From 4352489fde6571a5be4b851ecd138bd1d582cef9 Mon Sep 17 00:00:00 2001 From: Gustavo RPS <516827+gustavorps@users.noreply.github.com> Date: Sat, 6 Sep 2025 12:38:05 -0300 Subject: [PATCH 1/4] Create .env.example to help with copy pasta deployments Add example environment variables for docker-shh configuration. --- .env.example | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 .env.example diff --git a/.env.example b/.env.example new file mode 100644 index 0000000..c7070c9 --- /dev/null +++ b/.env.example @@ -0,0 +1,19 @@ +# Content of allowed IP addresses (see below) AllowUsers tunnel (allow the tunnel user from any IP) +ALLOWED_IPS="ALLOWED_IPS" +# 🚨 Required to be set by you. Content of your authorized keys file (see below) +# eg. AUTHORIZED_KEYS="$(cat .ssh/my_many_ssh_public_keys_in_one_file.txt)" +AUTHORIZED_KEYS="AUTHORIZED_KEYS" +# Display a bunch of helpful content for debugging. +DEBUG="true" +# Group ID the SSH user should run as. +PGID="9999" +# User ID the SSH user should run as. +PUID="9999" +# Group name used for our SSH user. +SSH_GROUP="tunnelgroup" +# Location of where the SSH host keys should be stored. +SSH_HOST_KEY_DIR="/etc/ssh/ssh_host_keys/" +# Listening port for SSH server (on container only. You'll still need to publish this port). +SSH_PORT="2222" +# Username for the SSH user that other users will connect into as. +SSH_USER="tunnel" From c58570b2b8a8edb36b51b3b06e9856beceee8b38 Mon Sep 17 00:00:00 2001 From: Gustavo RPS <516827+gustavorps@users.noreply.github.com> Date: Sat, 6 Sep 2025 12:40:03 -0300 Subject: [PATCH 2/4] Update .env.example with ALLOWED_IPS format --- .env.example | 1 + 1 file changed, 1 insertion(+) diff --git a/.env.example b/.env.example index c7070c9..047b08f 100644 --- a/.env.example +++ b/.env.example @@ -1,4 +1,5 @@ # Content of allowed IP addresses (see below) AllowUsers tunnel (allow the tunnel user from any IP) +# eg. ALLOWED_IPS="AllowUsers *@192.168.1.0/24 *@172.16.0.1 *@10.0.*.1" ALLOWED_IPS="ALLOWED_IPS" # 🚨 Required to be set by you. Content of your authorized keys file (see below) # eg. AUTHORIZED_KEYS="$(cat .ssh/my_many_ssh_public_keys_in_one_file.txt)" From 5effdaf94e30ddb6a62f41bcaadc4ae359e2dbac Mon Sep 17 00:00:00 2001 From: Gustavo RPS <516827+gustavorps@users.noreply.github.com> Date: Sat, 6 Sep 2025 12:43:31 -0300 Subject: [PATCH 3/4] Update ALLOWED_IPS in .env.example with default value --- .env.example | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.env.example b/.env.example index 047b08f..372d1e9 100644 --- a/.env.example +++ b/.env.example @@ -1,6 +1,6 @@ # Content of allowed IP addresses (see below) AllowUsers tunnel (allow the tunnel user from any IP) # eg. ALLOWED_IPS="AllowUsers *@192.168.1.0/24 *@172.16.0.1 *@10.0.*.1" -ALLOWED_IPS="ALLOWED_IPS" +ALLOWED_IPS="AllowUsers tunnel" # 🚨 Required to be set by you. Content of your authorized keys file (see below) # eg. AUTHORIZED_KEYS="$(cat .ssh/my_many_ssh_public_keys_in_one_file.txt)" AUTHORIZED_KEYS="AUTHORIZED_KEYS" From db2377cb43054ecee59face2abf7de2391914a96 Mon Sep 17 00:00:00 2001 From: Gustavo RPS <516827+gustavorps@users.noreply.github.com> Date: Sat, 6 Sep 2025 13:00:20 -0300 Subject: [PATCH 4/4] Revise .env.example for clarity and defaults --- .env.example | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.env.example b/.env.example index 372d1e9..ceaf900 100644 --- a/.env.example +++ b/.env.example @@ -1,9 +1,11 @@ -# Content of allowed IP addresses (see below) AllowUsers tunnel (allow the tunnel user from any IP) +# Content of allowed IP addresses +# To specific ips use something like bellow # eg. ALLOWED_IPS="AllowUsers *@192.168.1.0/24 *@172.16.0.1 *@10.0.*.1" +# The default (bellow) allow the tunnel user from any IP ALLOWED_IPS="AllowUsers tunnel" -# 🚨 Required to be set by you. Content of your authorized keys file (see below) +# 🚨 Required to be set by you. Content of your authorized keys file # eg. AUTHORIZED_KEYS="$(cat .ssh/my_many_ssh_public_keys_in_one_file.txt)" -AUTHORIZED_KEYS="AUTHORIZED_KEYS" +AUTHORIZED_KEYS="REQUIRED_TO_BE_SET_BY_YOU" # Display a bunch of helpful content for debugging. DEBUG="true" # Group ID the SSH user should run as.