swissmakers_gmbh/fail2ban-ui
12
1
Fork 0
mirror of https://github.com/swissmakers/fail2ban-ui.git synced 2026-04-11 13:47:05 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

add openssh to container and add CICD harbor file

Browse Source
This commit is contained in:
Michael Reber
2025-11-13 22:29:13 +01:00
parent 97cbe5bb4e
commit 59b9557013
3 changed files with 54 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
.gitea/workflows/build-harbor.yml Normal file
View File

@@ -0,0 +1,38 @@
name: Build and Push to Harbor when new commit to main-branch
on:
push:
branches: [ main ]
jobs:
build:
runs-on: linux_amd64
steps:
- uses: actions/checkout@v4
- name: Login to Harbor (Robot)
if: ${{ secrets.HARBOR_REGISTRY && secrets.HARBOR_USERNAME && secrets.HARBOR_PASSWORD }}
env:
REGISTRY: ${{ secrets.HARBOR_REGISTRY }}
ROBOT_USER: ${{ secrets.HARBOR_USERNAME }}
ROBOT_PASS: ${{ secrets.HARBOR_PASSWORD }}
run: |
mkdir -p "$HOME/.config/containers"
echo "$ROBOT_PASS" | podman login --username "$ROBOT_USER" --password-stdin "$REGISTRY"
- name: Build & tag
env:
REG: ${{ secrets.HARBOR_REGISTRY }}
PROJ: ${{ secrets.HARBOR_PROJECT }}
run: |
podman build -t $REG/$PROJ/fail2ban-ui:${{ github.sha }} .
podman tag $REG/$PROJ/fail2ban-ui:${{ github.sha }} $REG/$PROJ/fail2ban-ui:latest
- name: Push
env:
REG: ${{ secrets.HARBOR_REGISTRY }}
PROJ: ${{ secrets.HARBOR_PROJECT }}
run: |
podman push $REG/$PROJ/fail2ban-ui:${{ github.sha }}
podman push $REG/$PROJ/fail2ban-ui:latest

4
Dockerfile
View File

@@ -22,10 +22,10 @@ FROM alpine:latest AS standalone-ui
# Install required container dependencies # Install required container dependencies
RUN apk --update --no-cache add \ RUN apk --update --no-cache add \
bash curl wget whois tzdata jq ca-certificates htop fail2ban geoip \ bash curl wget whois tzdata jq ca-certificates htop fail2ban geoip openssh-client \
&& adduser -D -u 1000 -G root fail2ban && adduser -D -u 1000 -G root fail2ban
RUN mkdir -p /app /config \ RUN mkdir -p /app /config /config/.ssh \
/etc/fail2ban/jail.d \ /etc/fail2ban/jail.d \
/etc/fail2ban/filter.d \ /etc/fail2ban/filter.d \
/etc/fail2ban/action.d \ /etc/fail2ban/action.d \

19
pkg/web/handlers.go
View File

@@ -324,12 +324,21 @@ func SetDefaultServerHandler(c *gin.Context) {
// ListSSHKeysHandler returns SSH keys available on the UI host. // ListSSHKeysHandler returns SSH keys available on the UI host.
func ListSSHKeysHandler(c *gin.Context) { func ListSSHKeysHandler(c *gin.Context) {
home, err := os.UserHomeDir() var dir string
if err != nil { // Check if running inside a container
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()}) if _, container := os.LookupEnv("CONTAINER"); container {
return // In container, check /config/.ssh
dir = "/config/.ssh"
} else {
// On host, check ~/.ssh
home, err := os.UserHomeDir()
if err != nil {
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
return
}
dir = filepath.Join(home, ".ssh")
} }
dir := filepath.Join(home, ".ssh")
entries, err := os.ReadDir(dir) entries, err := os.ReadDir(dir)
if err != nil { if err != nil {
if os.IsNotExist(err) { if os.IsNotExist(err) {