fix: misc permissions, path issues

2023-05-18 23:12:46 -05:00 · 2023-05-18 23:12:46 -05:00 · 726e0e797e
commit 726e0e797e
parent 3e0f409f13
5 changed files with 21 additions and 3 deletions
--- a/src/000-entry.sh
+++ b/src/000-entry.sh
@ -34,6 +34,9 @@ rm /root/.ssh/local_ed25519 || true;
 rm /root/.ssh/local_ed25519.pub || true;
 ssh-keygen -t ed25519 -C "local" -f /root/.ssh/local_ed25519 -P ''

+cp ./sshd_config.presetup /etc/ssh/sshd_config
+systemctl restart sshd
+
 source ./010-apt.sh
 source ./020-users.sh
 source ./030-net.sh
--- a/src/020-users.sh
+++ b/src/020-users.sh
@ -21,7 +21,7 @@ function user_init {

  cp /root/.ssh/local_ed25519.pub /home/$1/.ssh/authorized_keys
  chown $1:$1 /home/$1/.ssh/authorized_keys
-  chmod 755 /home/$1/.ssh/authorized_keys
+  chmod 600 /home/$1/.ssh/authorized_keys

  doas $1 "
  echo $2 >> ~/.ssh/authorized_keys;
--- a/src/021-user-gitea.sh
+++ b/src/021-user-gitea.sh
@ -40,7 +40,5 @@ chown -R git:git /home/git/data
 chown -R git:git /home/git/data/git
 chown -R git:git /home/git/config

-chmod -R 777 /home/git
 chmod -R 777 /home/git/data
-chmod -R 777 /home/git/data/git
 chmod -R 777 /home/git/config
--- a/src/gitea-docker-compose.yml
+++ b/src/gitea-docker-compose.yml
@ -11,6 +11,7 @@ services:
    volumes:
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
+      - /home/git/data/:/data
      - /home/git/data/:/var/lib/gitea/data
      - /home/git/config/:/etc/gitea
    ports:
--- a/src/sshd_config.presetup
+++ b/src/sshd_config.presetup
@ -0,0 +1,16 @@
+# $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $
+
+Include /etc/ssh/sshd_config.d/*.conf
+
+ChallengeResponseAuthentication no
+
+UsePAM yes
+
+X11Forwarding yes
+PrintMotd no
+
+AcceptEnv LANG LC_*
+
+Subsystem	sftp	/usr/lib/openssh/sftp-server
+
+PasswordAuthentication no