erik/converge
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Updated deployment with username and password settings.

Browse Source 
index.html template now also uses the configured password.
This commit is contained in:
Erik Brakkee 2024-07-26 21:11:40 +02:00
parent 37bef8814c
commit b7f3de88bb
4 changed files with 18 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/converge/converge.go
View File

@ -81,11 +81,15 @@ func main() {
username, ok := os.LookupEnv("CONVERGE_USERNAME") username, ok := os.LookupEnv("CONVERGE_USERNAME")
if ok { if ok {
userPassword.Username = username userPassword.Username = username
} else {
os.Setenv("CONVERGE_USERNAME", userPassword.Username)
} }
password, ok := os.LookupEnv("CONVERGE_PASSWORD") password, ok := os.LookupEnv("CONVERGE_PASSWORD")
if ok { if ok {
userPassword.Password = password userPassword.Password = password
} else {
os.Setenv("CONVERGE_PASSWORD", userPassword.Password)
} }
log.Printf("Using username '%s' and password '%s'", userPassword.Username, userPassword.Password) log.Printf("Using username '%s' and password '%s'", userPassword.Username, userPassword.Password)

1
cmd/converge/fileserver.go
View File

@ -59,6 +59,7 @@ func (handler FileHandlerFilter) ServeHTTP(w http.ResponseWriter, r *http.Reques
// let the filehandler generate the rror // let the filehandler generate the rror
handler.fileHandler.ServeHTTP(w, r) handler.fileHandler.ServeHTTP(w, r)
} }
filters["username"], _ = os.LookupEnv("CONVERGE_USERNAME")
err = tmpl.Execute(w, filters) err = tmpl.Execute(w, filters)
if err != nil { if err != nil {
http.Error(w, err.Error(), http.StatusInternalServerError) http.Error(w, err.Error(), http.StatusInternalServerError)

6
kubernetes/deployment.yaml
View File

@ -21,5 +21,11 @@ spec:
name: converge name: converge
ports: ports:
- containerPort: 8000 - containerPort: 8000
env:
- name: CONVERGE_USERNAME
value: converge
- name: CONVERGE_PASSWORD
# change this password in your final deployment
value: "abc123"

13
static/index.html
View File

@ -117,8 +117,8 @@
</p> </p>
<pre> <pre>
ssh -oServerAliveInterval=10 -oProxyCommand="wsproxy ws{{.secure}}://{{.host}}/client/ID" abc@localhost ssh -oServerAliveInterval=10 -oProxyCommand="wsproxy ws{{.secure}}://{{.host}}/client/ID" {{ .username }}@localhost
sftp -oServerAliveInterval=10 -oProxyCommand="wsproxy ws{{.secure}}://{{.host}}/client/ID" abc@localhost sftp -oServerAliveInterval=10 -oProxyCommand="wsproxy ws{{.secure}}://{{.host}}/client/ID" {{ .username }}@localhost
</pre> </pre>
<h2>Local clients: using SSH with a local TCP forwarding proxy</h2> <h2>Local clients: using SSH with a local TCP forwarding proxy</h2>
@ -142,15 +142,16 @@
</p> </p>
<pre> <pre>
ssh -oServerAliveInterval=10 -p 10000 abc@localhost ssh -oServerAliveInterval=10 -p 10000 {{ .username }}@localhost
sftp -oServerAliveInterval=10 -oPort=10000 abc@localhost sftp -oServerAliveInterval=10 -oPort=10000 {{ .username }}@localhost
</pre> </pre>
<h2>Authentication</h2> <h2>Authentication</h2>
<p> <p>
The <code>abc</code> user above is defined by the Converge server and The <code>{{ .username }}</code> user above the Converge server and
communicated to the agent when the agent is started. communicated to the agent when the agent is started. This is the
username that must be used when setting up an ssh connection.
Another way to authenticate is through an .authorized_keys file in the Another way to authenticate is through an .authorized_keys file in the
same directory as where the agent is started. same directory as where the agent is started.