mirror of
https://github.com/YunoHost/yunohost.git
synced 2024-09-03 20:06:10 +02:00
38 lines
1 KiB
Bash
Executable file
38 lines
1 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
set -e
|
|
|
|
. /usr/share/yunohost/helpers
|
|
|
|
do_pre_regen() {
|
|
pending_dir=$1
|
|
|
|
cd /usr/share/yunohost/conf/ssh
|
|
|
|
# Support different strategy for security configurations
|
|
export compatibility="$(jq -r '.ssh_compatibility' <<< "$YNH_SETTINGS")"
|
|
export port="$(jq -r '.ssh_port' <<< "$YNH_SETTINGS")"
|
|
export password_authentication="$(jq -r '.ssh_password_authentication' <<< "$YNH_SETTINGS" | int_to_bool)"
|
|
export ssh_keys=$(ls /etc/ssh/ssh_host_{ed25519,rsa,ecdsa}_key 2>/dev/null || true)
|
|
|
|
# do not listen to IPv6 if unavailable
|
|
[[ -f /proc/net/if_inet6 ]] && ipv6_enabled=true || ipv6_enabled=false
|
|
export ipv6_enabled
|
|
|
|
ynh_render_template "sshd_config" "${pending_dir}/etc/ssh/sshd_config"
|
|
}
|
|
|
|
do_post_regen() {
|
|
regen_conf_files=$1
|
|
|
|
# If no file changed, there's nothing to do
|
|
[[ -n "$regen_conf_files" ]] || return 0
|
|
|
|
# Enforce permissions for /etc/ssh/sshd_config
|
|
chown root:root "/etc/ssh/sshd_config"
|
|
chmod 644 "/etc/ssh/sshd_config"
|
|
|
|
systemctl restart ssh
|
|
}
|
|
|
|
do_$1_regen ${@:2}
|