initial release

.drone.yml

@@ -0,0 +1,34 @@
+kind: pipeline
+name: default
+
+steps:
+  - name: build
+    image: plugins/docker:linux-amd64
+    pull: always
+    settings:
+      dockerfile: Dockerfile
+      daemon_off: false
+      dry_run: true
+      repo: docker.asperti.com/paspo/sshtunnel
+    when:
+      event:
+        exclude:
+        - tag
+        
+  - name: build_and_publish
+    image: plugins/docker:linux-amd64
+    pull: always
+    settings:
+      dockerfile: Dockerfile
+      auto_tag: false
+      force_tag: true
+      daemon_off: false
+      password:
+        from_secret: docker_password
+      registry: docker.asperti.com
+      repo: docker.asperti.com/paspo/sshtunnel
+      username:
+        from_secret: docker_username
+    when:
+      event:
+      - tag

Dockerfile

@@ -0,0 +1,17 @@
+FROM alpine:latest
+
+ARG SSH_USER
+ARG SSH_HOST
+ARG SSH_PORT
+ARG SSH_IDENTITY_PATH
+
+ARG REMOTE_HOST
+ARG REMOTE_PORT
+ARG LOCAL_PORT
+
+RUN \
+  apk -U add openssh-client
+
+COPY entrypoint.sh /
+
+ENTRYPOINT ["/bin/sh", "/entrypoint.sh"]

README.md

@@ -1,3 +1,47 @@
 # docker-sshtunnel
 
-You can use this docker container to create a SSH tunnel to a remote machine and have it "visible" inside your docker environment.
+[![Build Status](https://drone.asperti.com/api/badges/paspo/docker-sshtunnel/status.svg)](https://drone.asperti.com/paspo/docker-sshtunnel)
+
+You can use this docker container to create a SSH tunnel to a remote machine and have it "visible" inside your docker environment.
+
+## Usage example
+
+With the following settings, you have a container that establishes an SSH session with the specified remote machine, forwards remote mysql port to a port on the local container itself which is then exported by the local docker.
+
+That way you can connect to a remote mysql server (even if not directly exposed) as if it is running on your machine.
+
+### Plain docker
+
+```bash
+docker run --rm -ti \
+    -e SSH_USER=root \
+    -e SSH_HOST=myremoteserver.mydomain.com \
+    -e REMOTE_PORT=3306 \
+    -e LOCAL_PORT=3306 \
+    -e REMOTE_HOST=127.0.0.1 \
+    -p 3306:3306 \
+    -v /home/me/.ssh/id_rsa:/id_rsa \
+    --name stu \
+    docker.asperti.com/paspo/sshtunnel:latest
+```
+
+## docker-compose
+
+```yaml
+version: "3"
+services:
+
+  backup-slave:
+    image: docker.asperti.com/paspo/sshtunnel:latest
+    restart: unless-stopped
+    volumes:
+      - "/home/me/.ssh/id_rsa:/id_rsa"
+    environment:
+      - SSH_USER=root
+      - SSH_HOST=myremoteserver.mydomain.com
+      - REMOTE_PORT=3306
+      - LOCAL_PORT=3306
+      - REMOTE_HOST=127.0.0.1
+    ports:
+      - 3306:3306
+```

entrypoint.sh

@@ -0,0 +1,51 @@
+#!/bin/sh
+
+ERROR=0
+
+if [ "${SSH_USER}" = "" ] ; then
+  echo You must set the SSH_USER environment variable
+  ERROR=1
+fi
+
+if [ "${SSH_HOST}" = "" ] ; then
+  echo You must set the SSH_HOST environment variable
+  ERROR=1
+fi
+
+if [ "${REMOTE_HOST}" = "" ] ; then
+  echo You must set the REMOTE_HOST environment variable
+  ERROR=1
+fi
+
+if [ "${REMOTE_PORT}" = "" ] ; then
+  echo You must set the REMOTE_PORT environment variable
+  ERROR=1
+fi
+
+if [ "${LOCAL_PORT}" = "" ] ; then
+  echo You must set the LOCAL_PORT environment variable
+  ERROR=1
+fi
+
+SSH_PORT=${SSH_PORT:-22}
+SSH_IDENTITY_PATH=${SSH_IDENTITY_PATH:-/id_rsa}
+
+if [ ! -r "${SSH_IDENTITY_PATH}" ] ; then
+  echo "The specified identity file (${SSH_IDENTITY_PATH}) is not readable"
+  ERROR=1
+fi
+
+if [ "${ERROR}" = "1" ] ; then
+  echo "Quitting"
+  exit 1
+fi
+
+while true ; do
+  ssh \
+    -p ${SSH_PORT} -i ${SSH_IDENTITY_PATH} \
+    -o StrictHostKeyChecking=no -N \
+    -L 0.0.0.0:${LOCAL_PORT}:${REMOTE_HOST}:${REMOTE_PORT} \
+    ${SSH_USER}@${SSH_HOST} 
+  echo "Connection closed. Waiting 5 seconds before retry."
+  sleep 5s
+done