grim/hgkeeper

Added the ability to integrate a long running hgkeeper with openssh

2022-03-06, Gary Kramlich
4fdd9ead8875
Added the ability to integrate a long running hgkeeper with openssh

This added two new arguments to the server command, --external-hostname and
--external port.

These are used in the new `/ssh/authorized_keys` endpoint that will return the
appropriate authorized_keys format for the key whose finger print is passed in
in the fp query parameter.
package commands
import (
"fmt"
"path/filepath"
"github.com/gliderlabs/ssh"
log "github.com/sirupsen/logrus"
"keep.imfreedom.org/grim/hgkeeper/access"
"keep.imfreedom.org/grim/hgkeeper/hg"
)
type Init struct {
repoPath string
repoName string
}
func NewInit(reposPath, repoName string) *Init {
return &Init{
repoPath: filepath.Join(reposPath, repoName),
repoName: repoName,
}
}
func (i *Init) Run(session ssh.Session, username string) error {
if !access.CanInit(username, "/"+i.repoName) {
return fmt.Errorf("access denied")
}
if err := run(i.repoPath, username, hg.Init(i.repoPath), session); err != nil {
return err
}
log.Info("refreshing access control for new repo")
return access.Refresh()
}