FROM debian:bookworm
LABEL PROJECT "ansible_role_package"
LABEL MAINTAINER "Matthew Stobbs <matthew@stobbs.ca>"

RUN useradd -d /home/ansible -m -G wheel ansible
RUN apt update && \
    apt install -y openssh-server python3-paramiko gnupg2
EXPOSE 22

USER ansible
WORKDIR /home/ansible
RUN mkdir /home/ansible/.ssh
COPY ./pubkey /home/ansible/.ssh/authorized_keys

USER root
RUN echo "ansible ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/sudoers
RUN ssh-keygen -A
ENTRYPOINT /usr/sbin/sshd -D