Spaces:
Paused
Paused
| # 0. Generate SSH host keys | |
| # This needs to be run as root, so we use sudo. First, we need to ensure sudo is installed. | |
| # The Dockerfile should be modified to install sudo and configure sudoers. | |
| # For now, we assume this script is run with enough permissions or sudo is configured. | |
| # A better approach is to handle this in the Dockerfile if possible, | |
| # but runtime generation ensures keys are always present.. | |
| # We will attempt to run it directly. If it fails, we'll need to adjust the Dockerfile. | |
| /usr/bin/ssh-keygen -A | |
| # 1. Create private key from secret in the user's home directory | |
| if [ -z "$ID_RSA_VDS1" ]; then | |
| echo "Error: ID_RSA_VDS1 secret is not set." | |
| exit 1 | |
| fi | |
| echo "$ID_RSA_VDS1" > /home/user/.ssh/id_rsa_vds1 | |
| chmod 600 /home/user/.ssh/id_rsa_vds1 | |
| # 2. Start the container's SSH server | |
| # It will be run by the 'user' but needs to access the generated host keys. | |
| # The sshd daemon itself will handle permissions. | |
| /usr/sbin/sshd | |
| # 3. Start stunnel client | |
| stunnel /etc/stunnel/stunnel.conf | |
| sleep 2 | |
| # 4. Execute the reverse SSH tunnel command as the 'user' | |
| ssh -N -g \ | |
| -o "StrictHostKeyChecking=no" \ | |
| -o "UserKnownHostsFile=/dev/null" \ | |
| -R 0.0.0.0:1080 \ | |
| -R 0.0.0.0:2222:localhost:22 \ | |
| -R 0.0.0.0:110:localhost:110 -R 0.0.0.0:5201:localhost:5201 \ | |
| -p 2222 user@127.0.0.1 \ | |
| -i /home/user/.ssh/id_rsa_vds1 |