From 121c517698b9a8d166aee404889fb4a3dcc46254 Mon Sep 17 00:00:00 2001 From: Girish Ramakrishnan Date: Mon, 11 Apr 2016 10:44:43 -0700 Subject: [PATCH] disable ssh when SSH_PORT is unset --- app.ini.template | 2 +- start.sh | 9 +++++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/app.ini.template b/app.ini.template index 0fbc205..fda80fb 100644 --- a/app.ini.template +++ b/app.ini.template @@ -21,7 +21,7 @@ DOMAIN = ##DOMAIN ROOT_URL = https://%(DOMAIN)s/ HTTP_ADDR = HTTP_PORT = 3000 -DISABLE_SSH = false +DISABLE_SSH = ##DISABLE_SSH SSH_PORT = ##SSH_PORT ; Landing page for non-logged users, can be "home" or "explore" LANDING_PAGE = explore diff --git a/start.sh b/start.sh index 9a4a521..0a81680 100755 --- a/start.sh +++ b/start.sh @@ -21,12 +21,21 @@ setup_ldap_source() { fi } +# SSH_PORT can be unset to disable SSH +disable_ssh="false" +if [[ -z "${SSH_PORT}" ]]; then + echo "SSH disabled" + SSH_PORT=29418 # arbitrary port to keep sshd happy + disable_ssh="false" +fi + sed -e "s/^Port .*/Port ${SSH_PORT}/" \ -e "s/^#ListenAddress .*/ListenAddress 0.0.0.0/" \ /etc/ssh/sshd_config > /run/gogs/sshd_config sed -e "s/##DOMAIN/${APP_DOMAIN}/g" \ -e "s/##SSH_PORT/${SSH_PORT}/g" \ + -e "s/##DISABLE_SSH/${disable_ssh}/g" \ -e "s/##MYSQL_HOST/${MYSQL_HOST}/g" \ -e "s/##MYSQL_PORT/${MYSQL_PORT}/g" \ -e "s/##MYSQL_USERNAME/${MYSQL_USERNAME}/g" \