diff options
Diffstat (limited to 'internal')
| -rw-r--r-- | internal/config/config.go | 11 | ||||
| -rw-r--r-- | internal/sshd/sshd.go | 15 |
2 files changed, 18 insertions, 8 deletions
diff --git a/internal/config/config.go b/internal/config/config.go index 36f8625..2709277 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -18,6 +18,7 @@ const ( type ServerConfig struct { Listen string `yaml:"listen,omitempty"` + ProxyProtocol bool `yaml:"proxy_protocol,omitempty"` WebListen string `yaml:"web_listen,omitempty"` ConcurrentSessionsLimit int64 `yaml:"concurrent_sessions_limit,omitempty"` HostKeyFiles []string `yaml:"host_key_files,omitempty"` @@ -52,15 +53,15 @@ type Config struct { // The defaults to apply before parsing the config file(s). var ( DefaultConfig = Config{ - LogFile: "gitlab-shell.log", + LogFile: "gitlab-shell.log", LogFormat: "text", - Server: DefaultServerConfig, - User: "git", + Server: DefaultServerConfig, + User: "git", } DefaultServerConfig = ServerConfig{ - Listen: "[::]:22", - WebListen: "localhost:9122", + Listen: "[::]:22", + WebListen: "localhost:9122", ConcurrentSessionsLimit: 10, HostKeyFiles: []string{ "/run/secrets/ssh-hostkeys/ssh_host_rsa_key", diff --git a/internal/sshd/sshd.go b/internal/sshd/sshd.go index 74029b0..7bd81ff 100644 --- a/internal/sshd/sshd.go +++ b/internal/sshd/sshd.go @@ -10,17 +10,20 @@ import ( "strconv" "time" + log "github.com/sirupsen/logrus" + + "github.com/pires/go-proxyproto" "github.com/prometheus/client_golang/prometheus" "github.com/prometheus/client_golang/prometheus/promauto" - log "github.com/sirupsen/logrus" + "golang.org/x/crypto/ssh" + "golang.org/x/sync/semaphore" + "gitlab.com/gitlab-org/gitlab-shell/internal/command" "gitlab.com/gitlab-org/gitlab-shell/internal/command/commandargs" "gitlab.com/gitlab-org/gitlab-shell/internal/command/readwriter" "gitlab.com/gitlab-org/gitlab-shell/internal/config" "gitlab.com/gitlab-org/gitlab-shell/internal/gitlabnet/authorizedkeys" "gitlab.com/gitlab-org/gitlab-shell/internal/sshenv" - "golang.org/x/crypto/ssh" - "golang.org/x/sync/semaphore" ) const ( @@ -73,6 +76,12 @@ func Run(cfg *config.Config) error { if err != nil { return fmt.Errorf("failed to listen for connection: %w", err) } + if cfg.Server.ProxyProtocol { + sshListener = &proxyproto.Listener{Listener: sshListener} + + log.Info("Proxy protocol is enabled") + } + defer sshListener.Close() log.Infof("Listening on %v", sshListener.Addr().String()) |