diff --git a/rootfs/app/entrypoint.sh b/rootfs/app/entrypoint.sh index 937c649..a1e5b12 100755 --- a/rootfs/app/entrypoint.sh +++ b/rootfs/app/entrypoint.sh @@ -6,6 +6,7 @@ PATH_STATS=${PATH_BASE}/stats PATH_STATSDB=${PATH_BASE}/stats.db PATH_LOGS=${PATH_BASE}/logs PATH_AUTH=${PATH_BASE}/auth +PATH_SSH_HOST=${PATH_BASE}/ssh.host WEBDAV_PORT=${WEBDAV_PORT:-8080} STATS_PORT=${STATS_PORT:-8081} @@ -25,11 +26,13 @@ FPM_MAX_SPARE_SERVERS=${FPM_MAX_SPARE_SERVERS:-3} export USERNAME export GROUPNAME +export PATH_BASE export PATH_WEBROOT export PATH_STATS export PATH_STATSDB export PATH_LOGS export PATH_AUTH +export PATH_SSH_HOST export WEBDAV_PORT export STATS_PORT export POSTSIZE diff --git a/rootfs/app/entrypoint.sh.d/90_ssh.sh b/rootfs/app/entrypoint.sh.d/90_ssh.sh index 032a142..64669e6 100755 --- a/rootfs/app/entrypoint.sh.d/90_ssh.sh +++ b/rootfs/app/entrypoint.sh.d/90_ssh.sh @@ -3,19 +3,48 @@ echo "# Configuring ssh" for keytype in ecdsa rsa ed25519 ; do - if [ ! -r "/ssh/ssh_host_${keytype}_key" ] ; then - /usr/bin/ssh-keygen -t "${keytype}" -f "/ssh/ssh_host_${keytype}_key" -N "" + if [ ! -r "${PATH_SSH_HOST}/ssh_host_${keytype}_key" ] ; then + /usr/bin/ssh-keygen -t "${keytype}" -f "${PATH_SSH_HOST}/ssh_host_${keytype}_key" -N "" fi - chmod 0600 "/ssh/ssh_host_${keytype}_key" - chmod 0644 "/ssh/ssh_host_${keytype}_key.pub" + chmod 0600 "${PATH_SSH_HOST}/ssh_host_${keytype}_key" + chmod 0644 "${PATH_SSH_HOST}/ssh_host_${keytype}_key.pub" done # set authorized_keys permissions -if [ -f /ssh/authorized_keys ] ; then - chmod 0600 /ssh/authorized_keys - chown "${USERNAME}:${GROUPNAME}" /ssh/authorized_keys +if [ -f "${PATH_SSH_HOST}/authorized_keys" ] ; then + chmod 0600 "${PATH_SSH_HOST}/authorized_keys" + chown "${USERNAME}:${GROUPNAME}" "${PATH_SSH_HOST}/authorized_keys" fi if [ -d "${PATH_WEBROOT}/.ssh" ] ; then chmod 0700 "${PATH_WEBROOT}/.ssh" fi + + + +cat >/etc/ssh/sshd_config.d/sshd.conf <