--- a/hgweb/hgweb.go Sun Mar 06 06:32:24 2022 -0600
+++ b/hgweb/hgweb.go Sun Mar 06 22:08:49 2022 -0600
@@ -13,6 +13,7 @@
"keep.imfreedom.org/grim/hgkeeper/access"
"keep.imfreedom.org/grim/hgkeeper/hg"
+ hgkHttp "keep.imfreedom.org/grim/hgkeeper/http" @@ -23,15 +24,20 @@
+ externalHostname string -func NewServer(listenAddr string, cacheSize int) (*Server, error) {
+func NewServer(listenAddr string, cacheSize int, externalHostname, externalPort string) (*Server, error) { + externalHostname: externalHostname, + externalPort: externalPort, @@ -110,6 +116,14 @@
fileServer := http.FileServer(http.Dir(staticPath))
mux := http.NewServeMux()
+ if s.externalHostname != "" { + mux.Handle("/ssh/authorized_keys", hgkHttp.AuthorizedKeysHandler(s.externalHostname, s.externalPort)) + log.Infof("added /ssh/authorized_keys endpoint with external hostname %s and export port %s", s.externalHostname, s.externalPort) + log.Infof("no external hostname specified, not adding /ssh/authorized_keys endpoint") mux.Handle("/static/", http.StripPrefix("/static", fileServer))
mux.Handle("/", &cgi.Handler{Path: s.cgiPath})
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/http/authorized_keys.go Sun Mar 06 22:08:49 2022 -0600
@@ -0,0 +1,46 @@
+ log "github.com/sirupsen/logrus" + "keep.imfreedom.org/grim/hgkeeper/access" +func AuthorizedKeysHandler(externalHostname, externalPort string) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + fp := r.URL.Query().Get("fp") + w.WriteHeader(http.StatusBadRequest) + fmt.Fprintf(w, "missing fp parameter") + pubkey, err := access.PubkeyFromFingerprint(fp) + w.WriteHeader(http.StatusNotFound) + fmt.Fprintf(w, "failed to find fingerprint %q", fp) + log.Errorf("failed to find fingerprint for %s: %v", fp, err) + "command=\"ssh -T %s -p %s $SSH_ORIGINAL_COMMAND\"", + w.WriteHeader(http.StatusOK) + fmt.Fprintf(w, fmt.Sprintf("%s %s", strings.Join(options, ","), pubkey)) --- a/serve/command.go Sun Mar 06 06:32:24 2022 -0600
+++ b/serve/command.go Sun Mar 06 22:08:49 2022 -0600
@@ -15,12 +15,14 @@
- SSHAddr string `kong:"flag,name='ssh-listen-addr',env='HGK_SSH_LISTEN_ADDR',short='l',help='what address to listen on',default=':22222'"`
- SSHHostKeysPath string `kong:"flag,name='ssh-host-keys-path',env='HGK_SSH_HOST_KEYS_PATH',short='H',help='the path where host keys are kept',default='host-keys'"`
- HTTPAddr string `kong:"flag,name='http-listen-addr',env='HGK_HTTP_LISTEN_ADDR',help='what address the http server listens on',default=':8080'"`
- CacheSize int `kong:"flag,name='cache-size',env='HGK_HTTP_CACHE_SIZE',help='number of pages to cache',default='1000'"`
- DisableSSH bool `kong:"flag,name='disable-ssh',env='HGK_DISABLE_SSH',help='disable the SSH server',default='false'"`
- DisableHTTP bool `kong:"flag,name='disable-http',env='HGK_DISABLE_HTTP',help='disable the HTTP server',default='false'"`
+ SSHAddr string `kong:"flag,name='ssh-listen-addr',env='HGK_SSH_LISTEN_ADDR',short='l',help='what address to listen on',default=':22222'"` + SSHHostKeysPath string `kong:"flag,name='ssh-host-keys-path',env='HGK_SSH_HOST_KEYS_PATH',short='H',help='the path where host keys are kept',default='host-keys'"` + HTTPAddr string `kong:"flag,name='http-listen-addr',env='HGK_HTTP_LISTEN_ADDR',help='what address the http server listens on',default=':8080'"` + CacheSize int `kong:"flag,name='cache-size',env='HGK_HTTP_CACHE_SIZE',help='number of pages to cache',default='1000'"` + DisableSSH bool `kong:"flag,name='disable-ssh',env='HGK_DISABLE_SSH',help='disable the SSH server',default='false'"` + DisableHTTP bool `kong:"flag,name='disable-http',env='HGK_DISABLE_HTTP',help='disable the HTTP server',default='false'"` + ExternalHostname string `kong:"flag,name='external-hostname',env='HGK_EXTERNAL_HOSTNAME',help='The external hostname of the hgkeeper instance. This is used to integrate with other ssh servers.'"` + ExternalPort string `kong:"flag,name='external-port',env='HGK_EXTERNAL_PORT',help='The external port of the hgkeeper instance. This is used to itegrate with other ssh servers.',default='22222'"` func (c *Command) Run(g *globals.Globals) error {
@@ -56,7 +58,7 @@
log.Info("HTTP server has been disabled")
- hgwebServer, err = hgweb.NewServer(c.HTTPAddr, c.CacheSize)
+ hgwebServer, err = hgweb.NewServer(c.HTTPAddr, c.CacheSize, c.ExternalHostname, c.ExternalPort)