YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #1209 from YunoHost/add-ssh-port-setting

Browse source 
add ssh port setting
This commit is contained in:
Alexandre Aubin 2021-04-15 00:57:07 +02:00 committed by GitHub
commit fc818cc6a7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 9 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
data/hooks/conf_regen/03-ssh
View file

@ -26,6 +26,8 @@ do_pre_regen() {
# Support different strategy for security configurations # Support different strategy for security configurations
export compatibility="$(yunohost settings get 'security.ssh.compatibility')" export compatibility="$(yunohost settings get 'security.ssh.compatibility')"
export port="$(yunohost settings get 'security.ssh.port')"
export ssh_keys export ssh_keys
export ipv6_enabled export ipv6_enabled
ynh_render_template "sshd_config" "${pending_dir}/etc/ssh/sshd_config" ynh_render_template "sshd_config" "${pending_dir}/etc/ssh/sshd_config"

2
data/templates/ssh/sshd_config
View file

@ -2,7 +2,7 @@
# by YunoHost # by YunoHost
Protocol 2 Protocol 2
Port 22 Port {{ port }}
{% if ipv6_enabled == "true" %}ListenAddress ::{% endif %} {% if ipv6_enabled == "true" %}ListenAddress ::{% endif %}
ListenAddress 0.0.0.0 ListenAddress 0.0.0.0

1
locales/en.json
View file

@ -323,6 +323,7 @@
"global_settings_setting_security_password_user_strength": "User password strength", "global_settings_setting_security_password_user_strength": "User password strength",
"global_settings_setting_security_ssh_compatibility": "Compatibility vs. security tradeoff for the SSH server. Affects the ciphers (and other security-related aspects)", "global_settings_setting_security_ssh_compatibility": "Compatibility vs. security tradeoff for the SSH server. Affects the ciphers (and other security-related aspects)",
"global_settings_setting_security_postfix_compatibility": "Compatibility vs. security tradeoff for the Postfix server. Affects the ciphers (and other security-related aspects)", "global_settings_setting_security_postfix_compatibility": "Compatibility vs. security tradeoff for the Postfix server. Affects the ciphers (and other security-related aspects)",
"global_settings_setting_security_ssh_port": "SSH port",
"global_settings_unknown_setting_from_settings_file": "Unknown key in settings: '{setting_key:s}', discard it and save it in /etc/yunohost/settings-unknown.json", "global_settings_unknown_setting_from_settings_file": "Unknown key in settings: '{setting_key:s}', discard it and save it in /etc/yunohost/settings-unknown.json",
"global_settings_setting_service_ssh_allow_deprecated_dsa_hostkey": "Allow the use of (deprecated) DSA hostkey for the SSH daemon configuration", "global_settings_setting_service_ssh_allow_deprecated_dsa_hostkey": "Allow the use of (deprecated) DSA hostkey for the SSH daemon configuration",
"global_settings_setting_ssowat_panel_overlay_enabled": "Enable SSOwat panel overlay", "global_settings_setting_ssowat_panel_overlay_enabled": "Enable SSOwat panel overlay",

5
src/yunohost/settings.py
View file

@ -71,6 +71,10 @@ DEFAULTS = OrderedDict(
"choices": ["intermediate", "modern"], "choices": ["intermediate", "modern"],
}, },
), ),
(
"security.ssh.port",
{"type": "int", "default": 22},
),
( (
"security.nginx.compatibility", "security.nginx.compatibility",
{ {
@ -383,6 +387,7 @@ def reconfigure_nginx(setting_name, old_value, new_value):
regen_conf(names=["nginx"]) regen_conf(names=["nginx"])
@post_change_hook("security.ssh.port")
@post_change_hook("security.ssh.compatibility") @post_change_hook("security.ssh.compatibility")
def reconfigure_ssh(setting_name, old_value, new_value): def reconfigure_ssh(setting_name, old_value, new_value):
if old_value != new_value: if old_value != new_value: