fickit: save ssh keys between reboots

configs/sshd-setup.sh

@@ -0,0 +1,16 @@
+#!/bin/sh
+
+[ -f /var/lib/fic/ssh/sshd_config ] && exit 0
+
+mkdir -p /var/lib/fic/ssh/
+
+cp /containers/services/sshd/lower/etc/ssh/* /var/lib/fic/ssh/
+
+mount -o bind /dev /containers/services/sshd/lower/dev
+mount -o bind /proc /containers/services/sshd/lower/proc
+mount -o bind /sys /containers/services/sshd/lower/sys
+mount -o bind /var/lib/fic/ssh/ /containers/services/sshd/lower/etc/ssh
+
+chroot /containers/services/sshd/lower/ ssh-keygen -A
+
+umount /containers/services/sshd/lower/dev /containers/services/sshd/lower/proc /containers/services/sshd/lower/sys /containers/services/sshd/lower/etc/ssh

fickit-backend.yml

@@ -269,6 +269,10 @@ services:
     uts: new
 
 files:
+  - path: etc/init.d/015-setup-sshd
+    source: configs/sshd-setup.sh
+    mode: "0555"
+
   - path: etc/sysctl.d/01-fic.conf
     source: configs/sysctl-backend.conf
     mode: "0444"

fickit-frontend.yml

@@ -209,13 +209,17 @@ services:
     ipc: new
     uts: new
   - name: dns-server
-    image: nemunaire/unbound:2c5d3b808517f1ad1cb829a474dec77db0a6513e
+    image: nemunaire/unbound:761b47b640c50d7eff2b6381ee9248957c4d1c3c
     binds:
       - /etc/unbound/unbound.d:/etc/unbound/unbound.d:ro
     net: /run/netns/nginx
 
 
 files:
+  - path: etc/init.d/015-setup-sshd
+    source: configs/sshd-setup.sh
+    mode: "0555"
+
   - path: etc/sysctl.d/01-fic.conf
     source: configs/sysctl-frontend.conf
     mode: "0444"