initial commit

bdito · bdito · commit 11bce38af802 · 2016-03-24T18:04:35.000+01:00
diff --git a/.gitattributes b/.gitattributes
@@ -0,0 +1 @@
+* text eol=lf
diff --git a/Dockerfile b/Dockerfile
@@ -0,0 +1,11 @@
+FROM alpine
+
+RUN apk --no-cache add openssh
+
+VOLUME /ssh
+
+EXPOSE 22
+
+ADD start.sh /start.sh
+RUN chmod u+x /start.sh
+CMD /start.sh
diff --git a/README.md b/README.md
@@ -1,2 +1,20 @@
 # docker-ssh-tunneling
-tunnel remote ports to local ports
+
+
+## Environment Variables
+
+
+#### `SSH_PERMITOPEN=`
+
+hosts and ports you can connect from this container
+example: SSH_PERMITOPEN=database:80 mysql:* redmine:80 redmine:443
+
+
+#### `SSH_USER=`
+
+name of the user to connect via ssh
+
+
+#### `SSH_PASSWORD=`
+
+password of the user to connect via ssh
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -0,0 +1,11 @@
+ssh:
+  image: adito/ssh-tunneling
+
+  ports:
+    - "2222:22"   # ssh
+  environment:
+    - SSH_USER= #SSH-User
+    - SSH_PASSWORD= #SSH-Password
+    - SSH_PERMITOPEN= #Hosts/Ports to connect (example: redmine:80 redmine:443 mysql:*)
+  volumes:
+    - /volume/ssh:/ssh
diff --git a/start.sh b/start.sh
@@ -0,0 +1,16 @@
+if [ ! -f /ssh/ssh_host_rsa_key ]
+  then
+    ssh-keygen -t rsa -b 4096 -f /ssh/ssh_host_rsa_key -N ''
+fi
+
+echo "ForceCommand echo this account can only be used for tunneling" > /etc/ssh/sshd_config
+echo "PermitOpen ${SSH_PERMITOPEN}" >> /etc/ssh/sshd_config
+echo "AllowUsers ${SSH_USER}" >> /etc/ssh/sshd_config
+
+ln -s -f /ssh/ssh_host_rsa_key /etc/ssh/ssh_host_rsa_key
+ln -s -f /ssh/ssh_host_rsa_key.pub /etc/ssh/ssh_host_rsa_key.pub
+
+adduser -D -H ${SSH_USER}
+echo "${SSH_USER}:${SSH_PASSWORD}" | chpasswd
+
+/usr/sbin/sshd -D
