initial release
This commit is contained in:
parent
0867a6fd69
commit
d7fafd0928
34
.drone.yml
Normal file
34
.drone.yml
Normal file
@ -0,0 +1,34 @@
|
||||
kind: pipeline
|
||||
name: default
|
||||
|
||||
steps:
|
||||
- name: build
|
||||
image: plugins/docker:linux-amd64
|
||||
pull: always
|
||||
settings:
|
||||
dockerfile: Dockerfile
|
||||
daemon_off: false
|
||||
dry_run: true
|
||||
repo: docker.asperti.com/paspo/sshtunnel
|
||||
when:
|
||||
event:
|
||||
exclude:
|
||||
- tag
|
||||
|
||||
- name: build_and_publish
|
||||
image: plugins/docker:linux-amd64
|
||||
pull: always
|
||||
settings:
|
||||
dockerfile: Dockerfile
|
||||
auto_tag: false
|
||||
force_tag: true
|
||||
daemon_off: false
|
||||
password:
|
||||
from_secret: docker_password
|
||||
registry: docker.asperti.com
|
||||
repo: docker.asperti.com/paspo/sshtunnel
|
||||
username:
|
||||
from_secret: docker_username
|
||||
when:
|
||||
event:
|
||||
- tag
|
17
Dockerfile
Normal file
17
Dockerfile
Normal file
@ -0,0 +1,17 @@
|
||||
FROM alpine:latest
|
||||
|
||||
ARG SSH_USER
|
||||
ARG SSH_HOST
|
||||
ARG SSH_PORT
|
||||
ARG SSH_IDENTITY_PATH
|
||||
|
||||
ARG REMOTE_HOST
|
||||
ARG REMOTE_PORT
|
||||
ARG LOCAL_PORT
|
||||
|
||||
RUN \
|
||||
apk -U add openssh-client
|
||||
|
||||
COPY entrypoint.sh /
|
||||
|
||||
ENTRYPOINT ["/bin/sh", "/entrypoint.sh"]
|
46
README.md
46
README.md
@ -1,3 +1,47 @@
|
||||
# docker-sshtunnel
|
||||
|
||||
You can use this docker container to create a SSH tunnel to a remote machine and have it "visible" inside your docker environment.
|
||||
[![Build Status](https://drone.asperti.com/api/badges/paspo/docker-sshtunnel/status.svg)](https://drone.asperti.com/paspo/docker-sshtunnel)
|
||||
|
||||
You can use this docker container to create a SSH tunnel to a remote machine and have it "visible" inside your docker environment.
|
||||
|
||||
## Usage example
|
||||
|
||||
With the following settings, you have a container that establishes an SSH session with the specified remote machine, forwards remote mysql port to a port on the local container itself which is then exported by the local docker.
|
||||
|
||||
That way you can connect to a remote mysql server (even if not directly exposed) as if it is running on your machine.
|
||||
|
||||
### Plain docker
|
||||
|
||||
```bash
|
||||
docker run --rm -ti \
|
||||
-e SSH_USER=root \
|
||||
-e SSH_HOST=myremoteserver.mydomain.com \
|
||||
-e REMOTE_PORT=3306 \
|
||||
-e LOCAL_PORT=3306 \
|
||||
-e REMOTE_HOST=127.0.0.1 \
|
||||
-p 3306:3306 \
|
||||
-v /home/me/.ssh/id_rsa:/id_rsa \
|
||||
--name stu \
|
||||
docker.asperti.com/paspo/sshtunnel:latest
|
||||
```
|
||||
|
||||
## docker-compose
|
||||
|
||||
```yaml
|
||||
version: "3"
|
||||
services:
|
||||
|
||||
backup-slave:
|
||||
image: docker.asperti.com/paspo/sshtunnel:latest
|
||||
restart: unless-stopped
|
||||
volumes:
|
||||
- "/home/me/.ssh/id_rsa:/id_rsa"
|
||||
environment:
|
||||
- SSH_USER=root
|
||||
- SSH_HOST=myremoteserver.mydomain.com
|
||||
- REMOTE_PORT=3306
|
||||
- LOCAL_PORT=3306
|
||||
- REMOTE_HOST=127.0.0.1
|
||||
ports:
|
||||
- 3306:3306
|
||||
```
|
||||
|
51
entrypoint.sh
Executable file
51
entrypoint.sh
Executable file
@ -0,0 +1,51 @@
|
||||
#!/bin/sh
|
||||
|
||||
ERROR=0
|
||||
|
||||
if [ "${SSH_USER}" = "" ] ; then
|
||||
echo You must set the SSH_USER environment variable
|
||||
ERROR=1
|
||||
fi
|
||||
|
||||
if [ "${SSH_HOST}" = "" ] ; then
|
||||
echo You must set the SSH_HOST environment variable
|
||||
ERROR=1
|
||||
fi
|
||||
|
||||
if [ "${REMOTE_HOST}" = "" ] ; then
|
||||
echo You must set the REMOTE_HOST environment variable
|
||||
ERROR=1
|
||||
fi
|
||||
|
||||
if [ "${REMOTE_PORT}" = "" ] ; then
|
||||
echo You must set the REMOTE_PORT environment variable
|
||||
ERROR=1
|
||||
fi
|
||||
|
||||
if [ "${LOCAL_PORT}" = "" ] ; then
|
||||
echo You must set the LOCAL_PORT environment variable
|
||||
ERROR=1
|
||||
fi
|
||||
|
||||
SSH_PORT=${SSH_PORT:-22}
|
||||
SSH_IDENTITY_PATH=${SSH_IDENTITY_PATH:-/id_rsa}
|
||||
|
||||
if [ ! -r "${SSH_IDENTITY_PATH}" ] ; then
|
||||
echo "The specified identity file (${SSH_IDENTITY_PATH}) is not readable"
|
||||
ERROR=1
|
||||
fi
|
||||
|
||||
if [ "${ERROR}" = "1" ] ; then
|
||||
echo "Quitting"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
while true ; do
|
||||
ssh \
|
||||
-p ${SSH_PORT} -i ${SSH_IDENTITY_PATH} \
|
||||
-o StrictHostKeyChecking=no -N \
|
||||
-L 0.0.0.0:${LOCAL_PORT}:${REMOTE_HOST}:${REMOTE_PORT} \
|
||||
${SSH_USER}@${SSH_HOST}
|
||||
echo "Connection closed. Waiting 5 seconds before retry."
|
||||
sleep 5s
|
||||
done
|
Loading…
Reference in New Issue
Block a user