remove backup user from dockerfile

add btop, borgbackup
sudo build needs host network (rootful podman)
2026-06-02 17:40:22 +02:00 · 2026-05-31 15:43:25 +02:00 · 2026-05-31 15:22:37 +02:00
3 changed files with 19 additions and 15 deletions
@@ -10,15 +10,8 @@ RUN echo 'keepcache=True' >> /etc/dnf/dnf.conf
 RUN --mount=type=cache,target=/var/cache/libdnf5 <<EOF
 # dnf install -y kernel-devel-$(uname -r | awk -F'-' '{print $1}')
 dnf install -y https://zfsonlinux.org/fedora/zfs-release-3-1$(rpm --eval "%{dist}").noarch.rpm
-dnf install -y zfs
+dnf install -y zfs btop borgbackup
+dnf clean all && rm -rf /run/dnf && rm -rf /tmp/*
 EOF

-RUN useradd -m -d /var/home/backup -G wheel backup
-ARG PASSWORD
-RUN echo "backup:${PASSWORD}" | chpasswd
-RUN mkdir /backups && chown backup:backup /backups
-
-COPY --chown=root:root --chmod=600 id_ed25519.pub /root/.ssh/authorized_keys
-COPY --chown=backup:backup --chmod=600 id_ed25519.pub /var/home/backup/.ssh/authorized_keys
-
 RUN bootc container lint
@@ -2,14 +2,13 @@ REPO="gitea.wefers.page/julian/backup-server"
 TAG="latest"

 build() {
-    read -srp "Desired password for user 'backup' in resulting container image: " password
    # ABSOLUTELY DO NOT USE --squash, as ostree NEEDS the layers
    sudo buildah build \
        -t ${REPO}:${TAG} \
-        --build-arg PASSWORD="${password}" \
        --pull \
        --layers \
        --format oci \
+        --network=host \
        .

    if [ $? -eq 0 ]; then
@@ -31,6 +30,7 @@ mkImage() {
        -it \
        --privileged \
        --pull=newer \
+        --network=host \
        --security-opt label=type:unconfined_t \
        -v ./config.toml:/config.toml:ro \
        -v ./output:/output \
@@ -1,3 +1,18 @@
+[customizations]
+hostname = "backupserver"
+
+[[customizations.user]]
+name = "backup"
+description = "Default user account"
+password = "$6$CHO2$3rN8eviE2t50lmVyBYihTgVRHcaecmeCk31L..."
+key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGPAWtzq2/cuv+zPzdDSCe/5pc0HRCxmwFiI5Fu3sEok julian@local"
+home = "/srv/widget/"
+shell = "/usr/bin/bash"
+groups = ["widget", "users", "wheel"]
+uid = 1200
+gid = 1200
+expiredate = 12345
+
 [customizations.iso]
 volume_id = "JuliansBackupServer"
 application_id = "JuliansBackupServer"
@@ -19,10 +34,6 @@ lang en_US
 keyboard de
 timezone Europe/Berlin
 network --device=enp1s0 --bootproto=static --ip=192.168.178.3 --netmask=255.255.255.0 --gateway=192.168.178.1 --nameserver=1192.168.178.8
-# Basic partitioning
-clearpart --all --initlabel --disklabel=gpt --drives=sda
-reqpart --add-boot
-part / --grow --fstype ext4

 # Here's where we reference the container image to install - notice the kickstart
 # has no `%packages` section!  What's being installed here is a container image.
Author	SHA1	Message	Date
Julian Wefers	4165798a02	remove backup user from dockerfile	2026-06-02 17:40:22 +02:00
Julian Wefers	2757744ec9	add btop, borgbackup	2026-05-31 15:43:25 +02:00
Julian Wefers	54d983ef3a	sudo build needs host network (rootful podman)	2026-05-31 15:22:37 +02:00