FROM debian:12-slim

RUN apt update && apt install -y openssh-server socat

RUN adduser --disabled-password --gecos "" finn

RUN mkdir /home/finn/.ssh

# only one pubkey -- wildcard to conceal filename
COPY ./oilykey/*.pub /home/finn/.ssh/authorized_keys

RUN mkdir /var/run/sshd
RUN echo "PermitRootLogin no" >> /etc/ssh/sshd_config
RUN echo "PasswordAuthentication no" >> /etc/ssh/sshd_config

COPY ./entrypoint.sh /

ENTRYPOINT ["/entrypoint.sh"]