Tools/ShellHubNative
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

inital commit

Browse Source
This commit is contained in:
Bram Prieshof
2021-01-16 00:08:06 +01:00
commit 23bfefebf8
10 changed files with 365 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
Server/config/ServiceTemplates/ShellHubAPI.service Normal file
View File

@@ -0,0 +1,13 @@
[Unit]
Description=Shellhub API
Wants=network-online.target
[Service]
Type=simple
Environment=PRIVATE_KEY=/opt/ShellHub/keys/api_private_key
Environment=PUBLIC_KEY=/opt/ShellHub/keys/api_public_key
ExecStart=/opt/ShellHub/ShellHubAPI
Restart=on-failure
[Install]
WantedBy=multi-user.target

14
Server/config/ServiceTemplates/ShellHubSSH.service Normal file
View File

@@ -0,0 +1,14 @@
[Unit]
Description=Shellhub SSH
Wants=network-online.target
[Service]
Type=simple
Environment=PRIVATE_KEY=/opt/ShellHub/keys/ssh_private_key
Environment=SHELLHUB_HOSTED=false
Environment=RECORD_URL=127.0.0.1:8080
ExecStart=/opt/ShellHub/ShellHubSSH
Restart=on-failure
[Install]
WantedBy=multi-user.target

163
Server/config/openresty.conf Normal file
View File

@@ -0,0 +1,163 @@
user www-data;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
error_log /var/log/nginx/error.log;
client_body_temp_path /var/run/openresty/nginx-client-body;
proxy_temp_path /var/run/openresty/nginx-proxy;
fastcgi_temp_path /var/run/openresty/nginx-fastcgi;
uwsgi_temp_path /var/run/openresty/nginx-uwsgi;
scgi_temp_path /var/run/openresty/nginx-scgi;
sendfile on;
keepalive_timeout 65;
map $http_x_real_ip $x_real_ip {
default $http_x_real_ip;
"" $remote_addr;
}
server {
include /opt/ShellHub/nginx.var;
listen 80;
server_name _;
resolver 127.0.0.1 ipv6=off;
root /opt/ShellHub/ui;
location / {
add_header Cache-Control "no-cache, no-store";
add_header Pragma "no-cache";
index index.html index.htm;
try_files $uri $uri/ /index.html;
}
location /api {
auth_request /auth;
auth_request_set $tenant_id $upstream_http_x_tenant_id;
auth_request_set $username $upstream_http_x_username;
error_page 500 =401 /auth;
rewrite ^/api/(.*)$ /api/$1 break;
proxy_set_header X-Tenant-ID $tenant_id;
proxy_set_header X-Username $username;
proxy_pass http://127.0.0.1:8080;
}
location /ssh/connection {
auth_request /auth;
auth_request_set $device_uid $upstream_http_x_device_uid;
proxy_pass http://127.0.0.1:8081;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $x_real_ip;
proxy_set_header X-Device-UID $device_uid;
proxy_http_version 1.1;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
}
location /ssh/revdial {
proxy_pass http://127.0.0.1:8081;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $x_real_ip;
proxy_http_version 1.1;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
}
location /ssh/auth {
auth_request /auth;
auth_request_set $device_uid $upstream_http_x_device_uid;
error_page 500 =401 /auth;
proxy_pass http://127.0.0.1:8080;
proxy_set_header X-Device-UID $device_uid;
}
location ~* /api/sessions/(.*)/close {
auth_request /auth;
auth_request_set $tenant_id $upstream_http_x_tenant_id;
error_page 500 =401 /auth;
rewrite ^/api/(.*)$ /$1 break;
proxy_set_header X-Tenant-ID $tenant_id;
proxy_pass http://127.0.0.1:8081;
}
location /api/devices/auth {
auth_request off;
rewrite ^/api/(.*)$ /api/$1 break;
proxy_pass http://127.0.0.1:8080;
}
location /api/login {
auth_request off;
rewrite ^/api/(.*)$ /api/$1 break;
proxy_pass http://127.0.0.1:8080;
}
location /auth {
internal;
rewrite ^/(.*)$ /internal/$1 break;
proxy_pass http://127.0.0.1:8080;
}
location /ws {
proxy_pass http://ssh:8081;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Real-IP $x_real_ip;
proxy_http_version 1.1;
proxy_cache_bypass $http_upgrade;
proxy_redirect off;
}
location /info {
default_type application/json;
content_by_lua_block {
local host=ngx.var.http_host
local ssh_port=ngx.var.SHELLHUB_SSH_PORT
local version=ngx.var.SHELLHUB_VERSION
local json = require('cjson')
local data = {version=version, endpoints={api=host, ssh=host .. ":" .. ssh_port}}
ngx.say(json.encode(data))
}
}
location ~ ^/(install.sh|kickstart.sh)$ {
default_type "text/x-shellscript";
index nonexistingindex.htm;
content_by_lua_block {
local host=ngx.var.http_host
local scheme = ngx.var.http_x_forwarded_proto ~= '' and ngx.var.http_x_forwarded_proto or ngx.var.scheme
local tenant_id=ngx.var.arg_tenant_id
local keepalive_interval=ngx.var.arg_keepalive_interval
local preferred_hostname=ngx.var.arg_preferred_hostname
local version=ngx.var.SHELLHUB_VERSION
local template = require "resty.template"
template.render("kickstart.sh", {
scheme = scheme,
host = host,
tenant_id = tenant_id,
keepalive_interval = keepalive_interval,
preferred_hostname = preferred_hostname,
version = version
})
}
}
}
}