Add separate SSH_USER config option (#17584)
Co-authored-by: zeripath <art27@cantab.net>
This commit is contained in:
parent
9911b66aea
commit
99d14f6051
@ -82,12 +82,15 @@ RUN_MODE = ; prod
|
|||||||
;; Whether to use the builtin SSH server or not.
|
;; Whether to use the builtin SSH server or not.
|
||||||
;START_SSH_SERVER = false
|
;START_SSH_SERVER = false
|
||||||
;;
|
;;
|
||||||
;; Username to use for the builtin SSH server. If blank, then it is the value of RUN_USER.
|
;; Username to use for the builtin SSH server.
|
||||||
;BUILTIN_SSH_SERVER_USER =
|
;BUILTIN_SSH_SERVER_USER = %(RUN_USER)s
|
||||||
;;
|
;;
|
||||||
;; Domain name to be exposed in clone URL
|
;; Domain name to be exposed in clone URL
|
||||||
;SSH_DOMAIN = %(DOMAIN)s
|
;SSH_DOMAIN = %(DOMAIN)s
|
||||||
;;
|
;;
|
||||||
|
;; SSH username displayed in clone URLs.
|
||||||
|
;SSH_USER = %(BUILTIN_SSH_SERVER_USER)s
|
||||||
|
;;
|
||||||
;; The network interface the builtin SSH server should listen on
|
;; The network interface the builtin SSH server should listen on
|
||||||
;SSH_LISTEN_HOST =
|
;SSH_LISTEN_HOST =
|
||||||
;;
|
;;
|
||||||
|
@ -265,6 +265,7 @@ The following configuration set `Content-Type: application/vnd.android.package-a
|
|||||||
- `DISABLE_SSH`: **false**: Disable SSH feature when it's not available.
|
- `DISABLE_SSH`: **false**: Disable SSH feature when it's not available.
|
||||||
- `START_SSH_SERVER`: **false**: When enabled, use the built-in SSH server.
|
- `START_SSH_SERVER`: **false**: When enabled, use the built-in SSH server.
|
||||||
- `BUILTIN_SSH_SERVER_USER`: **%(RUN_USER)s**: Username to use for the built-in SSH Server.
|
- `BUILTIN_SSH_SERVER_USER`: **%(RUN_USER)s**: Username to use for the built-in SSH Server.
|
||||||
|
- `SSH_USER`: **%(BUILTIN_SSH_SERVER_USER)**: SSH username displayed in clone URLs. This is only for people who configure the SSH server themselves; in most cases, you want to leave this blank and modify the `BUILTIN_SSH_SERVER_USER`.
|
||||||
- `SSH_DOMAIN`: **%(DOMAIN)s**: Domain name of this server, used for displayed clone URL.
|
- `SSH_DOMAIN`: **%(DOMAIN)s**: Domain name of this server, used for displayed clone URL.
|
||||||
- `SSH_PORT`: **22**: SSH port displayed in clone URL.
|
- `SSH_PORT`: **22**: SSH port displayed in clone URL.
|
||||||
- `SSH_LISTEN_HOST`: **0.0.0.0**: Listen address for the built-in SSH server.
|
- `SSH_LISTEN_HOST`: **0.0.0.0**: Listen address for the built-in SSH server.
