opendev/system-config
Code Issues Proposed changes

Have gitea sshd listen on 222

Browse Source 
This will allow us to use host networking since it won't conflict
with existing services.

Change-Id: Ie08d626508cd115561161ac1b60ced538a1c9c67
This commit is contained in:
James E. Blair 2019-02-15 15:56:06 -08:00
parent 67cda2c7df
commit f74ff2bdb7
2 changed files with 35 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docker/gitea/Dockerfile
View File

@ -70,6 +70,8 @@ RUN addgroup --system --gid 1000 git \
# Copy the /etc config files and entrypoint script # Copy the /etc config files and entrypoint script
COPY --from=build-env /go/src/code.gitea.io/gitea/docker / COPY --from=build-env /go/src/code.gitea.io/gitea/docker /
# Copy our custom sshd_config
COPY sshd_config /etc/ssh/sshd_config
# Copy the app # Copy the app
COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea COPY --from=build-env /go/src/code.gitea.io/gitea/gitea /app/gitea/gitea

33
docker/gitea/sshd_config Normal file
View File

@ -0,0 +1,33 @@
Port 222
Protocol 2
AddressFamily any
ListenAddress 0.0.0.0
ListenAddress ::
LogLevel INFO
HostKey /data/ssh/ssh_host_ed25519_key
HostKey /data/ssh/ssh_host_rsa_key
HostKey /data/ssh/ssh_host_dsa_key
HostKey /data/ssh/ssh_host_ecdsa_key
AuthorizedKeysFile .ssh/authorized_keys
UseDNS no
AllowAgentForwarding no
AllowTcpForwarding no
PrintMotd no
PermitUserEnvironment yes
PermitRootLogin no
ChallengeResponseAuthentication no
PasswordAuthentication no
PermitEmptyPasswords no
AllowUsers git
Banner none
Subsystem sftp /usr/lib/ssh/sftp-server
AcceptEnv GIT_PROTOCOL