mirror of
https://github.com/Ravinou/borgwarehouse
synced 2024-05-05 07:13:15 +02:00
feat: provide default sshd_config file for Docker
This commit is contained in:
parent
dbbbc08d5a
commit
65f3590a5a
|
@ -36,7 +36,7 @@ RUN apt-get update && apt-get install -y \
|
|||
|
||||
RUN groupadd -g ${GID} borgwarehouse && useradd -m -u ${UID} -g ${GID} borgwarehouse
|
||||
|
||||
RUN cp /etc/ssh/sshd_config /etc/ssh/moduli /home/borgwarehouse/
|
||||
RUN cp /etc/ssh/moduli /home/borgwarehouse/
|
||||
|
||||
WORKDIR /home/borgwarehouse/app
|
||||
|
||||
|
@ -47,6 +47,7 @@ COPY --from=builder --chown=borgwarehouse:borgwarehouse /app/public ./public
|
|||
COPY --from=builder --chown=borgwarehouse:borgwarehouse /app/.next/static ./.next/static
|
||||
COPY --from=builder --chown=borgwarehouse:borgwarehouse /app/docker/supervisord.conf ./
|
||||
COPY --from=builder --chown=borgwarehouse:borgwarehouse /app/docker/rsyslog.conf /etc/rsyslog.conf
|
||||
COPY --from=builder --chown=borgwarehouse:borgwarehouse /app/docker/sshd_config ./
|
||||
|
||||
USER borgwarehouse
|
||||
|
||||
|
|
|
@ -17,7 +17,11 @@ init_ssh_server() {
|
|||
if [ -z "$(ls -A /etc/ssh)" ]; then
|
||||
print_green "/etc/ssh is empty, generating SSH host keys..."
|
||||
ssh-keygen -A
|
||||
cp /home/borgwarehouse/sshd_config /home/borgwarehouse/moduli /etc/ssh/
|
||||
cp /home/borgwarehouse/moduli /etc/ssh/
|
||||
fi
|
||||
if [ ! -f "/etc/ssh/sshd_config" ]; then
|
||||
print_green "sshd_config not found in your volume, copying the default one..."
|
||||
cp /home/borgwarehouse/app/sshd_config /etc/ssh/
|
||||
fi
|
||||
}
|
||||
|
||||
|
|
32
docker/sshd_config
Normal file
32
docker/sshd_config
Normal file
|
@ -0,0 +1,32 @@
|
|||
Port 22
|
||||
PidFile /home/borgwarehouse/tmp/sshd.pid
|
||||
AllowUsers borgwarehouse
|
||||
LogLevel INFO
|
||||
SyslogFacility AUTH
|
||||
|
||||
# Security
|
||||
Protocol 2
|
||||
PermitRootLogin no
|
||||
PasswordAuthentication no
|
||||
ChallengeResponseAuthentication no
|
||||
AuthenticationMethods publickey
|
||||
MaxAuthTries 2
|
||||
MaxStartups 2:30:10
|
||||
LoginGraceTime 30
|
||||
UsePAM no
|
||||
|
||||
# Useless options for BorgWarehouse
|
||||
PrintMotd no
|
||||
UseDNS no
|
||||
AllowTcpForwarding no
|
||||
X11Forwarding no
|
||||
PermitTTY no
|
||||
|
||||
# Ciphers
|
||||
Ciphers aes256-ctr,aes192-ctr,aes128-ctr
|
||||
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
|
||||
|
||||
# With low bandwidth or huge backup, uncomment the following lines to avoid SSH timeout (Broken pipe).
|
||||
#ClientAliveInterval 600
|
||||
#ClientAliveCountMax 0
|
||||
|
|
@ -7,7 +7,7 @@ logfile_maxbytes=10MB
|
|||
logfile_backups=5
|
||||
|
||||
[program:sshd]
|
||||
command=/usr/sbin/sshd -D -e -o PidFile=/home/borgwarehouse/tmp/sshd.pid -o SyslogFacility=AUTH -o LogLevel=INFO -o PasswordAuthentication=no -o ChallengeResponseAuthentication=no -o UsePAM=no -o PermitRootLogin=no
|
||||
command=/usr/sbin/sshd -D -e -f /etc/ssh/sshd_config
|
||||
stdout_logfile=/home/borgwarehouse/tmp/sshd.log
|
||||
stdout_logfile_maxbytes=10MB
|
||||
stdout_logfile_backups=5
|
||||
|
|
Loading…
Reference in a new issue