* New settings option for a custom SSH host (#3763) * let default ssh listen addr empty
This commit is contained in:
parent
11df7ebfc5
commit
65b1875d2b
4 changed files with 10 additions and 7 deletions
|
@ -103,6 +103,8 @@ DISABLE_SSH = false
|
||||||
START_SSH_SERVER = false
|
START_SSH_SERVER = false
|
||||||
; Domain name to be exposed in clone URL
|
; Domain name to be exposed in clone URL
|
||||||
SSH_DOMAIN = %(DOMAIN)s
|
SSH_DOMAIN = %(DOMAIN)s
|
||||||
|
; Network interface builtin SSH server listens on
|
||||||
|
SSH_LISTEN_HOST =
|
||||||
; Port number to be exposed in clone URL
|
; Port number to be exposed in clone URL
|
||||||
SSH_PORT = 22
|
SSH_PORT = 22
|
||||||
; Port number builtin SSH server listens on
|
; Port number builtin SSH server listens on
|
||||||
|
|
|
@ -82,6 +82,7 @@ var (
|
||||||
StartBuiltinServer bool `ini:"START_SSH_SERVER"`
|
StartBuiltinServer bool `ini:"START_SSH_SERVER"`
|
||||||
Domain string `ini:"SSH_DOMAIN"`
|
Domain string `ini:"SSH_DOMAIN"`
|
||||||
Port int `ini:"SSH_PORT"`
|
Port int `ini:"SSH_PORT"`
|
||||||
|
ListenHost string `ini:"SSH_LISTEN_HOST"`
|
||||||
ListenPort int `ini:"SSH_LISTEN_PORT"`
|
ListenPort int `ini:"SSH_LISTEN_PORT"`
|
||||||
RootPath string `ini:"SSH_ROOT_PATH"`
|
RootPath string `ini:"SSH_ROOT_PATH"`
|
||||||
KeyTestPath string `ini:"SSH_KEY_TEST_PATH"`
|
KeyTestPath string `ini:"SSH_KEY_TEST_PATH"`
|
||||||
|
|
|
@ -110,10 +110,10 @@ func handleServerConn(keyID string, chans <-chan ssh.NewChannel) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func listen(config *ssh.ServerConfig, port int) {
|
func listen(config *ssh.ServerConfig, host string, port int) {
|
||||||
listener, err := net.Listen("tcp", "0.0.0.0:"+com.ToStr(port))
|
listener, err := net.Listen("tcp", host+":"+com.ToStr(port))
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
log.Fatal(4, "Fail to start SSH server: %v", err)
|
||||||
}
|
}
|
||||||
for {
|
for {
|
||||||
// Once a ServerConfig has been configured, connections can be accepted.
|
// Once a ServerConfig has been configured, connections can be accepted.
|
||||||
|
@ -148,7 +148,7 @@ func listen(config *ssh.ServerConfig, port int) {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Listen starts a SSH server listens on given port.
|
// Listen starts a SSH server listens on given port.
|
||||||
func Listen(port int) {
|
func Listen(host string, port int) {
|
||||||
config := &ssh.ServerConfig{
|
config := &ssh.ServerConfig{
|
||||||
PublicKeyCallback: func(conn ssh.ConnMetadata, key ssh.PublicKey) (*ssh.Permissions, error) {
|
PublicKeyCallback: func(conn ssh.ConnMetadata, key ssh.PublicKey) (*ssh.Permissions, error) {
|
||||||
pkey, err := models.SearchPublicKeyByContent(strings.TrimSpace(string(ssh.MarshalAuthorizedKey(key))))
|
pkey, err := models.SearchPublicKeyByContent(strings.TrimSpace(string(ssh.MarshalAuthorizedKey(key))))
|
||||||
|
@ -185,5 +185,5 @@ func Listen(port int) {
|
||||||
}
|
}
|
||||||
config.AddHostKey(private)
|
config.AddHostKey(private)
|
||||||
|
|
||||||
go listen(config, port)
|
go listen(config, host, port)
|
||||||
}
|
}
|
||||||
|
|
|
@ -73,7 +73,7 @@ func GlobalInit() {
|
||||||
checkRunMode()
|
checkRunMode()
|
||||||
|
|
||||||
if setting.InstallLock && setting.SSH.StartBuiltinServer {
|
if setting.InstallLock && setting.SSH.StartBuiltinServer {
|
||||||
ssh.Listen(setting.SSH.ListenPort)
|
ssh.Listen(setting.SSH.ListenHost, setting.SSH.ListenPort)
|
||||||
log.Info("SSH server started on :%v", setting.SSH.ListenPort)
|
log.Info("SSH server started on %s:%v", setting.SSH.ListenHost, setting.SSH.ListenPort)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Reference in a new issue