Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mounting an ssh config file is overridden with the one in the container #164

Open
kevinquillen opened this issue Apr 11, 2022 · 2 comments
Open

Mounting an ssh config file is overridden with the one in the container #164

kevinquillen opened this issue Apr 11, 2022 · 2 comments

Comments

@kevinquillen
Copy link

kevinquillen commented Apr 11, 2022
edited
Loading

I am trying to mount a .ssh/config file that contains:

Host *.ssh.prod.acquia-sites.com
PubkeyAcceptedAlgorithms +ssh-rsa

But when the container is restarted, the file contents are replaced with boilerplate:

#	$OpenBSD: ssh_config,v 1.30 2016/02/20 23:06:23 sobrado Exp $

# This is the ssh client system-wide configuration file.  See
# ssh_config(5) for more information.  This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.

# Configuration data is parsed as follows:
#  1. command line options
#  2. user-specific file
#  3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.

# Site-wide defaults for some commonly used options.  For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.

# Host *
#   ForwardAgent no
#   ForwardX11 no
#   RhostsRSAAuthentication no
#   RSAAuthentication yes
#   PasswordAuthentication yes
#   HostbasedAuthentication no
#   GSSAPIAuthentication no
#   GSSAPIDelegateCredentials no
#   BatchMode no
#   CheckHostIP yes
#   AddressFamily any
#   ConnectTimeout 0
#   StrictHostKeyChecking ask
#   IdentityFile ~/.ssh/identity
#   IdentityFile ~/.ssh/id_rsa
#   IdentityFile ~/.ssh/id_dsa
#   IdentityFile ~/.ssh/id_ecdsa
#   IdentityFile ~/.ssh/id_ed25519
#   Port 22
#   Protocol 2
#   Cipher 3des
#   Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
#   MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160
#   EscapeChar ~
#   Tunnel no
#   TunnelDevice any:any
#   PermitLocalCommand no
#   VisualHostKey no
#   ProxyCommand ssh -q -W %h:%p gateway.example.com
#   RekeyLimit 1G 1h

Using PHP tag: 8.0-dev-4.35.0
@walkero-gr
Copy link

As I see it, this is something that happens at the following lines:
https://github.com/wodby/php/blob/master/7/docker-entrypoint.sh#L80
https://github.com/wodby/php/blob/master/8/docker-entrypoint.sh#L79

To overcome this problem, I took the ssh_config.tmpl from https://github.com/wodby/php/tree/master/7/templates and moved it to a folder in my setup, outside the containers. I added there all the custom configurations we needed for specific domains.

Then I mount it as a volume like below

    volumes:
      - ./config/ssh_config.tmpl:/etc/gotpl/ssh_config.tmpl:cached

Now, it always has the necessary data we need. Hope that helps.

@Chi-teck
Copy link

Another workaround for those who extend the image.

RUN sed -i '/ssh_config.tmpl/d' /docker-entrypoint.sh

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kevinquillen @Chi-teck @walkero-gr