From 01126aaeea42ede2df7fdd59090335baab2f8f93 Mon Sep 17 00:00:00 2001 From: Girish Ramakrishnan Date: Wed, 21 Dec 2016 09:41:42 -0800 Subject: [PATCH] move ssh configuration to container.sh Note: appstore requires to be fixed to start the provisioning on port 22 Part of #152 --- baseimage/initializeBaseUbuntuImage.sh | 13 ------------- setup/container.sh | 14 ++++++++++++++ setup/start.sh | 2 +- 3 files changed, 15 insertions(+), 14 deletions(-) diff --git a/baseimage/initializeBaseUbuntuImage.sh b/baseimage/initializeBaseUbuntuImage.sh index 9d0a72476..b691aae10 100644 --- a/baseimage/initializeBaseUbuntuImage.sh +++ b/baseimage/initializeBaseUbuntuImage.sh @@ -196,16 +196,3 @@ apt-get -y install unbound echo "==== Install ssh ===" apt-get -y install openssh-server - -# caas has ssh on port 202 and we disable password login -if [[ "${PROVIDER}" == "caas" ]]; then - # https://stackoverflow.com/questions/4348166/using-with-sed on why ? must be escaped - sed -e 's/^#\?PermitRootLogin .*/PermitRootLogin without-password/g' \ - -e 's/^#\?PermitEmptyPasswords .*/PermitEmptyPasswords no/g' \ - -e 's/^#\?PasswordAuthentication .*/PasswordAuthentication no/g' \ - -e 's/^#\?Port .*/Port 202/g' \ - -i /etc/ssh/sshd_config - - # required so we can connect to this machine since port 22 is blocked by iptables by now - systemctl reload sshd -fi diff --git a/setup/container.sh b/setup/container.sh index e43de0f3a..2e07bc33e 100755 --- a/setup/container.sh +++ b/setup/container.sh @@ -13,6 +13,20 @@ readonly container_files="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/containe readonly CONFIG_DIR="/home/yellowtent/configs" readonly DATA_DIR="/home/yellowtent/data" +readonly provider="${1:-generic}" + +# caas has ssh on port 202 and we disable password login +if [[ "${provider}" == "caas" ]]; then + # https://stackoverflow.com/questions/4348166/using-with-sed on why ? must be escaped + sed -e 's/^#\?PermitRootLogin .*/PermitRootLogin without-password/g' \ + -e 's/^#\?PermitEmptyPasswords .*/PermitEmptyPasswords no/g' \ + -e 's/^#\?PasswordAuthentication .*/PasswordAuthentication no/g' \ + -e 's/^#\?Port .*/Port 202/g' \ + -i /etc/ssh/sshd_config + + # required so we can connect to this machine since port 22 is blocked by iptables by now + systemctl reload sshd +fi echo "=== Setup btrfs data ===" if ! grep -q loop.ko /lib/modules/`uname -r`/modules.builtin; then diff --git a/setup/start.sh b/setup/start.sh index cb2471d55..889191619 100755 --- a/setup/start.sh +++ b/setup/start.sh @@ -32,7 +32,7 @@ set_progress() { } set_progress "1" "Create container" -$script_dir/container.sh +$script_dir/container.sh "${arg_provider}" set_progress "5" "Adjust system settings" hostnamectl set-hostname "${arg_fqdn}"