YunoHost-Apps/my_webapp_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/my_webapp_ynh.git synced 2024-09-03 19:46:26 +02:00
Code Issues Activity Actions

Fix ssh regenconf hook

Browse source
This commit is contained in:
Alexandre Aubin 2020-06-15 20:00:36 +02:00
parent 9a8f8aa017
commit 8056541e15
1 changed files with 10 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

45
conf/ssh_regenconf_hook
View file

@ -1,24 +1,15 @@
#!/bin/bash #!/bin/bash
force=${2:-0} # 0/1 --force argument action=$1
dryrun=${3:-0} # 0/1 --dry-run argument pending_dir=$4
pending_conf=$4 # Path of the pending conf file ssh_conf=$pending_dir/../ssh/etc/ssh/sshd_config
# https://github.com/YunoHost/yunohost/blob/c7eaeca6486e6240c832b8863791f8b03520a0f0/data/hooks/conf_regen/43-dnsmasq [[ $action == "pre" ]] || exit 0
[[ -e $ssh_conf ]] || exit 0
do_pre_regen() { echo "
if [ $dryrun -eq 0 ]
then
# Remove added lines into the sshd config
sed -i "/##-> __APP__/,/##<- __APP__/d" /etc/ssh/sshd_config
fi
}
do_post_regen() { ##-> __APP__
# Harden SSH connection for the user
if ! grep --quiet "^##-> __APP__$" /etc/ssh/sshd_config
then
echo "##-> __APP__
# Hardening user connection # Hardening user connection
Match User __USER__ Match User __USER__
ChrootDirectory %h ChrootDirectory %h
@ -27,24 +18,4 @@ do_post_regen() {
PermitTunnel no PermitTunnel no
X11Forwarding no X11Forwarding no
PasswordAuthentication yes PasswordAuthentication yes
##<- __APP__" | tee -a "/etc/ssh/sshd_config" >/dev/null ##<- __APP__" >> $ssh_conf
# Reload sshd
systemctl reload ssh
fi
}
case "$1" in
pre)
do_pre_regen
;;
post)
do_post_regen
;;
*)
echo "Hook called with unknown argument \`$1'" >&2
exit 1
;;
esac
exit 0