From 6c5b2b2f7c6ea156d5f71fa814d51c85466501d0 Mon Sep 17 00:00:00 2001 From: Gordon GECOS Date: Fri, 2 Jun 2023 18:20:15 -0400 Subject: renames --- Makefile | 8 ++++---- src/AnonymousForceCommand | 2 -- src/AuthorizedKeysCommand | 11 ----------- src/apache/fossil.conf~template | 10 ++++++++++ src/fossil-apache.conf~template | 10 ---------- src/fossil-user.conf | 3 --- src/openssh/AnonymousForceCommand | 2 ++ src/openssh/AuthorizedKeysCommand | 11 +++++++++++ src/openssh/fossil-user.conf | 3 +++ 9 files changed, 30 insertions(+), 30 deletions(-) delete mode 100644 src/AnonymousForceCommand delete mode 100644 src/AuthorizedKeysCommand create mode 100644 src/apache/fossil.conf~template delete mode 100644 src/fossil-apache.conf~template delete mode 100644 src/fossil-user.conf create mode 100644 src/openssh/AnonymousForceCommand create mode 100644 src/openssh/AuthorizedKeysCommand create mode 100644 src/openssh/fossil-user.conf diff --git a/Makefile b/Makefile index af4625c..043291f 100644 --- a/Makefile +++ b/Makefile @@ -59,16 +59,16 @@ USER_HOME != getent passwd $(SSH_USERNAME) | (IFS=: read _ _ _ _ _ h _ && [ "$$h default: install start follow install: install -t "$(bindir)" -- $(executables) - install -t /etc/ssh/ -- src/AuthorizedKeysCommand - install -T -- src/AnonymousForceCommand /etc/ssh/user-"$(SSH_USERNAME)".AnonymousForceCommand - install -m644 -t /etc/ssh/sshd_config.d -- src/fossil-user.conf + install -t /etc/ssh/ -- src/openssh/AuthorizedKeysCommand + install -T -- src/openssh/AnonymousForceCommand /etc/ssh/user-"$(SSH_USERNAME)".AnonymousForceCommand + install -m644 -t /etc/ssh/sshd_config.d -- src/openssh/fossil-user.conf install -m644 -t "$(systemd_system_dir)" -- $(root_unit_files) install -m644 -t "$(systemd_user_dir)" -- $(user_unit_files) systemctl daemon-reload systemctl reload ssh systemctl start --wait fossil-disable-apache@- ln -sf -t /var/lib $(USER_HOME)/.cache/fossil-httpd.S - install -m644 -T -- src/fossil-apache.conf~template /etc/apache2/sites-available/fossil.conf~template + install -m644 -T -- src/apache/fossil.conf~template /etc/apache2/sites-available/fossil.conf~template systemctl start --wait fossil-enable-apache@- make start deps install-deps: diff --git a/src/AnonymousForceCommand b/src/AnonymousForceCommand deleted file mode 100644 index cc69ce3..0000000 --- a/src/AnonymousForceCommand +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -exec socat stdio /run/fossil-user.S diff --git a/src/AuthorizedKeysCommand b/src/AuthorizedKeysCommand deleted file mode 100644 index de0732a..0000000 --- a/src/AuthorizedKeysCommand +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh -username=$1 -shift - -[ "$username" ] -cmd=/etc/ssh/user-$username.AnonymousForceCommand -[ -x "$cmd" ] || exit - -key=$1 -shift -printf 'restrict,pty,command="%s" %s\n' "$cmd" "$key" diff --git a/src/apache/fossil.conf~template b/src/apache/fossil.conf~template new file mode 100644 index 0000000..595304b --- /dev/null +++ b/src/apache/fossil.conf~template @@ -0,0 +1,10 @@ + + ServerName %H + ServerAdmin webmaster@%H + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + DocumentRoot /var/www/html + ProxyPreserveHost on + ProxyPass / unix:/var/lib/fossil-httpd.S|http://%H/ + ProxyPassReverse / unix:/var/lib/fossil-httpd.S|http://%H/ + diff --git a/src/fossil-apache.conf~template b/src/fossil-apache.conf~template deleted file mode 100644 index 595304b..0000000 --- a/src/fossil-apache.conf~template +++ /dev/null @@ -1,10 +0,0 @@ - - ServerName %H - ServerAdmin webmaster@%H - ErrorLog ${APACHE_LOG_DIR}/error.log - CustomLog ${APACHE_LOG_DIR}/access.log combined - DocumentRoot /var/www/html - ProxyPreserveHost on - ProxyPass / unix:/var/lib/fossil-httpd.S|http://%H/ - ProxyPassReverse / unix:/var/lib/fossil-httpd.S|http://%H/ - diff --git a/src/fossil-user.conf b/src/fossil-user.conf deleted file mode 100644 index 86387e7..0000000 --- a/src/fossil-user.conf +++ /dev/null @@ -1,3 +0,0 @@ -ExposeAuthInfo=yes -AuthorizedKeysCommandUser=root -AuthorizedKeysCommand=/etc/ssh/AuthorizedKeysCommand "%u" "%t %k" diff --git a/src/openssh/AnonymousForceCommand b/src/openssh/AnonymousForceCommand new file mode 100644 index 0000000..cc69ce3 --- /dev/null +++ b/src/openssh/AnonymousForceCommand @@ -0,0 +1,2 @@ +#!/bin/sh +exec socat stdio /run/fossil-user.S diff --git a/src/openssh/AuthorizedKeysCommand b/src/openssh/AuthorizedKeysCommand new file mode 100644 index 0000000..de0732a --- /dev/null +++ b/src/openssh/AuthorizedKeysCommand @@ -0,0 +1,11 @@ +#!/bin/sh +username=$1 +shift + +[ "$username" ] +cmd=/etc/ssh/user-$username.AnonymousForceCommand +[ -x "$cmd" ] || exit + +key=$1 +shift +printf 'restrict,pty,command="%s" %s\n' "$cmd" "$key" diff --git a/src/openssh/fossil-user.conf b/src/openssh/fossil-user.conf new file mode 100644 index 0000000..86387e7 --- /dev/null +++ b/src/openssh/fossil-user.conf @@ -0,0 +1,3 @@ +ExposeAuthInfo=yes +AuthorizedKeysCommandUser=root +AuthorizedKeysCommand=/etc/ssh/AuthorizedKeysCommand "%u" "%t %k" -- cgit v1.2.3