mirror of
https://github.com/Ravinou/borgwarehouse
synced 2024-05-24 17:42:24 +02:00
feat: provide default sshd_config file for Docker
This commit is contained in:
parent
dbbbc08d5a
commit
65f3590a5a
|
@ -36,7 +36,7 @@ RUN apt-get update && apt-get install -y \
|
||||||
|
|
||||||
RUN groupadd -g ${GID} borgwarehouse && useradd -m -u ${UID} -g ${GID} borgwarehouse
|
RUN groupadd -g ${GID} borgwarehouse && useradd -m -u ${UID} -g ${GID} borgwarehouse
|
||||||
|
|
||||||
RUN cp /etc/ssh/sshd_config /etc/ssh/moduli /home/borgwarehouse/
|
RUN cp /etc/ssh/moduli /home/borgwarehouse/
|
||||||
|
|
||||||
WORKDIR /home/borgwarehouse/app
|
WORKDIR /home/borgwarehouse/app
|
||||||
|
|
||||||
|
@ -47,6 +47,7 @@ COPY --from=builder --chown=borgwarehouse:borgwarehouse /app/public ./public
|
||||||
COPY --from=builder --chown=borgwarehouse:borgwarehouse /app/.next/static ./.next/static
|
COPY --from=builder --chown=borgwarehouse:borgwarehouse /app/.next/static ./.next/static
|
||||||
COPY --from=builder --chown=borgwarehouse:borgwarehouse /app/docker/supervisord.conf ./
|
COPY --from=builder --chown=borgwarehouse:borgwarehouse /app/docker/supervisord.conf ./
|
||||||
COPY --from=builder --chown=borgwarehouse:borgwarehouse /app/docker/rsyslog.conf /etc/rsyslog.conf
|
COPY --from=builder --chown=borgwarehouse:borgwarehouse /app/docker/rsyslog.conf /etc/rsyslog.conf
|
||||||
|
COPY --from=builder --chown=borgwarehouse:borgwarehouse /app/docker/sshd_config ./
|
||||||
|
|
||||||
USER borgwarehouse
|
USER borgwarehouse
|
||||||
|
|
||||||
|
|
|
@ -17,7 +17,11 @@ init_ssh_server() {
|
||||||
if [ -z "$(ls -A /etc/ssh)" ]; then
|
if [ -z "$(ls -A /etc/ssh)" ]; then
|
||||||
print_green "/etc/ssh is empty, generating SSH host keys..."
|
print_green "/etc/ssh is empty, generating SSH host keys..."
|
||||||
ssh-keygen -A
|
ssh-keygen -A
|
||||||
cp /home/borgwarehouse/sshd_config /home/borgwarehouse/moduli /etc/ssh/
|
cp /home/borgwarehouse/moduli /etc/ssh/
|
||||||
|
fi
|
||||||
|
if [ ! -f "/etc/ssh/sshd_config" ]; then
|
||||||
|
print_green "sshd_config not found in your volume, copying the default one..."
|
||||||
|
cp /home/borgwarehouse/app/sshd_config /etc/ssh/
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
32
docker/sshd_config
Normal file
32
docker/sshd_config
Normal file
|
@ -0,0 +1,32 @@
|
||||||
|
Port 22
|
||||||
|
PidFile /home/borgwarehouse/tmp/sshd.pid
|
||||||
|
AllowUsers borgwarehouse
|
||||||
|
LogLevel INFO
|
||||||
|
SyslogFacility AUTH
|
||||||
|
|
||||||
|
# Security
|
||||||
|
Protocol 2
|
||||||
|
PermitRootLogin no
|
||||||
|
PasswordAuthentication no
|
||||||
|
ChallengeResponseAuthentication no
|
||||||
|
AuthenticationMethods publickey
|
||||||
|
MaxAuthTries 2
|
||||||
|
MaxStartups 2:30:10
|
||||||
|
LoginGraceTime 30
|
||||||
|
UsePAM no
|
||||||
|
|
||||||
|
# Useless options for BorgWarehouse
|
||||||
|
PrintMotd no
|
||||||
|
UseDNS no
|
||||||
|
AllowTcpForwarding no
|
||||||
|
X11Forwarding no
|
||||||
|
PermitTTY no
|
||||||
|
|
||||||
|
# Ciphers
|
||||||
|
Ciphers aes256-ctr,aes192-ctr,aes128-ctr
|
||||||
|
MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com
|
||||||
|
|
||||||
|
# With low bandwidth or huge backup, uncomment the following lines to avoid SSH timeout (Broken pipe).
|
||||||
|
#ClientAliveInterval 600
|
||||||
|
#ClientAliveCountMax 0
|
||||||
|
|
|
@ -7,7 +7,7 @@ logfile_maxbytes=10MB
|
||||||
logfile_backups=5
|
logfile_backups=5
|
||||||
|
|
||||||
[program:sshd]
|
[program:sshd]
|
||||||
command=/usr/sbin/sshd -D -e -o PidFile=/home/borgwarehouse/tmp/sshd.pid -o SyslogFacility=AUTH -o LogLevel=INFO -o PasswordAuthentication=no -o ChallengeResponseAuthentication=no -o UsePAM=no -o PermitRootLogin=no
|
command=/usr/sbin/sshd -D -e -f /etc/ssh/sshd_config
|
||||||
stdout_logfile=/home/borgwarehouse/tmp/sshd.log
|
stdout_logfile=/home/borgwarehouse/tmp/sshd.log
|
||||||
stdout_logfile_maxbytes=10MB
|
stdout_logfile_maxbytes=10MB
|
||||||
stdout_logfile_backups=5
|
stdout_logfile_backups=5
|
||||||
|
|
Loading…
Reference in a new issue