Browse Source

new: enable access to ``git.0k.io`` from other LXC

postgres
Valentin Lab 12 years ago
parent
commit
9fab03c1cd
  1. 22
      precise/base-0k/hooks/install
  2. 27
      precise/base-0k/src/etc/ssh/lxc_git_access_id_rsa
  3. 1
      precise/base-0k/src/etc/ssh/lxc_git_access_id_rsa.pub
  4. 17
      precise/git/hooks/install
  5. 4
      precise/git/shorewall
  6. 1
      precise/git/src/etc/ssh/lxc_git_access_id_rsa.pub

22
precise/base-0k/hooks/install

@ -101,3 +101,25 @@ function glog() {
prompt 1 prompt 1
EOF EOF
##
## ssh config
##
cp src/etc/ssh/lxc_git_access_id_rsa /etc/ssh/lxc_git_access_id_rsa
cat <<EOF > ~/.ssh/config
Host git.0k.io
User lxc-user
IdentityFile /etc/ssh/lxc_git_access_id_rsa
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
Port 10022
EOF

27
precise/base-0k/src/etc/ssh/lxc_git_access_id_rsa

@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEA7NUITk5i/GnMaz0dPbuXoyhTBufRXyYVNsna+zfkq/SHhrhB
6h8yoyhROe8wtXNQ26SW7CT9kQrpqZ9bf/nLRwW5KpLgRM0ETw721O6wf2ElJHNa
sLOzNwkqrj3eRA8Gph3pDl9E5wBk6vVFVe8pDfmrnlQ1dbPVQK5kbsRpqgJxmg6a
3yqPao2qsexLBg1fuxRDX75WRwYsaljj1gK52aigFGf3BUSmvIGtUkOdsw4AHFVD
Oh9K0gsjxo0+kBpYfI36N6o5Akg+TiQVZBvQsksruwPKL9/uz2SNn8vYADtw0xvr
QIKPO0GCqOOmO7lBORZwGe30WfY3yNoAkqKoIwIDAQABAoIBABEv1I56Ocy/kMon
gTu9pV99yaiyogsZpGh5dZ7Ni5a/BCbOsFnhMbeNcXeW2B4S5EdMRneUp6Ii/JoG
qok7A3l//NQOHKBhkHJ8T4VcXQqhbiSbCnXQVK0lyScj7kFaJc1gVk1otINfD/PN
IN7/oCcXe1DeI5MLHeq3vSocrt5bc0fs2F4Z9lR18PjRYNp3bcI5j1tlqk1MXJ46
mT0MxDTFSm0W/jx74pbtWwPKKT1MP8y2uvZXRzKmxicMJ+S5u9yqmn1AOqdBQ/8Y
3kAkBaGGFafvmwbDu+Ss9WWNrb60+vauVmzFoxH4EozREvqpOCC4RN6JJFioBQgW
zkugTiECgYEA/29MwSUXiEQBsA8NYWn6ULL1rOqoNX3NMWhoJN1QeJjjgDXB0Iuv
ds8Iu5ZRAFFhOazkiZ/PlDth1Xl19/1ZdoH8Qx1a8MD0dTsLy4RZDgXxKEiMGpqg
5VPMVeuLEwg3xTPkqxKM2J6XJK1JS/yn13bOKEnETUxtyDmuQjEqqM8CgYEA7Vsx
y1uk+5vf3yTKJzIg04SahPdKyW1bwc/Q6MKL3NZT6o+OEnrCqrdu74T7K/GimL0H
rDIykGAVIaJxi9rLL5NN8GHcUD/TEnmI0lMLAhsI4wrWQvDRhJ3IVbY9k9uplQhu
T0yHszAyacbfeiBEuKwVmQxXJHrjopTHESScuG0CgYEA1Q15gLQ2b5MBsV6ss27Y
uUy7e7HyAUPfzXEfRHhQMXaccwjjktWf0cIXr5dOEqzOInQh3uSsGCB7lroLeoAX
ibAbv8MRYjQe8lUAnozSVs7/+bChI2OMBhuiGJwxUPuOwO5qsYH0do241X+v3jBr
slzG0XXNxQeVneb2gQFPaqMCgYB7l0m1VxHwRbjri0+L20lGejyvUcjqW3w0zg48
tNh49E0bzQYwTyXAGOW16GuU9SwyFfPB0R2NGcrHCbvQE+xK6IvjyEEctC8m5ou8
4KrRvNwCxOjOUHD4eeQP5WXo8K87v/kYZ4QdZNJLS9ef0t+VvV09pTRW9XpEdO22
2naUfQKBgQDPdVdPhq5tZLwfW/1Ml6+pm5kYCAftqpsTHl0jQ8APH4/PyA/41HDY
13BgOxbqEToC79/C/4+AncID/EXpi5SuUHs2ZjmiMoTqy+1UrpKAlsVJXNGMSYa9
ll9nPEIvb+TPXHhPfQtgvQcLkDhP4vh209eDzXSAox0sADr48XLxwA==
-----END RSA PRIVATE KEY-----

