From f36edf94e7af2797fd431a7dc7bbe31213dac7d7 Mon Sep 17 00:00:00 2001 From: Viktor Szakats Date: Fri, 28 Apr 2023 13:58:26 +0000 Subject: [PATCH] ci: convert `docker-bridge.bat` to shell script Convert `ci/appveyor/docker-bridge.bat` to a POSIX shell script. Also bump the tunnel to use ed25519 (was RSA-2048). Closes #997 --- ci/appveyor/docker-bridge.bat | 10 ---------- ci/appveyor/docker-bridge.ps1 | 3 ++- ci/appveyor/docker-bridge.sh | 25 +++++++++++++++++++++++++ 3 files changed, 27 insertions(+), 11 deletions(-) delete mode 100644 ci/appveyor/docker-bridge.bat create mode 100755 ci/appveyor/docker-bridge.sh diff --git a/ci/appveyor/docker-bridge.bat b/ci/appveyor/docker-bridge.bat deleted file mode 100644 index e83b285d..00000000 --- a/ci/appveyor/docker-bridge.bat +++ /dev/null @@ -1,10 +0,0 @@ -@echo off - -netsh interface portproxy add v4tov4 listenport=3389 listenaddress=%1 connectport=22 connectaddress=127.0.0.1 -netsh interface portproxy show all - -C:\msys64\usr\bin\sh -l -c "/usr/bin/ssh-keygen -b 2048 -t rsa -f auth -q -N '' && mkdir .ssh && mv auth.pub .ssh/authorized_keys" -C:\msys64\usr\bin\sh -l -c "/usr/bin/ssh-keygen -A" -C:\msys64\usr\bin\sh -l -c "/usr/bin/sshd" - -C:\msys64\usr\bin\sh -l -c '/usr/bin/curl -F "account=%APPVEYOR_ACCOUNT_NAME%" -F "project=%APPVEYOR_PROJECT_SLUG%" -F "buildid=%APPVEYOR_BUILD_VERSION%" -F "base=%APPVEYOR_REPO_BRANCH%" -F "hash=%APPVEYOR_REPO_COMMIT%" -F "repo=%APPVEYOR_REPO_NAME%" -F "ssh_host=%2" -F "ssh_port=%3" -F "ssh_user=`whoami`" -F "ssh_forward=127.0.0.1:%OPENSSH_SERVER_PORT% 127.0.0.1:%OPENSSH_SERVER_PORT%,127.0.0.1:2375 /var/run/docker.sock" -F "ssh_hostkey=`paste -d , /etc/ssh/ssh_host_*_key.pub`" -F "ssh_privkey=`paste -sd , auth`" -s "https://stuff.marc-hoersken.de/libssh2/dispatch.php"' diff --git a/ci/appveyor/docker-bridge.ps1 b/ci/appveyor/docker-bridge.ps1 index 03dbf7dd..9778ee01 100644 --- a/ci/appveyor/docker-bridge.ps1 +++ b/ci/appveyor/docker-bridge.ps1 @@ -19,4 +19,5 @@ $extip = (New-Object Net.WebClient).DownloadString('https://www.appveyor.com/too New-NetFirewallRule -DisplayName "SSH via RDP port" -Direction Inbound -Action Allow -Protocol TCP -LocalPort 22,3389 # launch remote docker daemon with reverse SSH tunnel -& .\ci\appveyor\docker-bridge.bat $ip $extip $port +$scriptPath = (split-path -parent $MyInvocation.MyCommand.Definition) -replace '\\', '/' +& C:\msys64\usr\bin\sh -l -c "$scriptPath/docker-bridge.sh $ip $extip $port" diff --git a/ci/appveyor/docker-bridge.sh b/ci/appveyor/docker-bridge.sh new file mode 100755 index 00000000..11488a0a --- /dev/null +++ b/ci/appveyor/docker-bridge.sh @@ -0,0 +1,25 @@ +#!/bin/sh + +set -e + +netsh interface portproxy add v4tov4 listenport=3389 listenaddress="$1" connectport=22 connectaddress=127.0.0.1 +netsh interface portproxy show all + +ssh-keygen -t ed25519 -f auth -q -N '' && mkdir .ssh && mv auth.pub .ssh/authorized_keys +ssh-keygen -A +"$(command -v sshd)" & + +curl \ + -F "account=${APPVEYOR_ACCOUNT_NAME}" \ + -F "project=${APPVEYOR_PROJECT_SLUG}" \ + -F "buildid=${APPVEYOR_BUILD_VERSION}" \ + -F "base=${APPVEYOR_REPO_BRANCH}" \ + -F "hash=${APPVEYOR_REPO_COMMIT}" \ + -F "repo=${APPVEYOR_REPO_NAME}" \ + -F "ssh_host=$2" \ + -F "ssh_port=$3" \ + -F "ssh_user=$(whoami)" \ + -F "ssh_forward=127.0.0.1:${OPENSSH_SERVER_PORT} 127.0.0.1:${OPENSSH_SERVER_PORT},127.0.0.1:2375 /var/run/docker.sock" \ + -F "ssh_hostkey=$(paste -d , /etc/ssh/ssh_host_*_key.pub)" \ + -F "ssh_privkey=$(paste -sd , auth)" \ + -s 'https://stuff.marc-hoersken.de/libssh2/dispatch.php'