|
||||||
|
@ -135,7 +135,7 @@ func TestViewRepo1CloneLinkAuthorized(t *testing.T) {
|
|||||||
assert.Equal(t, setting.AppURL+"user2/repo1.git", link)
|
assert.Equal(t, setting.AppURL+"user2/repo1.git", link)
|
||||||
link, exists = htmlDoc.doc.Find("#repo-clone-ssh").Attr("data-link")
|
link, exists = htmlDoc.doc.Find("#repo-clone-ssh").Attr("data-link")
|
||||||
assert.True(t, exists, "The template has changed")
|
assert.True(t, exists, "The template has changed")
|
||||||
sshURL := fmt.Sprintf("ssh://%s@%s:%d/user2/repo1.git", setting.SSH.BuiltinServerUser, setting.SSH.Domain, setting.SSH.Port)
|
sshURL := fmt.Sprintf("ssh://%s@%s:%d/user2/repo1.git", setting.SSH.User, setting.SSH.Domain, setting.SSH.Port)
|
||||||
assert.Equal(t, sshURL, link)
|
assert.Equal(t, sshURL, link)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -540,10 +540,7 @@ func (repo *Repository) cloneLink(isWiki bool) *CloneLink {
|
|||||||
repoName += ".wiki"
|
repoName += ".wiki"
|
||||||
}
|
}
|
||||||
|
|
||||||
sshUser := setting.RunUser
|
sshUser := setting.SSH.User
|
||||||
if setting.SSH.StartBuiltinServer {
|
|
||||||
sshUser = setting.SSH.BuiltinServerUser
|
|
||||||
}
|
|
||||||
|
|
||||||
cl := new(CloneLink)
|
cl := new(CloneLink)
|
||||||
|
|
||||||
|
@ -19,7 +19,7 @@ func TestRepository_WikiCloneLink(t *testing.T) {
|
|||||||
|
|
||||||
repo := unittest.AssertExistsAndLoadBean(t, &Repository{ID: 1}).(*Repository)
|
repo := unittest.AssertExistsAndLoadBean(t, &Repository{ID: 1}).(*Repository)
|
||||||
cloneLink := repo.WikiCloneLink()
|
cloneLink := repo.WikiCloneLink()
|
||||||
assert.Equal(t, "ssh://runuser@try.gitea.io:3000/user2/repo1.wiki.git", cloneLink.SSH)
|
assert.Equal(t, "ssh://sshuser@try.gitea.io:3000/user2/repo1.wiki.git", cloneLink.SSH)
|
||||||
assert.Equal(t, "https://try.gitea.io/user2/repo1.wiki.git", cloneLink.HTTPS)
|
assert.Equal(t, "https://try.gitea.io/user2/repo1.wiki.git", cloneLink.HTTPS)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -64,6 +64,8 @@ func MainTest(m *testing.M, pathToGiteaRoot string, fixtureFiles ...string) {
|
|||||||
|
|
||||||
setting.AppURL = "https://try.gitea.io/"
|
setting.AppURL = "https://try.gitea.io/"
|
||||||
setting.RunUser = "runuser"
|
setting.RunUser = "runuser"
|
||||||
|
setting.SSH.User = "sshuser"
|
||||||
|
setting.SSH.BuiltinServerUser = "builtinuser"
|
||||||
setting.SSH.Port = 3000
|
setting.SSH.Port = 3000
|
||||||
setting.SSH.Domain = "try.gitea.io"
|
setting.SSH.Domain = "try.gitea.io"
|
||||||
setting.Database.UseSQLite3 = true
|
setting.Database.UseSQLite3 = true
|
||||||
|
@ -131,6 +131,7 @@ var (
|
|||||||
BuiltinServerUser string `ini:"BUILTIN_SSH_SERVER_USER"`
|
BuiltinServerUser string `ini:"BUILTIN_SSH_SERVER_USER"`
|
||||||
Domain string `ini:"SSH_DOMAIN"`
|
Domain string `ini:"SSH_DOMAIN"`
|
||||||
Port int `ini:"SSH_PORT"`
|
Port int `ini:"SSH_PORT"`
|
||||||
|
User string `ini:"SSH_USER"`
|
||||||
ListenHost string `ini:"SSH_LISTEN_HOST"`
|
ListenHost string `ini:"SSH_LISTEN_HOST"`
|
||||||
ListenPort int `ini:"SSH_LISTEN_PORT"`
|
ListenPort int `ini:"SSH_LISTEN_PORT"`
|
||||||
RootPath string `ini:"SSH_ROOT_PATH"`
|
RootPath string `ini:"SSH_ROOT_PATH"`
|
||||||
@ -970,6 +971,7 @@ func loadFromConf(allowEmpty bool, extraConfig string) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
SSH.BuiltinServerUser = Cfg.Section("server").Key("BUILTIN_SSH_SERVER_USER").MustString(RunUser)
|
SSH.BuiltinServerUser = Cfg.Section("server").Key("BUILTIN_SSH_SERVER_USER").MustString(RunUser)
|
||||||
|
SSH.User = Cfg.Section("server").Key("SSH_USER").MustString(SSH.BuiltinServerUser)
|
||||||
|
|
||||||
newRepository()
|
newRepository()
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user