diff --git a/README.md b/README.md index 67b9b1c..fce634d 100644 --- a/README.md +++ b/README.md @@ -43,6 +43,34 @@ To fetch the latest image, do: pinata-ssh-pull ``` +## Using with docker-compose + +To use with docker-compose, you can change the ssh-agent volume type to a host directory +rather than a docker volume, which can then be mounted in docker-compose.yml. To do this, +create a `.pinata-ssh.env` file in your home directory and set the `VOLUME_TYPE` to "bind": +``` +echo 'VOLUME_TYPE=bind' > ~/.pinata-ssh.env +``` + +This will cause the ssh-agent file to be written to `$HOME/.pinata-ssh-agent`, which +you can reference in your docker-compose.yml: + +``` +# docker-compose.yml +services: +... + volumes: + - type: bind + source: ${HOME}/.pinata-ssh-agent + target: /ssh-agent + environment: + - SSH_AUTH_SOCK=/ssh-agent/ssh-agent.sock +... +``` + +The host mount path can also be changed by setting a `HOST_VOLUME_PATH` in the +.pinata-ssh.env file. + ## Troubleshooting If pinata-ssh-forward fails to run, run `ssh-add -l`. If there are no identities, then run `ssh-add`. diff --git a/pinata-ssh-forward.sh b/pinata-ssh-forward.sh index 52da7a2..7554ea0 100755 --- a/pinata-ssh-forward.sh +++ b/pinata-ssh-forward.sh @@ -3,21 +3,35 @@ set -eo pipefail IMAGE_NAME=uber/ssh-agent-forward:latest CONTAINER_NAME=pinata-sshd +VOLUME_TYPE=volume # volume, bind VOLUME_NAME=ssh-agent +HOST_VOLUME_PATH=${HOME}/.pinata-ssh-agent HOST_PORT=2244 AUTHORIZED_KEYS=$(ssh-add -L | base64 | tr -d '\n') KNOWN_HOSTS_FILE=$(mktemp -t dsaf.XXX) +if [ -e $HOME/.pinata-ssh.env ]; then + . $HOME/.pinata-ssh.env +fi + trap 'rm ${KNOWN_HOSTS_FILE}' EXIT docker rm -f "${CONTAINER_NAME}" >/dev/null 2>&1 || true -docker volume create --name "${VOLUME_NAME}" +if [ ${VOLUME_TYPE} == "volume" ]; then + docker volume create --name "${VOLUME_NAME}" + VOLUME_MOUNT=$VOLUME_NAME +elif [ ${VOLUME_TYPE} == "bind" ]; then + VOLUME_MOUNT=$HOST_VOLUME_PATH +else + echo "Unsupported volume type: $VOLUME_TYPE" + exit 1 +fi docker run \ --name "${CONTAINER_NAME}" \ -e AUTHORIZED_KEYS="${AUTHORIZED_KEYS}" \ - -v ${VOLUME_NAME}:/ssh-agent \ + -v "${VOLUME_MOUNT}:/ssh-agent" \ -d \ -p "${HOST_PORT}:22" \ "${IMAGE_NAME}" >/dev/null \ diff --git a/pinata-ssh-mount.sh b/pinata-ssh-mount.sh index 56e9b78..963dfc3 100755 --- a/pinata-ssh-mount.sh +++ b/pinata-ssh-mount.sh @@ -1,2 +1,19 @@ #!/usr/bin/env bash -echo "-v ssh-agent:/ssh-agent -e SSH_AUTH_SOCK=/ssh-agent/ssh-agent.sock" +VOLUME_TYPE=volume # volume, bind +VOLUME_NAME=ssh-agent +HOST_VOLUME_PATH=${HOME}/.pinata-ssh-agent + +if [ -e $HOME/.pinata-ssh.env ]; then + . $HOME/.pinata-ssh.env +fi + +if [ ${VOLUME_TYPE} == "volume" ]; then + VOLUME_MOUNT=$VOLUME_NAME +elif [ ${VOLUME_TYPE} == "bind" ]; then + VOLUME_MOUNT=$HOST_VOLUME_PATH +else + echo "Unsupported volume type: ${VOLUME_TYPE}" + exit 1 +fi + +echo "-v ${VOLUME_MOUNT}:/ssh-agent -e SSH_AUTH_SOCK=/ssh-agent/ssh-agent.sock"