FROM alpine:latest

# Install necessary packages
RUN apk update && apk add --no-cache openssh openrc openssh-keygen bash sudo python3 py3-pip net-tools

# Create a non-root user (admin)
RUN adduser -D admin
RUN echo "admin:password" | chpasswd
RUN addgroup admin wheel
RUN adduser admin wheel

# SSH Configuration
RUN mkdir -p /var/run/sshd /app /app/ssh
RUN chmod -R 777 /app

# SSH Configuration
#RUN mkdir /app

# Copy all the contents of the /app folder
COPY . /app


# Generate SSH keys and print them
#RUN ssh-keygen -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N "" && \
#    cat /etc/ssh/ssh_host_rsa_key && \
#    ssh-keygen -t ecdsa -b 256 -f /etc/ssh/ssh_host_ecdsa_key -N "" && \
#    cat /etc/ssh/ssh_host_ecdsa_key && \
#    ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N "" && \
#    cat /etc/ssh/ssh_host_ed25519_key

# Generate SSH keys
RUN ssh-keygen -t rsa -b 2048 -f /etc/ssh/ssh_host_rsa_key -N "" && \
    ssh-keygen -t ecdsa -b 256 -f /etc/ssh/ssh_host_ecdsa_key -N "" && \
    ssh-keygen -t ed25519 -f /etc/ssh/ssh_host_ed25519_key -N ""

# Secure SSH Configuration
RUN sed -i 's/#PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config && \
    sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes/' /etc/ssh/sshd_config && \
    sed -i 's/#ChallengeResponseAuthentication yes/ChallengeResponseAuthentication no/' /etc/ssh/sshd_config && \
    sed -i 's/#UsePAM yes/UsePAM no/' /etc/ssh/sshd_config && \
    sed -i 's/#Port 22/Port 2222/' /etc/ssh/sshd_config && \
    echo "AllowUsers admin" >> /etc/ssh/sshd_config


# Copy all the contents of /etc/ssh to /app/ssh
RUN mkdir -p /app/ssh && cp -r /etc/ssh/* /app/ssh


# Set the permissions for the SSH keys
RUN chmod 777 /etc/ssh/ssh_host_* && \
    touch /app/ssh/ssh_known_hosts && \
    chmod 777 /app/ssh/ssh_* && \
    chmod 777 /home

# List contents of /etc/ssh and /app/ssh
RUN ls -l /etc/ssh/ && \
    ls -l /app/ssh/

# Install WebSSH
RUN python3 -m venv /app/venv && \
    /app/venv/bin/pip install --no-cache-dir --upgrade pip && \
    /app/venv/bin/pip install --no-cache-dir -r /app/WebSSH/requirements.txt && \
    /app/venv/bin/pip list 
    
# Expose the new SSH port
EXPOSE 2222

RUN chmod -R 777 /app

# Copy the start.sh script
#RUN chmod 777 /app/venv/lib/python3.12/site-packages/
#RUN touch /app/venv/lib/python3.12/site-packages/known_hosts
#RUN chmod 777 /app/venv/lib/python3.12/site-packages/known_hosts

EXPOSE 7860

CMD ["/app/start.sh"]