Add separate SSH_USER config option (#17584)

Co-authored-by: zeripath <art27@cantab.net>
This commit is contained in:
Clar Fon 2022-02-07 16:56:45 -05:00 committed by GitHub
parent 9911b66aea
commit 99d14f6051
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 13 additions and 8 deletions

View file

@ -82,12 +82,15 @@ RUN_MODE = ; prod
;; Whether to use the builtin SSH server or not. ;; Whether to use the builtin SSH server or not.
;START_SSH_SERVER = false ;START_SSH_SERVER = false
;; ;;
;; Username to use for the builtin SSH server. If blank, then it is the value of RUN_USER. ;; Username to use for the builtin SSH server.
;BUILTIN_SSH_SERVER_USER = ;BUILTIN_SSH_SERVER_USER = %(RUN_USER)s
;; ;;
;; Domain name to be exposed in clone URL ;; Domain name to be exposed in clone URL
;SSH_DOMAIN = %(DOMAIN)s ;SSH_DOMAIN = %(DOMAIN)s
;; ;;
;; SSH username displayed in clone URLs.
;SSH_USER = %(BUILTIN_SSH_SERVER_USER)s
;;
;; The network interface the builtin SSH server should listen on ;; The network interface the builtin SSH server should listen on
;SSH_LISTEN_HOST = ;SSH_LISTEN_HOST =
;; ;;

View file

@ -265,6 +265,7 @@ The following configuration set `Content-Type: application/vnd.android.package-a
- `DISABLE_SSH`: **false**: Disable SSH feature when it's not available. - `DISABLE_SSH`: **false**: Disable SSH feature when it's not available.
- `START_SSH_SERVER`: **false**: When enabled, use the built-in SSH server. - `START_SSH_SERVER`: **false**: When enabled, use the built-in SSH server.
- `BUILTIN_SSH_SERVER_USER`: **%(RUN_USER)s**: Username to use for the built-in SSH Server. - `BUILTIN_SSH_SERVER_USER`: **%(RUN_USER)s**: Username to use for the built-in SSH Server.
- `SSH_USER`: **%(BUILTIN_SSH_SERVER_USER)**: SSH username displayed in clone URLs. This is only for people who configure the SSH server themselves; in most cases, you want to leave this blank and modify the `BUILTIN_SSH_SERVER_USER`.
- `SSH_DOMAIN`: **%(DOMAIN)s**: Domain name of this server, used for displayed clone URL. - `SSH_DOMAIN`: **%(DOMAIN)s**: Domain name of this server, used for displayed clone URL.
- `SSH_PORT`: **22**: SSH port displayed in clone URL. - `SSH_PORT`: **22**: SSH port displayed in clone URL.
- `SSH_LISTEN_HOST`: **0.0.0.0**: Listen address for the built-in SSH server. - `SSH_LISTEN_HOST`: **0.0.0.0**: Listen address for the built-in SSH server.

View file

@ -135,7 +135,7 @@ func TestViewRepo1CloneLinkAuthorized(t *testing.T) {
assert.Equal(t, setting.AppURL+"user2/repo1.git", link) assert.Equal(t, setting.AppURL+"user2/repo1.git", link)
link, exists = htmlDoc.doc.Find("#repo-clone-ssh").Attr("data-link") link, exists = htmlDoc.doc.Find("#repo-clone-ssh").Attr("data-link")
assert.True(t, exists, "The template has changed") assert.True(t, exists, "The template has changed")
sshURL := fmt.Sprintf("ssh://%s@%s:%d/user2/repo1.git", setting.SSH.BuiltinServerUser, setting.SSH.Domain, setting.SSH.Port) sshURL := fmt.Sprintf("ssh://%s@%s:%d/user2/repo1.git", setting.SSH.User, setting.SSH.Domain, setting.SSH.Port)
assert.Equal(t, sshURL, link) assert.Equal(t, sshURL, link)
} }

View file

@ -540,10 +540,7 @@ func (repo *Repository) cloneLink(isWiki bool) *CloneLink {
repoName += ".wiki" repoName += ".wiki"
} }
sshUser := setting.RunUser sshUser := setting.SSH.User
if setting.SSH.StartBuiltinServer {
sshUser = setting.SSH.BuiltinServerUser
}
cl := new(CloneLink) cl := new(CloneLink)

View file

@ -19,7 +19,7 @@ func TestRepository_WikiCloneLink(t *testing.T) {
repo := unittest.AssertExistsAndLoadBean(t, &Repository{ID: 1}).(*Repository) repo := unittest.AssertExistsAndLoadBean(t, &Repository{ID: 1}).(*Repository)
cloneLink := repo.WikiCloneLink() cloneLink := repo.WikiCloneLink()
assert.Equal(t, "ssh://runuser@try.gitea.io:3000/user2/repo1.wiki.git", cloneLink.SSH) assert.Equal(t, "ssh://sshuser@try.gitea.io:3000/user2/repo1.wiki.git", cloneLink.SSH)
assert.Equal(t, "https://try.gitea.io/user2/repo1.wiki.git", cloneLink.HTTPS) assert.Equal(t, "https://try.gitea.io/user2/repo1.wiki.git", cloneLink.HTTPS)
} }

View file

@ -64,6 +64,8 @@ func MainTest(m *testing.M, pathToGiteaRoot string, fixtureFiles ...string) {
setting.AppURL = "https://try.gitea.io/" setting.AppURL = "https://try.gitea.io/"
setting.RunUser = "runuser" setting.RunUser = "runuser"
setting.SSH.User = "sshuser"
setting.SSH.BuiltinServerUser = "builtinuser"
setting.SSH.Port = 3000 setting.SSH.Port = 3000
setting.SSH.Domain = "try.gitea.io" setting.SSH.Domain = "try.gitea.io"
setting.Database.UseSQLite3 = true setting.Database.UseSQLite3 = true

View file

@ -131,6 +131,7 @@ var (
BuiltinServerUser string `ini:"BUILTIN_SSH_SERVER_USER"` BuiltinServerUser string `ini:"BUILTIN_SSH_SERVER_USER"`
Domain string `ini:"SSH_DOMAIN"` Domain string `ini:"SSH_DOMAIN"`
Port int `ini:"SSH_PORT"` Port int `ini:"SSH_PORT"`
User string `ini:"SSH_USER"`
ListenHost string `ini:"SSH_LISTEN_HOST"` ListenHost string `ini:"SSH_LISTEN_HOST"`
ListenPort int `ini:"SSH_LISTEN_PORT"` ListenPort int `ini:"SSH_LISTEN_PORT"`
RootPath string `ini:"SSH_ROOT_PATH"` RootPath string `ini:"SSH_ROOT_PATH"`
@ -970,6 +971,7 @@ func loadFromConf(allowEmpty bool, extraConfig string) {
} }
SSH.BuiltinServerUser = Cfg.Section("server").Key("BUILTIN_SSH_SERVER_USER").MustString(RunUser) SSH.BuiltinServerUser = Cfg.Section("server").Key("BUILTIN_SSH_SERVER_USER").MustString(RunUser)
SSH.User = Cfg.Section("server").Key("SSH_USER").MustString(SSH.BuiltinServerUser)
newRepository() newRepository()