mirror of https://github.com/go-gitea/gitea.git
ssh: allow overriding SSH_LISTEN_PORT in SSH_LISTEN_HOST
Support listening on multiple address with different ports by overridding the default SSH_LISTEN_ADDRESS like `0.0.0.0,127.0.0.1:2022,[::1]:222,::`
This commit is contained in:
parent
056ad0c75a
commit
4c75e2b43a
|
@ -150,7 +150,8 @@ RUN_USER = ; git
|
|||
;; SSH username displayed in clone URLs.
|
||||
;SSH_USER = %(BUILTIN_SSH_SERVER_USER)s
|
||||
;;
|
||||
;; The network interface(s) the builtin SSH server should listen on
|
||||
;; The network interface(s) the builtin SSH server should listen on.
|
||||
;; Individual addresses can include a port statement to override SSH_LISTEN_PORT value, like 127.0.0.1:2022,0.0.0.0
|
||||
;SSH_LISTEN_HOST =
|
||||
;;
|
||||
;; Port number to be exposed in clone URL
|
||||
|
|
|
@ -332,7 +332,7 @@ The following configuration set `Content-Type: application/vnd.android.package-a
|
|||
- `SSH_USER`: **%(BUILTIN_SSH_SERVER_USER)s**: SSH username displayed in clone URLs. This is only for people who configure the SSH server themselves; in most cases, you want to leave this blank and modify the `BUILTIN_SSH_SERVER_USER`.
|
||||
- `SSH_DOMAIN`: **%(DOMAIN)s**: Domain name of this server, used for displayed clone URL.
|
||||
- `SSH_PORT`: **22**: SSH port displayed in clone URL.
|
||||
- `SSH_LISTEN_HOST`: **0.0.0.0**: Listen address(es) for the built-in SSH server; multiple addresses can be separated by comma.
|
||||
- `SSH_LISTEN_HOST`: **0.0.0.0**: Listen address(es) for the built-in SSH server; multiple addresses can be separated by comma, addresses can include a port statement to override SSH_LISTEN_PORT.
|
||||
- `SSH_LISTEN_PORT`: **%(SSH\_PORT)s**: Port for the built-in SSH server.
|
||||
- `SSH_ROOT_PATH`: **~/.ssh**: Root path of SSH directory.
|
||||
- `SSH_CREATE_AUTHORIZED_KEYS_FILE`: **true**: Gitea will create a authorized_keys file by default when it is not using the internal ssh server. If you intend to use the AuthorizedKeysCommand functionality then you should turn this off.
|
||||
|
|
|
@ -27,10 +27,15 @@ func Init() error {
|
|||
graceful.GetManager().IncreaseListenerCountBy(len(setting.SSH.ListenHost) - 1)
|
||||
}
|
||||
for _, listenHost := range setting.SSH.ListenHost {
|
||||
Listen(listenHost, setting.SSH.ListenPort, setting.SSH.ServerCiphers, setting.SSH.ServerKeyExchanges, setting.SSH.ServerMACs)
|
||||
var addr string
|
||||
if _, _, err := net.SplitHostPort(listenHost); err == nil {
|
||||
addr = listenHost
|
||||
} else {
|
||||
addr = net.JoinHostPort(listenHost, strconv.Itoa(setting.SSH.ListenPort))
|
||||
}
|
||||
Listen(addr, setting.SSH.ServerCiphers, setting.SSH.ServerKeyExchanges, setting.SSH.ServerMACs)
|
||||
log.Info("SSH server started on %s. Cipher list (%v), key exchange algorithms (%v), MACs (%v)",
|
||||
net.JoinHostPort(listenHost, strconv.Itoa(setting.SSH.ListenPort)),
|
||||
setting.SSH.ServerCiphers, setting.SSH.ServerKeyExchanges, setting.SSH.ServerMACs,
|
||||
addr, setting.SSH.ServerCiphers, setting.SSH.ServerKeyExchanges, setting.SSH.ServerMACs,
|
||||
)
|
||||
}
|
||||
return nil
|
||||
|
|
|
@ -17,7 +17,6 @@ import (
|
|||
"os"
|
||||
"os/exec"
|
||||
"path/filepath"
|
||||
"strconv"
|
||||
"strings"
|
||||
"sync"
|
||||
"syscall"
|
||||
|
@ -280,10 +279,10 @@ func sshConnectionFailed(conn net.Conn, err error) {
|
|||
log.Warn("Failed authentication attempt from %s", conn.RemoteAddr())
|
||||
}
|
||||
|
||||
// Listen starts a SSH server listens on given port.
|
||||
func Listen(host string, port int, ciphers, keyExchanges, macs []string) {
|
||||
// Listen starts a SSH server listens on given addr (host, port combination).
|
||||
func Listen(addr string, ciphers, keyExchanges, macs []string) {
|
||||
srv := ssh.Server{
|
||||
Addr: net.JoinHostPort(host, strconv.Itoa(port)),
|
||||
Addr: addr,
|
||||
PublicKeyHandler: publicKeyHandler,
|
||||
Handler: sessionHandler,
|
||||
ServerConfigCallback: func(ctx ssh.Context) *gossh.ServerConfig {
|
||||
|
|
Loading…
Reference in New Issue