Skip to content

Docker container to sync SSH authorized keys from S3

Notifications You must be signed in to change notification settings

talaris/docker-s3-sync

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Docker S3 Sync

A docker container to periodically fetch files from S3.

It's useful for provisioning sensitive credentials.

See ktheory/docker-s3-sync in the docker registry.

Usage:

Basic docker example:

# Copy s3://mybucket/authorized_keys to /root/.ssh/authorized_keys
docker run \
-e S3_BUCKET=mybucket \
-e S3_KEY=authorized_keys \
-e DESTINATION=/data/authorized_keys \
-e MODE='0600' # Optional file mode
-e OWNER_UID='1000' # Optional file owner
-e OWNER_GID='1000' # Optional file group
-v /root/.ssh:/data # Map /root/.ssh on the host to /data in the container
--rm \
ktheory/docker-s3-sync

AWS credentials are assumed to be provided via an IAM instance profile. To use traditional AWS credentials, pass AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY env vars.

Convenient docker-s3-sync script

A small ruby script is included to use the container more concisely.

Install it:

curl -O /usr/local/bin/docker-s3-sync https://raw.githubusercontent.com/ktheory/docker-s3-sync/v0.5.0/docker-s3-sync
chmod +x /usr/local/bin/docker-s3-sync

Use it:

docker-s3-sync -b BUCKET -k KEY [-i INTERVAL ] [-m MODE] [-u UID] [-g GID] DESTINATION

# For example:
docker-s3-sync -b mybucket -k authorized_keys -m 0600 /root/.ssh/authorized_keys

About

Docker container to sync SSH authorized keys from S3

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Ruby 71.7%
  • Shell 28.3%