update for ssh server (#222)

home/.chezmoiscripts/ubuntu/run_once_11-docker-ssh-server.sh.tmpl

@@ -0,0 +1,7 @@
+{{ if eq .chezmoi.os "linux" -}}
+{{   if eq .chezmoi.osRelease.idLike "debian" -}}
+{{     if eq .system "server" -}}
+{{       include "../install/ubuntu/server/ssh_server.sh" }}
+{{     end -}}
+{{   end -}}
+{{ end -}}

install/ubuntu/server/ssh_server.sh

@@ -0,0 +1,46 @@
+#!/usr/bin/env bash
+
+set -Eeuo pipefail
+
+if [ "${DOTFILES_DEBUG:-}" ]; then
+    set -x
+fi
+
+function install_openssh_server() {
+    # install openssh-server
+    apt-get update && apt-get install --no-install-recommends -y vim openssh-server
+}
+
+function setup_sshd() {
+    mkdir -p /var/run/sshd
+    mkdir -p /root/.ssh
+
+    sed -i 's/^#PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config &&
+        sed -i 's/^#Port 22/Port 22/' /etc/ssh/sshd_config &&
+        sed -i 's/^#ListenAddress 0.0.0.0/ListenAddress 0.0.0.0/' /etc/ssh/sshd_config &&
+        sed -i 's/^#PubkeyAuthentication yes/PubkeyAuthentication yes/' /etc/ssh/sshd_config &&
+        sed 's@session\s*required\s*pam_loginuid.so@session optional pam_loginuid.so@g' -i /etc/pam.d/sshd
+
+    # check the /etc/ssh/sshd_config
+    /usr/sbin/sshd -t
+
+    # create .ssh/authorized_keys if not exists
+    touch ~/.ssh/authorized_keys
+}
+
+function run_sshd() {
+    # run sshd
+    /usr/sbin/sshd
+}
+
+function main() {
+    install_openssh_server
+    setup_sshd
+    run_sshd
+}
+
+if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then
+    if [ -f "/.dockerenv" ]; then
+        main
+    fi
+fi