1
precise/base-0k/src/etc/ssh/lxc_git_access_id_rsa.pub

@ -0,0 +1 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDs1QhOTmL8acxrPR09u5ejKFMG59FfJhU2ydr7N+Sr9IeGuEHqHzKjKFE57zC1c1DbpJbsJP2RCumpn1t/+ctHBbkqkuBEzQRPDvbU7rB/YSUkc1qws7M3CSquPd5EDwamHekOX0TnAGTq9UVV7ykN+aueVDV1s9VArmRuxGmqAnGaDprfKo9qjaqx7EsGDV+7FENfvlZHBixqWOPWArnZqKAUZ/cFRKa8ga1SQ52zDgAcVUM6H0rSCyPGjT6QGlh8jfo3qjkCSD5OJBVkG9CySyu7A8ov3+7PZI2fy9gAO3DTG+tAgo87QYKo46Y7uUE5FnAZ7fRZ9jfI2gCSoqgj lxc-user@lxc

17
precise/git/hooks/install

@ -44,3 +44,20 @@ ln -sf /opt/apps/git-bzr-ng/git-bzr /usr/lib/git-core/
cp src/sbin/git-bzr-syncs /usr/sbin/git-bzr-syncs cp src/sbin/git-bzr-syncs /usr/sbin/git-bzr-syncs
cp src/etc/cron.daily/git-bzr-syncs /etc/cron.daily/git-bzr-syncs cp src/etc/cron.daily/git-bzr-syncs /etc/cron.daily/git-bzr-syncs
##
## Setup password-less access for other LXC
##
LXC_USER=lxc-user
LXC_USER_HOME=/var/lib/$LXC_USER
groupadd -r git-users &&
adduser --system --home=$LXC_USER_HOME --shell /bin/bash --ingroup=git-users $LXC_USER &&
mkdir $LXC_USER_HOME/.ssh -p &&
cat srv/etc/ssh/lxc_git_access_id_rsa.pub >> $LXC_USER_HOME/.ssh/authorized_keys &&
chown lxc-user $LXC_USER_HOME/.ssh -R

4
precise/git/shorewall

@ -1,2 +1,6 @@
DNAT net lan:%%NAME%%:22 tcp 10022 DNAT net lan:%%NAME%%:22 tcp 10022
DNAT lan lan:%%NAME%%:22 tcp 10022 - %%HOST_INTERNET_IP%%
DNAT fw lan:%%NAME%%:22 tcp 10022 - %%HOST_INTERNET_IP%%

1
precise/git/src/etc/ssh/lxc_git_access_id_rsa.pub

@ -0,0 +1 @@
../../../../base-0k/src/etc/ssh/lxc_git_access_id_rsa.pub
Loading…
Cancel
Save