Add admin password

gbraad · gbraad · commit 1ab2d674ce0f · 2025-01-17T11:55:55.000+08:00
diff --git a/.github/workflows/build-container-bootc.yml b/.github/workflows/build-container-bootc.yml
@@ -16,6 +16,7 @@ jobs:
       - name: Run podman build - base
         run: |
           podman build -t ghcr.io/gbraad-homelab/forgejo/bootc:latest \
+            --build-arg=ADMIN_PASSWD="password" \
             --build-arg=BASE_IMAGE="ghcr.io/gbraad-homelab/private-base/bootc" \
             --build-arg=BASE_VERSION="latest" \
             -f containers/Containerfile .
diff --git a/.github/workflows/build-container.yml b/.github/workflows/build-container.yml
@@ -14,6 +14,11 @@ jobs:
       - name: Check out repository code
         uses: actions/checkout@v4
       - name: Run podman build - base
-        run: podman build -t ghcr.io/gbraad-homelab/forgejo:latest -f containers/Containerfile .
+        run: |
+          podman build -t ghcr.io/gbraad-homelab/forgejo:latest \
+            --build-arg=ADMIN_PASSWD="password" \
+            -f containers/Containerfile .
       - name: Push image to ghcr.io - base
-        run: podman push --creds=${{ github.actor }}:${{ secrets.GITHUB_TOKEN }} ghcr.io/gbraad-homelab/forgejo:latest
+        run: |
+          podman push --creds=${{ github.actor }}:${{ secrets.GITHUB_TOKEN }} \
+            ghcr.io/gbraad-homelab/forgejo:latest
diff --git a/containers/Containerfile b/containers/Containerfile
@@ -3,6 +3,16 @@ ARG BASE_VERSION="latest"
 
 FROM ${BASE_IMAGE}:${BASE_VERSION}
 
+# Create a default 'admin' user with the specified password.
+# Add it to the 'wheel' group to allow for running sudo commands.
+ARG ADMIN_PASSWD
+# hadolint ignore=DL4006
+RUN if [ -z "${ADMIN_PASSWD}" ] ; then \
+        echo "ADMIN_PASSWD is a mandatory build argument" && exit 1 ; \
+    fi \
+    && useradd -m -d /var/home/admin -G wheel admin \
+    && echo "admin:${ADMIN_PASSWD}" | chpasswd
+
 RUN dnf install -y git git-lfs openssh-server \
     && dnf clean all \
     && rm -rf /var/cache/yum \
@@ -12,9 +22,8 @@ RUN dnf install -y git git-lfs openssh-server \
     && sed -i 's/HOME=\/home\/git/HOME=\/var\/home\/git/' /etc/systemd/system/forgejo.service \
     && systemctl enable forgejo.service \
     && systemctl enable sshd.service \
-    && chmod 640 /etc/shadow
-
-RUN mkdir -p /var/home/ \
+    && chmod 640 /etc/shadow \
+    && mkdir -p /var/home/ \
     && groupadd --system git \
     && useradd --system --shell /bin/bash --comment 'Git Version Control' --gid git --home-dir /var/home/git --create-home git \
     && mkdir /var/lib/forgejo \
