summaryrefslogtreecommitdiff
path: root/examples/ROOT/img/services-network/sshd
diff options
context:
space:
mode:
Diffstat (limited to 'examples/ROOT/img/services-network/sshd')
-rw-r--r--examples/ROOT/img/services-network/sshd/README5
-rw-r--r--examples/ROOT/img/services-network/sshd/log/README1
-rwxr-xr-xexamples/ROOT/img/services-network/sshd/log/run4
-rw-r--r--examples/ROOT/img/services-network/sshd/rules/ip4/0.0.0.0_0/deny0
-rw-r--r--examples/ROOT/img/services-network/sshd/rules/ip4/127.0.0.1_32/allow0
-rwxr-xr-xexamples/ROOT/img/services-network/sshd/run6
6 files changed, 16 insertions, 0 deletions
diff --git a/examples/ROOT/img/services-network/sshd/README b/examples/ROOT/img/services-network/sshd/README
new file mode 100644
index 0000000..2d55a5e
--- /dev/null
+++ b/examples/ROOT/img/services-network/sshd/README
@@ -0,0 +1,5 @@
+Service directory for a sshd server over IPv4,
+implemented via s6-networking and dropbear.
+The rules subdirectory implements access control; in
+this example, only 127.0.0.1 is allowed to connect
+(which isn't exactly useful for a SSH server).
diff --git a/examples/ROOT/img/services-network/sshd/log/README b/examples/ROOT/img/services-network/sshd/log/README
new file mode 100644
index 0000000..392ede8
--- /dev/null
+++ b/examples/ROOT/img/services-network/sshd/log/README
@@ -0,0 +1 @@
+Logging service for sshd.
diff --git a/examples/ROOT/img/services-network/sshd/log/run b/examples/ROOT/img/services-network/sshd/log/run
new file mode 100755
index 0000000..9795581
--- /dev/null
+++ b/examples/ROOT/img/services-network/sshd/log/run
@@ -0,0 +1,4 @@
+#!/command/execlineb -P
+s6-setuidgid log
+exec -c
+s6-log -t s1000000 n20 /var/log/sshd
diff --git a/examples/ROOT/img/services-network/sshd/rules/ip4/0.0.0.0_0/deny b/examples/ROOT/img/services-network/sshd/rules/ip4/0.0.0.0_0/deny
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/examples/ROOT/img/services-network/sshd/rules/ip4/0.0.0.0_0/deny
diff --git a/examples/ROOT/img/services-network/sshd/rules/ip4/127.0.0.1_32/allow b/examples/ROOT/img/services-network/sshd/rules/ip4/127.0.0.1_32/allow
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/examples/ROOT/img/services-network/sshd/rules/ip4/127.0.0.1_32/allow
diff --git a/examples/ROOT/img/services-network/sshd/run b/examples/ROOT/img/services-network/sshd/run
new file mode 100755
index 0000000..45bc6a8
--- /dev/null
+++ b/examples/ROOT/img/services-network/sshd/run
@@ -0,0 +1,6 @@
+#!/command/execlineb -P
+fdmove -c 2 1
+s6-notifywhenup -f
+s6-tcpserver4 -1 -- 0.0.0.0 22
+s6-tcpserver-access -vvDRl0 -t 5000 -i rules
+dropbear -iEg
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-10 10:25:00 +0000