diff options
| author | Malfurious <m@lfurio.us> | 2023-09-15 10:59:09 -0400 |
|---|---|---|
| committer | Malfurious <m@lfurio.us> | 2023-09-15 10:59:09 -0400 |
| commit | a6f2c9e34b7a0bdaff2a44b54ca7999728f36773 (patch) | |
| tree | 73b2ff4824313805629ee98efd1844fd7b636da1 /gitolite/sshd_config | |
| parent | 5cd2822ed607d1f20d1d114aebe511a4fe5f1825 (diff) | |
| parent | c1db5d6e6557ac5f3b9d408eb2de888bf096a370 (diff) | |
| download | srcnode-a6f2c9e34b7a0bdaff2a44b54ca7999728f36773.tar.gz srcnode-a6f2c9e34b7a0bdaff2a44b54ca7999728f36773.zip | |
Merge branch 'gitolite-debian-refactor'
Refactor the gitolite docker image to build from Debian, but also clean
up a lot of the original build process.
The move off of archlinux is done since it is a sub-optimal pick for a
docker base. However, I'm specifically moving off it because archlinux
does not allow for the use of normalmode on i386 machines. Most offical
bases do, and debian seems to be a good fit for running gitolite.
Previously, this git repository was serving double duty as the code
repository for normalmode, as well as the site gitolite-admin
repository. This is no longer going to be the case - gitolite-admin is
now completely separate. Not only does this allow me to clean up the
folder structure, but going forward, the out-of-the-box experience of a
new install will be 'more correct' for what normalmode intends. IE: Our
config files will more often already be installed by default, instead of
requiring user-intervention on the gitolite-admin side of things.
The docker-compose.yml file is left behind. I'll update it after cgit
gets a similar treatment.
* gitolite-debian-refactor:
gitolite: Add admin initialization script
gitolite: Allow users to delete remote HEAD branches
gitolite: Remove hard-coded admin username
gitolite: Correct site-local code location
gitolite: Refactor Dockerfile for debian base
gitolite: Consolidate config files into a single directory
Diffstat (limited to 'gitolite/sshd_config')
| -rw-r--r-- | gitolite/sshd_config | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/gitolite/sshd_config b/gitolite/sshd_config new file mode 100644 index 0000000..efc0c52 --- /dev/null +++ b/gitolite/sshd_config @@ -0,0 +1,22 @@ +Port 22 + +HostKey /hostkeys/etc/ssh/ssh_host_rsa_key +HostKey /hostkeys/etc/ssh/ssh_host_ecdsa_key +HostKey /hostkeys/etc/ssh/ssh_host_ed25519_key + +# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 +# but this is overridden so installations will only check .ssh/authorized_keys +AuthorizedKeysFile .ssh/authorized_keys + +UsePAM yes +PermitRootLogin no +PasswordAuthentication no +KbdInteractiveAuthentication no +AllowAgentForwarding no +AllowTcpForwarding no +GatewayPorts no +X11Forwarding no +PermitTTY no +PrintLastLog no +PermitUserEnvironment no +PermitTunnel no |