name: dind-sshd
services:
  dind:
    image: apiv1/sshd:dockerd
    tmpfs: /tmp:exec,rw
    privileged: true
    init: true
    entrypoint: sh
    command: |
      -c '
        groupadd --gid $${PGID} $${SSHD_USERNAME}
        useradd --shell /bin/sh --uid $${PUID} --gid $${PGID} --password $$(openssl passwd $${SSHD_PASSWORD}) --create-home --home-dir /home/$${SSHD_USERNAME} $${SSHD_USERNAME}
        usermod -aG docker $${SSHD_USERNAME}

        chown -R $${SSHD_USERNAME}:$${SSHD_USERNAME} /home/$${SSHD_USERNAME}

        chmod 744 /home/$${SSHD_USERNAME}/.ssh
        AUTH_KEY_FILE="/home/$${SSHD_USERNAME}/.ssh/authorized_keys"
        test -f "$$AUTH_KEY_FILE" && chmod 400 "$$AUTH_KEY_FILE"

        export DOCKERD_OPT="--data-root /dockerd/lib/docker --exec-root /tmp/dockerd/run/docker -p /tmp/dockerd/run/docker.pid $${DOCKERD_OPT}"
        exec /entrypoint.sh
      '
    environment:
      - PUID=${PUID:-2000}
      - PGID=${PGID:-2000}
      - DOCKERD_OPT=${DOCKERD_OPT:-}
      - SSHD_USERNAME=${SSHD_USERNAME:-docker}
      - SSHD_PASSWORD=${SSHD_PASSWORD:-passwd654321!}
    volumes:
      - dockerd:/dockerd
      - ssh:/etc/ssh
    restart: always
volumes:
  dockerd:
  ssh: