igor04091968 commited on
Commit
3e381f3
·
verified ·
1 Parent(s): 75ce7c3

Update entrypoint.sh

Browse files
Files changed (1) hide show
  1. entrypoint.sh +26 -6
entrypoint.sh CHANGED
@@ -1,19 +1,39 @@
1
  #!/bin/sh
2
 
3
- # 1. Start the container's SSH server
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
4
  /usr/sbin/sshd
5
 
6
- # 2. Start stunnel client
7
  stunnel /etc/stunnel/stunnel.conf
8
 
9
- # 3. Execute the reverse SSH tunnel command
10
  sleep 2
11
 
 
12
  ssh -N -g \
13
  -o "StrictHostKeyChecking=no" \
14
  -o "UserKnownHostsFile=/dev/null" \
15
  -R 0.0.0.0:1080 \
16
  -R 0.0.0.0:2222:localhost:22 \
17
- -R 0.0.0.0:110:localhost:110 \
18
- -p 2222 root@127.0.0.1 \
19
- -i /root/.ssh/id_rsa_vds1
 
1
  #!/bin/sh
2
 
3
+ # 0. Generate SSH host keys
4
+ # This needs to be run as root, so we use sudo. First, we need to ensure sudo is installed.
5
+ # The Dockerfile should be modified to install sudo and configure sudoers.
6
+ # For now, we assume this script is run with enough permissions or sudo is configured.
7
+
8
+ # A better approach is to handle this in the Dockerfile if possible,
9
+ # but runtime generation ensures keys are always present.
10
+ # We will attempt to run it directly. If it fails, we'll need to adjust the Dockerfile.
11
+ /usr/bin/ssh-keygen -A
12
+
13
+ # 1. Create private key from secret in the user's home directory
14
+ if [ -z "$ID_RSA_VDS1" ]; then
15
+ echo "Error: ID_RSA_VDS1 secret is not set."
16
+ exit 1
17
+ fi
18
+ echo "$ID_RSA_VDS1" > /home/user/.ssh/id_rsa_vds1
19
+ chmod 600 /home/user/.ssh/id_rsa_vds1
20
+
21
+ # 2. Start the container's SSH server
22
+ # It will be run by the 'user' but needs to access the generated host keys.
23
+ # The sshd daemon itself will handle permissions.
24
  /usr/sbin/sshd
25
 
26
+ # 3. Start stunnel client
27
  stunnel /etc/stunnel/stunnel.conf
28
 
 
29
  sleep 2
30
 
31
+ # 4. Execute the reverse SSH tunnel command as the 'user'
32
  ssh -N -g \
33
  -o "StrictHostKeyChecking=no" \
34
  -o "UserKnownHostsFile=/dev/null" \
35
  -R 0.0.0.0:1080 \
36
  -R 0.0.0.0:2222:localhost:22 \
37
+ -R 0.0.0.0:110:localhost:110 -R 0.0.0.0:5201:localhost:5201 \
38
+ -p 2222 user@127.0.0.1 \
39
+ -i /home/user/.ssh/id_rsa_vds1