
- { env_var: "TZ", env_value: "Europe/London", desc: "Specify a timezone to use EG Europe/London"}
|
- { env_var: "TZ", env_value: "Europe/London", desc: "Specify a timezone to use EG Europe/London" }
|
||||||
|
|
||||||
# optional container parameters
|
# optional container parameters
|
||||||
opt_param_usage_include_env: true
|
opt_param_usage_include_env: true
|
||||||
opt_param_env_vars:
|
opt_param_env_vars:
|
||||||
- { env_var: "PASSWORD", env_value: "password", desc: "Optional web gui password, if not provided, there will be no auth."}
|
- { env_var: "PASSWORD", env_value: "password", desc: "Optional web gui password, if not provided, there will be no auth." }
|
||||||
- { env_var: "SUDO_PASSWORD", env_value: "password", desc: "If this optional variable is set, user will have sudo access in the code-server terminal with the specified password."}
|
- { env_var: "SUDO_PASSWORD", env_value: "password", desc: "If this optional variable is set, user will have sudo access in the code-server terminal with the specified password." }
|
||||||
|
- { env_var: "SUDO_PASSWORD_HASH", env_value: "", desc: "Optionally set sudo password via hash (takes priority over `SUDO_PASSWORD` var). Format is `$type$salt$hashed`." }
|
||||||
- { env_var: "PROXY_DOMAIN", env_value: "code-server.my.domain", desc: "If this optional variable is set, this domain will be proxied for subdomain proxying. See [Documentation](https://github.com/cdr/code-server/blob/master/doc/FAQ.md#sub-domains)" }
|
- { env_var: "PROXY_DOMAIN", env_value: "code-server.my.domain", desc: "If this optional variable is set, this domain will be proxied for subdomain proxying. See [Documentation](https://github.com/cdr/code-server/blob/master/doc/FAQ.md#sub-domains)" }
|
||||||
|
|
||||||
optional_block_1: false
|
optional_block_1: false
|
||||||
@ -68,7 +69,8 @@ app_setup_block: |
|
|||||||
|
|
||||||
# changelog
|
# changelog
|
||||||
changelogs:
|
changelogs:
|
||||||
- { date: "29.05.20:", desc: "Add --domain-proxy support."}
|
- { date: "23.12.20:", desc: "Allow setting sudo password via hash using env var `SUDO_PASSWORD_HASH`." }
|
||||||
|
- { date: "29.05.20:", desc: "Add --domain-proxy support." }
|
||||||
- { date: "21.05.20:", desc: "Shrink images, install via yarn, fix arm32v7 build." }
|
- { date: "21.05.20:", desc: "Shrink images, install via yarn, fix arm32v7 build." }
|
||||||
- { date: "18.05.20:", desc: "Switch to multi-arch images, install via npm." }
|
- { date: "18.05.20:", desc: "Switch to multi-arch images, install via npm." }
|
||||||
- { date: "29.04.20:", desc: "Update start arguments." }
|
- { date: "29.04.20:", desc: "Update start arguments." }
|
||||||
|
@ -2,14 +2,19 @@
|
|||||||
|
|
||||||
mkdir -p /config/{extensions,data,workspace,.ssh}
|
mkdir -p /config/{extensions,data,workspace,.ssh}
|
||||||
|
|
||||||
if [ -n "${SUDO_PASSWORD}" ]; then
|
if [ -n "${SUDO_PASSWORD}" ] || [ -n "${SUDO_PASSWORD_HASH}" ]; then
|
||||||
echo "setting up sudo access"
|
echo "setting up sudo access"
|
||||||
if ! grep -q 'abc' /etc/sudoers; then
|
if ! grep -q 'abc' /etc/sudoers; then
|
||||||
echo "adding abc to sudoers"
|
echo "adding abc to sudoers"
|
||||||
echo "abc ALL=(ALL:ALL) ALL" >> /etc/sudoers
|
echo "abc ALL=(ALL:ALL) ALL" >> /etc/sudoers
|
||||||
fi
|
fi
|
||||||
echo "setting sudo password"
|
if [ -n "${SUDO_PASSWORD_HASH}" ]; then
|
||||||
echo -e "${SUDO_PASSWORD}\n${SUDO_PASSWORD}" | passwd abc
|
echo "setting sudo password using sudo password hash"
|
||||||
|
sed -i "s|^abc:\!:|abc:${SUDO_PASSWORD_HASH}:|" /etc/shadow
|
||||||
|
else
|
||||||
|
echo "setting sudo password using SUDO_PASSWORD env var"
|
||||||
|
echo -e "${SUDO_PASSWORD}\n${SUDO_PASSWORD}" | passwd abc
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# permissions
|
# permissions
|
||||||
|
Loading…
Reference in New Issue
Block a user