cqrenet/relay
3
0
Fork 0
mirror of https://github.com/chatmail/relay.git synced 2026-05-10 16:04:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

Delete ssh connection from docker installation

Browse Source 
- https://github.com/chatmail/relay/pull/614#discussion_r2269986372
- https://github.com/chatmail/relay/pull/614#discussion_r2269991175
- https://github.com/chatmail/relay/pull/614#discussion_r2269995037
- https://github.com/chatmail/relay/pull/614#discussion_r2270004922
This commit is contained in:
Keonik1
2025-08-23 22:47:32 +03:00
committed by j4n
parent e272bb9069
commit e1c0bffa52
2 changed files with 1 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
docker/chatmail_relay.dockerfile
View File

@@ -18,8 +18,6 @@ RUN echo 'APT::Install-Recommends "0";' > /etc/apt/apt.conf.d/01norecommend && \
RUN apt-get update && \
apt-get install -y \
openssh-client \
openssh-server \
git \
python3 \
python3-venv \
@@ -54,23 +52,6 @@ RUN apt-get update && \
done \
&& rm -rf /var/lib/apt/lists/*
RUN systemctl enable \
ssh \
fcgiwrap
RUN sed -i 's/^#PasswordAuthentication .*/PasswordAuthentication no/' /etc/ssh/sshd_config && \
sed -i 's/^#PermitRootLogin .*/PermitRootLogin prohibit-password/' /etc/ssh/sshd_config && \
ssh-keygen -P "" -t rsa -b 2048 -f /root/.ssh/id_rsa && \
mkdir -p /root/.ssh && \
cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys && \
SSH_USER_CONFIG="/root/.ssh/config" && \
echo "Host localhost" > "$SSH_USER_CONFIG" && \
echo " HostName localhost" >> "$SSH_USER_CONFIG" && \
echo " User root" >> "$SSH_USER_CONFIG" && \
echo " StrictHostKeyChecking no" >> "$SSH_USER_CONFIG" && \
echo " UserKnownHostsFile /dev/null" >> "$SSH_USER_CONFIG"
## TODO: deny access for all insteed root form 127.0.0.1 https://unix.stackexchange.com/a/406264
WORKDIR /opt/chatmail
ARG SETUP_CHATMAIL_SERVICE_PATH=/lib/systemd/system/setup_chatmail.service

2
docker/files/setup_chatmail_docker.sh
View File

@@ -69,7 +69,7 @@ fi
./scripts/cmdeploy init --config "${INI_FILE}" $INI_CMD_ARGS $MAIL_DOMAIN
bash /update_ini.sh
./scripts/cmdeploy run --ssh-host localhost --skip-dns-check
./scripts/cmdeploy run --ssh-host docker --skip-dns-check
echo "ForwardToConsole=yes" >> /etc/systemd/journald.conf
systemctl restart systemd-journald