4 changed files with 147 additions and 1 deletions
@ -0,0 +1,34 @@
|
||||
kind: pipeline |
||||
name: default |
||||
|
||||
steps: |
||||
- name: build |
||||
image: plugins/docker:linux-amd64 |
||||
pull: always |
||||
settings: |
||||
dockerfile: Dockerfile |
||||
daemon_off: false |
||||
dry_run: true |
||||
repo: docker.asperti.com/paspo/sshtunnel |
||||
when: |
||||
event: |
||||
exclude: |
||||
- tag |
||||
|
||||
- name: build_and_publish |
||||
image: plugins/docker:linux-amd64 |
||||
pull: always |
||||
settings: |
||||
dockerfile: Dockerfile |
||||
auto_tag: false |
||||
force_tag: true |
||||
daemon_off: false |
||||
password: |
||||
from_secret: docker_password |
||||
registry: docker.asperti.com |
||||
repo: docker.asperti.com/paspo/sshtunnel |
||||
username: |
||||
from_secret: docker_username |
||||
when: |
||||
event: |
||||
- tag |
@ -0,0 +1,17 @@
|
||||
FROM alpine:latest |
||||
|
||||
ARG SSH_USER |
||||
ARG SSH_HOST |
||||
ARG SSH_PORT |
||||
ARG SSH_IDENTITY_PATH |
||||
|
||||
ARG REMOTE_HOST |
||||
ARG REMOTE_PORT |
||||
ARG LOCAL_PORT |
||||
|
||||
RUN \ |
||||
apk -U add openssh-client |
||||
|
||||
COPY entrypoint.sh / |
||||
|
||||
ENTRYPOINT ["/bin/sh", "/entrypoint.sh"] |
@ -1,3 +1,47 @@
|
||||
# docker-sshtunnel |
||||
|
||||
You can use this docker container to create a SSH tunnel to a remote machine and have it "visible" inside your docker environment. |
||||
[](https://drone.asperti.com/paspo/docker-sshtunnel) |
||||
|
||||
You can use this docker container to create a SSH tunnel to a remote machine and have it "visible" inside your docker environment. |
||||
|
||||
## Usage example |
||||
|
||||
With the following settings, you have a container that establishes an SSH session with the specified remote machine, forwards remote mysql port to a port on the local container itself which is then exported by the local docker. |
||||
|
||||
That way you can connect to a remote mysql server (even if not directly exposed) as if it is running on your machine. |
||||
|
||||
### Plain docker |
||||
|
||||
```bash |
||||
docker run --rm -ti \ |
||||
-e SSH_USER=root \ |
||||
-e SSH_HOST=myremoteserver.mydomain.com \ |
||||
-e REMOTE_PORT=3306 \ |
||||
-e LOCAL_PORT=3306 \ |
||||
-e REMOTE_HOST=127.0.0.1 \ |
||||
-p 3306:3306 \ |
||||
-v /home/me/.ssh/id_rsa:/id_rsa \ |
||||
--name stu \ |
||||
docker.asperti.com/paspo/sshtunnel:latest |
||||
``` |
||||
|
||||
## docker-compose |
||||
|
||||
```yaml |
||||
version: "3" |
||||
services: |
||||
|
||||
backup-slave: |
||||
image: docker.asperti.com/paspo/sshtunnel:latest |
||||
restart: unless-stopped |
||||
volumes: |
||||
- "/home/me/.ssh/id_rsa:/id_rsa" |
||||
environment: |
||||
- SSH_USER=root |
||||
- SSH_HOST=myremoteserver.mydomain.com |
||||
- REMOTE_PORT=3306 |
||||
- LOCAL_PORT=3306 |
||||
- REMOTE_HOST=127.0.0.1 |
||||
ports: |
||||
- 3306:3306 |
||||
``` |
||||
|
@ -0,0 +1,51 @@
|
||||
#!/bin/sh |
||||
|
||||
ERROR=0 |
||||
|
||||
if [ "${SSH_USER}" = "" ] ; then |
||||
echo You must set the SSH_USER environment variable |
||||
ERROR=1 |
||||
fi |
||||
|
||||
if [ "${SSH_HOST}" = "" ] ; then |
||||
echo You must set the SSH_HOST environment variable |
||||
ERROR=1 |
||||
fi |
||||
|
||||
if [ "${REMOTE_HOST}" = "" ] ; then |
||||
echo You must set the REMOTE_HOST environment variable |
||||
ERROR=1 |
||||
fi |
||||
|
||||
if [ "${REMOTE_PORT}" = "" ] ; then |
||||
echo You must set the REMOTE_PORT environment variable |
||||
ERROR=1 |
||||
fi |
||||
|
||||
if [ "${LOCAL_PORT}" = "" ] ; then |
||||
echo You must set the LOCAL_PORT environment variable |
||||
ERROR=1 |
||||
fi |
||||
|
||||
SSH_PORT=${SSH_PORT:-22} |
||||
SSH_IDENTITY_PATH=${SSH_IDENTITY_PATH:-/id_rsa} |
||||
|
||||
if [ ! -r "${SSH_IDENTITY_PATH}" ] ; then |
||||
echo "The specified identity file (${SSH_IDENTITY_PATH}) is not readable" |
||||
ERROR=1 |
||||
fi |
||||
|
||||
if [ "${ERROR}" = "1" ] ; then |
||||
echo "Quitting" |
||||
exit 1 |
||||
fi |
||||
|
||||
while true ; do |
||||
ssh \ |
||||
-p ${SSH_PORT} -i ${SSH_IDENTITY_PATH} \ |
||||
-o StrictHostKeyChecking=no -N \ |
||||
-L 0.0.0.0:${LOCAL_PORT}:${REMOTE_HOST}:${REMOTE_PORT} \ |
||||
${SSH_USER}@${SSH_HOST} |
||||
echo "Connection closed. Waiting 5 seconds before retry." |
||||
sleep 5s |
||||
done |
Loading…
Reference in new issue