Upgrade: bullseye & borgbackup 1.1.16 (#13)

* Upgrade to bullseye-slim image * Fix(run.sh): authorized_keys permissions * Change(run.sh): Add restrict to client keys & output debian version * Change(Dockerfile): Allow different base images * Update(drone): Build buster & bullseye images * Update README
2022-01-21 10:33:54 +01:00 · 2022-01-21 10:33:54 +01:00 · 0b641a8253
commit 0b641a8253
parent 7b241c142b
4 changed files with 31 additions and 3 deletions
--- a/data/run.sh
+++ b/data/run.sh
@ -15,9 +15,11 @@ AUTHORIZED_KEYS_PATH=/home/borg/.ssh/authorized_keys
 # Append only mode?
 BORG_APPEND_ONLY=${BORG_APPEND_ONLY:=no}

+source /etc/os-release
 echo "########################################################"
 echo -n " * Docker BorgServer powered by "
 borg -V
+echo " * Based on ${PRETTY_NAME}"
 echo "########################################################"
 echo " * User  id: $(id -u borg)"
 echo " * Group id: $(id -g borg)"
@ -74,9 +76,10 @@ for keyfile in $(find "${SSH_KEY_DIR}/clients" ! -regex '.*/\..*' -a -type f); d
 		borg_cmd="${BORG_CMD} --append-only"
 	fi

-    echo -n "command=\"$(eval echo -n \"${borg_cmd}\")\" " >> ${AUTHORIZED_KEYS_PATH}
+    echo -n "restrict,command=\"$(eval echo -n \"${borg_cmd}\")\" " >> ${AUTHORIZED_KEYS_PATH}
 	cat ${keyfile} >> ${AUTHORIZED_KEYS_PATH}
 done
+chmod 0600 "${AUTHORIZED_KEYS_PATH}"

 echo " * Validating structure of generated ${AUTHORIZED_KEYS_PATH}..."
 ERROR=$(ssh-keygen -lf ${AUTHORIZED_KEYS_PATH} 2>&1 >/dev/null)